Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A lightweight, smooth scrolling javascript library without any dependency.
Using NPM
npm install moveTo --save
Using Yarn
yarn add moveTo
Using Bower
bower install moveTo --save
const moveTo = new MoveTo();
const target = document.getElementById('target');
moveTo.move(target);
// or register a trigger
const trigger = document.getElementsByClassName('js-trigger')[0];
moveTo.registerTrigger(trigger);
Trigger HTML markup
You can pass all options as data attributes with
mt
prefix. Option name should be written in kebab case format.
<a href="#target" class="js-trigger" data-mt-duration="300">Trigger</a>
<!-- or -->
<button type="button" class="js-trigger" data-target="#target" data-mt-duration="300">Trigger</button>
The default options are as follows:
new MoveTo({
tolerance: 0,
duration: 800,
easing: 'easeOutQuart'
})
Option | Default | Desctiption |
---|---|---|
tolerance | 0 | The tolerance of the target to be scrolled, can be negative or positive. |
duration | 800 | Duration of scrolling, in milliseconds. |
easing | easeOutQuart | Ease function name |
callback | noop | The function to be run after scrolling complete. Target passes as the first argument |
Scrolls to target
Type: HTMLElement|Number
Target element/position to be scrolled. Target position is the distance to the top of the page
Type: Object
Pass custom options
Type: HTMLElement
This is the trigger element for starting to scroll when on click.
This is the callback function to be run after the scroll complete. This will overwrite the callback option.
Adds custom ease function
Type: String
Ease function name
Type: Function
Ease function. See http://gizma.com/easing/ for more ease function.
document.addEventListener('DOMContentLoaded', function(){
const easeFunctions = {
easeInQuad: function (t, b, c, d) {
t /= d;
return c * t * t + b;
},
easeOutQuad: function (t, b, c, d) {
t /= d;
return -c * t* (t - 2) + b;
}
}
const moveTo = new MoveTo({
duration: 1000,
easing: 'easeInQuad'
}, easeFunctions);
const trigger = document.getElementsByClassName('js-trigger')[0];
moveTo.registerTrigger(trigger);
});
document.addEventListener('DOMContentLoaded', function(){
const moveTo = new MoveTo({
duration: 1000,
callback: function(target) {
// This will run if there is no overwrite
}
});
const trigger = document.getElementsByClassName('js-trigger')[0];
moveTo.registerTrigger(trigger, function(target) {
// overwrites global callback
});
// or
moveTo.move(1200, {
duration: 500,
callback: function() {
// overwrites global callback
}
});
});
# To install dev dependencies run:
yarn
# or
npm install
# To start the development server run:
gulp serve
# To lint your code run:
gulp scripts:lint
# To make a full new build run:
gulp build
# To run tests
yarn test
# or
npm test
It should work in the current stable releases of Chrome, Firefox, Safari as well as IE10 and up. To add support for older browsers, consider including polyfills/shims for the requestAnimationFrame.
Copyright (c) 2017 Hasan Aydoğdu. See the LICENSE file for license rights and limitations (MIT).
FAQs
A lightweight scroll animation javascript library without any dependency.
The npm package moveto receives a total of 3,023 weekly downloads. As such, moveto popularity was classified as popular.
We found that moveto demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.