Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
offcircle
JavaScript Generative Art
A recreation of the Matplotlib Ellipse Demo in JavaScript
Installation
npm install offcircle
API
The offCircle function operates on the Canvas API (node & browser).
ctx= 2D canvas context to render onellipseCount= Number of ellipses to render on the canvas (defaults to 120)
returns Void
offCircle(ctx,ellipseCount)
Usage
Node
import fs from 'fs'
import path from 'path'
import Canvas from 'canvas'
import offCircle from 'offcircle'
// or common js
var fs = require('fs')
var path = require('path')
var Canvas = require('canvas')
var offCircle = require('offcircle')
var canvas = Canvas.createCanvas(500, 500)
var ctx = canvas.getContext('2d')
offCircle(ctx, 120)
var out = fs.createWriteStream(path.join(__dirname, '/example.png'))
var stream = canvas.createPNGStream()
stream.on('data', function (chunk) {
out.write(chunk)
})
Web (React)
import React, { useEffect } from 'react';
import './App.css';
import offCircle from "offcircle";
function App() {
const canvasRef = React.useRef(null);
useEffect(()=> {
const canvas = canvasRef.current
const ctx = canvas.getContext('2d')
offCircle(ctx,1000)
})
return (
<div className="App">
<canvas
ref={canvasRef}
width={window.innerWidth}
height={window.innerHeight}
/>
</div>
);
}
export default App;
License
MIT
Original Matplotlib Python Demo
FAQs
Recreation of Matplotlib ellipse demo
We found that offcircle demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Apr 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026