
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
react-konva-utils
Advanced tools
Html
components allows you to create DOM components inside Konva stage. All DOM components will be placed over canvas content.
import { Html } from 'react-konva-utils';
<Html
transform // should we apply position transform automatically to DOM container, default is true
transformFunc={(transformAttrs) => newAttrs} // function to overwrite transformation attributes, not used if transform = false, default is undefined
groupProps={{}} // additional properties to the group wrapper, useful for some position offset
divProps={{}} // additional props for wrapped div elements, useful for styles
parentNodeFunc={(args) => args.stage?.container()} // function to find parent node to insert content, default is stage container
>
<div>DOM content</div>
</Html>;
Konva is a canvas library. It can't render DOM elements directly. <Html>
component will just create a div element and put it top top of the canvas with absolute positioning. That means HTML will be not visible if you export canvas as image.
The most common use case is to create HTML content for temporary tooltips or textareas.
Portal
allows you to create portal from one Konva container (such as Layer
or Group
) into another.
import { Portal } from 'react-konva-utils';
<Layer>
<Portal selector=".top">
{/* content of that portal will be moved into "top" group*/}
<Rect width={100} height={100} fill="red" draggable />
</Portal>
<Rect width={100} height={100} fill="black" draggable />
<Group name="top" />
</Layer>;
FAQs
Useful components and hooks for react-konva
The npm package react-konva-utils receives a total of 82,466 weekly downloads. As such, react-konva-utils popularity was classified as popular.
We found that react-konva-utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.