Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
svg-path-sdf
Advanced tools
Create signed distance field for an svg path data.
let pathSdf = require('svg-path-sdf')
let arr = pathSdf('M40,0A40,40 0 1,1 0,-40A40,40 0 0,1 40,0Z', {
width: 200,
height: 200
})
arr
has 200×200
elements with value from 0..1
range, corresponding to distance. The path is drawn at the center of the sdf fitting to the minimum side.
Option | Meaning |
---|---|
width ,w , height ,h or shape | Output sdf size in px, defaults to 200×200 . |
cutoff , radius | SDF parameters for bitmap-sdf, by default detected from shape to fit min side. |
viewBox | View box for the path data. If not defined, it is detected as path bounds via svg-path-bounds. |
stroke | Whether to stroke shape. Positive number will stroke outside the amount of pixels, negative number will stroke inside, 0 -ish will disable stroke. |
(c) 2017 Dima Yv. MIT License
Development supported by plot.ly.
FAQs
Get signed distance field for a svg path
The npm package svg-path-sdf receives a total of 125,657 weekly downloads. As such, svg-path-sdf popularity was classified as popular.
We found that svg-path-sdf demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.