Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A client-side library to make absolutely positioned elements attach to elements in the page efficiently.
The 'tether' npm package is a JavaScript library for efficiently positioning elements on a web page. It allows you to attach elements to other elements, ensuring that they stay in the correct position even when the page is scrolled or resized.
Basic Tethering
This feature allows you to attach an element (e.g., a tooltip) to another element (e.g., a button). The 'attachment' and 'targetAttachment' properties define how the elements are positioned relative to each other.
const Tether = require('tether');
const tether = new Tether({
element: document.querySelector('#tooltip'),
target: document.querySelector('#button'),
attachment: 'top left',
targetAttachment: 'bottom left'
});
Constraints
This feature allows you to add constraints to the tethered element, ensuring it stays within the bounds of a specified container (e.g., the window). The 'constraints' property takes an array of constraint objects.
const Tether = require('tether');
const tether = new Tether({
element: document.querySelector('#tooltip'),
target: document.querySelector('#button'),
attachment: 'top left',
targetAttachment: 'bottom left',
constraints: [{
to: 'window',
attachment: 'together'
}]
});
Offset
This feature allows you to specify an offset for the tethered element. The 'offset' property takes a string with the horizontal and vertical offsets.
const Tether = require('tether');
const tether = new Tether({
element: document.querySelector('#tooltip'),
target: document.querySelector('#button'),
attachment: 'top left',
targetAttachment: 'bottom left',
offset: '10px 20px'
});
Popper.js is a library used to manage poppers in web applications. It provides more advanced positioning capabilities compared to Tether, including support for flipping, boundaries, and more complex positioning strategies.
Position.js is a lightweight library for positioning elements relative to other elements. It offers basic positioning functionalities similar to Tether but with a simpler API and fewer features.
Floating UI is a library for creating floating elements such as tooltips, popovers, and dropdowns. It offers a comprehensive set of features for positioning and managing floating elements, making it a more feature-rich alternative to Tether.
We at HubSpot have been thrilled by Tether's success! However, the demands of maintaining such a complex project have outstripped our willingness and ability to do so effectively, as a quick glance at the issue tracker will tell you.
If you're a developer and you're looking for an alternative to Tether, check out Popper.js. Its maintainers have put a ton of work into it, and it's constantly getting better.
If you're with an organization would like to take ownership of Tether, reach out to us! We'd be happy to see this project in the hands of a team that can give it the love it deserves.
Tether is a small, focused JavaScript library for defining and managing the position of user interface (UI) elements in relation to one another on a web page. It is a tool for web developers building features that require certain UI elements to be precisely positioned based on the location of another UI element.
There are often situations in UI development where elements need to be attached to other elements, but placing them right next to each other in the DOM tree can be problematic based on the context. For example, what happens if the element we’re attaching other elements to is fixed to the center of the screen? Or what if the element is inside a scrollable container? How can we prevent the attached element from being clipped as it disappears from view while a user is scrolling? Tether can solve all of these problems and more.
Some common UI elements that have been built with Tether are tooltips, select menus, dropdown menus, and guided tours. Tether is flexible and can be used to solve all kinds of interesting problems; it ensures UI elements stay where they need to be, based on the various user interactions (click, scroll, etc) and layout contexts (fixed positioning, inside scrollable containers, etc).
Please have a look at the documentation for a more detailed explanation of why you might need Tether for your next project.
Tether is a small, focused JavaScript library. For those who might be new to JavaScript, a library is simply a JavaScript file (or files) that contain useful JavaScript code to help achieve tasks easier and faster. Since Tether is a JavaScript user interface (UI) library, it contains code to help you to manage the way your website or web app appears.
Tether’s goal to is to help you position your elements side-by-side when needed.
Let’s say you’ve started working on your dream project—a fancy web app that’s sure to become the next big thing! An important feature of your new app is to allow users to comment on shared photos. However, due to limited vertical space and the overall layout of your new app, you’d like to display the comments next to the image, similar to how Instagram does it.
Your HTML code might look something like this:
<div class="container">
<img src="awesome-picture.jpg" alt="Awesome Picture" class="picture">
<div class="comments">
...
</div>
</div>
Now, you could achieve this with some CSS using its position
property, but going this route can be problematic since many of position
’s values take elements out of the natural DOM flow. For example, if you have an element at the bottom of your HTML document, using position: absolute
or position: fixed
might could move it all the way to the top of your website in the browser.
Not only that, but you also have to make manual adjustments to ensure other elements aren’t negatively affected by the positioned elements. Not to mention, you probably want your comment box to be responsive, and look good across different device sizes. Coding a solution for this manually is a challenge all on its own.
Enter Tether!
After installing Tether and including it in your project, you can begin using it!
In your JavaScript file, create a new instance (or constructor function) of the Tether
object:
new Tether({});
Within the curly braces ({}
) you can configure the library’s options. Tether’s extensive list of options can be found in the Tether documentation.
new Tether({
element: '.comments',
target: '.picture',
attachment: 'top right',
targetAttachment: 'top left'
});
Now you have a perfectly placed comment section to go with your awesome picture! It’ll even stay attached to the element when a user resizes their browser window.
There are tons of other useful features of Tether as well, instead of “comment boxes” you could also build:
npm
$ npm install tether
bower
$ bower install tether
download
Or just download from the releases.
You only need to include tether.min.js in your page:
<script src="path/to/dist/js/tether.min.js"></script>
Or just use a CDN:
<script src="//cdnjs.cloudflare.com/ajax/libs/tether/1.4.4/js/tether.min.js"></script>
The css files in the dist/css folder are not required to get tether running.
For more details jump straight in to the detailed Usage page.
We encourage contributions of all kinds. If you would like to contribute in some way, please review our guidelines for contributing.
Copyright © 2014-2017 HubSpot - MIT License
FAQs
A client-side library to make absolutely positioned elements attach to elements in the page efficiently.
The npm package tether receives a total of 200,101 weekly downloads. As such, tether popularity was classified as popular.
We found that tether demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.