Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Tiny, easy to use tool to show toast-like notifications on the web page.
Install package from npm
yarn add toast-me
# or
npm install toast-me
import toast from 'toast-me';
toast('My message');
toast('My message', { duration: 3000, toastClass: 'my-toast-class' /* ... */ });
toast(
'My message',
{ duration: 1000 },
{
label: 'Confirm',
action: () => alert('Cool!'),
class: 'my-custom-class', // optional
},
);
toast(
'My message',
null,
{
label: 'Confirm',
action: () => alert('Cool!'),
},
);
toast(message, [options, [action]]);
Function accepts three arguments:
message
- message to show in toast,options
- toast customization options,action
- some action button options.Returns instance of ToastMeClass. You can learn method of it here
Accepts string
, any message to put in toast.
Text shown in one line, no wraps allowed.
Overflowed text will be hidden with ellipsis.
Complete text shown on hover with the title
attribute on toast node.
Optional - Accepts object
with any allowed fields, or string
as a name of options preset, or null
.
If you don't need to set options, but need to pass an action - pass null
instead options.
Default options preset (all available options with their default values):
{
position: 'top',
toastClass: '',
removedToastClass: '',
closeable: true,
timeoutOnRemove: 1000,
duration: 5000,
}
position
- string, one of "top"
"bottom"
. Default "top"
.toastClass
- string, CSS class name for toast node, can be used for custom toast styling.
Default ""
- empty stringcloseable
- boolean, enables/hides "close" button on toast. Default true
timeoutOnRemove
- number, time in ms, till node should be removed from DOM after toast hides.
Can be useful when you change hide animation by CSS and set new animation duration.
To avoid element disappearing until animation ends set this option to larger or equal
value than animation duration. Default 1000
duration
- number, time in ms, how long should toast be shown. Default 5000
default
- all default options,error
- everything default, except background color - #D40D00
Optional - Accepts object with three fields:
label
- string, text to put in button.action
- callback function - to be called on button click.class
- string, CSS class for button node.Has methods:
close()
- Closes current toast.startTimer()
- Starts/restarts timer with timeout, set in options object on toast create.stopTimer()
- Stops timer, the toast won't disappear. After calling this
you should handle toast's behavior by yourself
(i.e. with close()
method).import toast from 'toast-me';
const message = toast('Something');
// ...
message.stopTimer();
// ...
message.close();
Has static methods:
removeAll(position)
- Closes all toasts in that position. Accepts one argument
position
, default "top"
(described in options section)import { ToastMeClass } from 'toast-me';
ToastMeClass.removeAll('bottom');
#Contributing
You will need node.js and preferred to have yarn to run the project.
Copy project to your local folder and then run in project's root folder next command to load dependencies:
yarn
When you load all dependencies, you able to run several commands:
yarn build
- produces production pack of library under the lib
folderyarn run-dev
- produces development version of your library, runs file watcher
and http server on http://localhost:3005yarn watch
- produces development version of your library, runs a file watcheryarn test
- runs the testsRoot folder
dev/
- Folder, containing development environment files. This folder is
published with yarn run-dev
command. toast-me.js
and taos-me.js.map
files inside are generated by webpack watcher from /src
folder. You are
able to change files in both folders and they are to be reloaded in browser.lib/
- The place production pack will be located after build. Usually you won't
need it, until you wan't to compile library by yourself and insert in your
project manuallyscripts/
- Node.js executable scripts' folder, such as dev-server.js
or test.js
.
config/
- Configuration files' folder.src/
- Here is the code of library itself.FAQs
Creates toast messages
The npm package toast-me receives a total of 305 weekly downloads. As such, toast-me popularity was classified as not popular.
We found that toast-me demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.