Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
tooltipper
Advanced tools
Readme
A lightweight (1kB) JavaScript library for implementing tooltips.
Install via NPM:
npm i -S tooltipper
Install via CDN:
<script type="module" src="https://unpkg.com/tooltipper@1/tooltipper.min.mjs"></script>
<script defer src="https://unpkg.com/tooltipper@1/tooltipper.min.js"></script>
Create tooltips using the tooltip
attribute:
<a href="#" tooltip="Edit file">
<svg />
</a>
Create tooltips by adding the tooltip
attribute to an element with an aria-label
attribute:
<a href="#" aria-label="Edit file" tooltip>
<svg />
</a>
Please note that tooltipper is an unopinionated library. All we aim to do is create, track, and remove custom
<tool-tip>
elements within the DOM. You are responsible for providing the CSS.
Click here to view the example.
tool-tip {
background-color: #424242;
color: #fff;
border-radius: 0.125rem;
line-height: 24px;
height: 24px;
white-space: nowrap;
padding: 0 0.5rem;
font-size: 0.75rem;
font-weight: 600;
box-shadow: 0 4px 6px -1px rgba(0, 0, 0, 0.1), 0 2px 4px -1px rgba(0, 0, 0, 0.06);
pointer-events: none;
transform-origin: center;
/* The visible class is applied once the tool-tip element as been appended to the body & positioned correctly */
&.visible {
animation: limitedTooltip 1725ms 150ms linear forwards;
}
}
@keyframes limitedTooltip {
0% {
opacity: 1;
}
4% {
opacity: 1;
}
96% {
opacity: 1;
}
100% {
opacity: 0;
animation-timing-function: ease-in-out;
}
}
FAQs
A lightweight JavaScript library for implementing tooltips.
The npm package tooltipper receives a total of 22 weekly downloads. As such, tooltipper popularity was classified as not popular.
We found that tooltipper demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.