Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
vanilla-back-to-top
Advanced tools
Configurable zero dependency Back To Top button.
Ideal for pre-rendered blogs with no frameworks, e.g., Hexo.
Add this to your HTML:
<script src="https://unpkg.com/vanilla-back-to-top@1.0.3/dist/index.js"></script>
<script>addBackToTop({})</script>
Optionally customise CSS of the button using #back-to-top
selector, e.g.:
#back-to-top a {
text-indent: -9999px;
background-image: url(back-to-top.png)
}
@media screen and (max-width: 479px) {
#back-to-top {
right: 10px;
bottom: 10px;
}
}
addBackToTop
function accepts many options, e.g.:
addBackToTop({
id: 'back-to-top',
showWhenScrollTopIs: 300,
innerElement: document.createTextNode('Up'),
size: 50,
fontSize: 14,
cornerOffset: 20,
backgroundColor: '#000',
textColor: '#fff',
zIndex: 1,
scrollContainer: document.documentElement
})
^ All these are also default values.
id
- id attribute of the buttonshowWhenScrollTopIs
- show the button when page got scrolled by this number of pixelsinnerElement
- DOM element to put inside the button; with jQuery you can put something like this: $('<svg>...</svg>').get(0)
size
- width and height of the button in pixelsfontSize
- font size of the text inside the buttoncornerOffset
- right and bottom offset of the button relative to viewportbackgroundColor
- background color of the buttontextColor
- text color of the buttonzIndex
- z-index of the buttonscrollContainer
- if only part of your website gets scrolled, e.g., when your sidebar never scrolls with content, put the scrolled DOM element hereFAQs
Simple and tiny Back To Top button with no dependencies. Hides when on top, scrolls up smoothly when clicked. Works equally great with Vue, React, Angular and without frameworks on Jekyll, Hugo and Hexo
The npm package vanilla-back-to-top receives a total of 858 weekly downloads. As such, vanilla-back-to-top popularity was classified as not popular.
We found that vanilla-back-to-top demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.