
Research
/Security News
Malicious npm Packages Target WhatsApp Developers with Remote Kill Switch
Two npm packages masquerading as WhatsApp developer libraries include a kill switch that deletes all files if the phone number isn’t whitelisted.
vega-canvas
Advanced tools
Canvas and Image object instantiation utilities. Creates an HTML5 Canvas, using either the web browser DOM or a node-canvas library.
This package attempts three forms of canvas creation, in this order:
null
.To ensure error-free build processes for client-side code, this module does not include any direct or optional dependencies on the node-canvas library. Projects that use this pacakge and require canvas support for server-side (node.js) operations must include a canvas dependency in their own package.json
file.
# vega.canvas([width, height, type]) <>
Creates a new Canvas instance, with an optional width and height (in pixels). If width and height are omitted, creates a 0 x 0 canvas. The optional type parameter is a node-canvas type parameter to enable PDF or SVG output modes; this parameter is applied only if node-canvas is used. This method first attempts to create a canvas using the DOM document.createElement
method. If that fails, the method then attempts to instantiate a canvas using the node-canvas library. If that also fails, returns null
.
# vega.domCanvas([width, height]) <>
Creates a new Canvas instance, with an optional width and height (in pixels). If width and height are omitted, creates a 0 x 0 canvas. This method first attempts to create a canvas using the DOM document.createElement
method. If that fails, returns null
.
# vega.nodeCanvas([width, height, type]) <>
Creates a new Canvas instance, with an optional width and height (in pixels). If width and height are omitted, creates a 0 x 0 canvas. The optional type parameter is a node-canvas type parameter to enable PDF or SVG output modes. This method attempts to instantiate a canvas using using the node-canvas library. If that fails, returns null
. This method is not exported in browser-only builds.
Returns a reference to the Image constructor. In a web browser environment, simply returns the built-in Image
object. Otherwise, attempts to return the Image
instance exported by a node canvas library. If all attempts to find a canvas library fail, returns null
.
FAQs
Canvas and Image utilities.
The npm package vega-canvas receives a total of 163,647 weekly downloads. As such, vega-canvas popularity was classified as popular.
We found that vega-canvas demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Two npm packages masquerading as WhatsApp developer libraries include a kill switch that deletes all files if the phone number isn’t whitelisted.
Research
/Security News
Socket uncovered 11 malicious Go packages using obfuscated loaders to fetch and execute second-stage payloads via C2 domains.
Security News
TC39 advances 11 JavaScript proposals, with two moving to Stage 4, bringing better math, binary APIs, and more features one step closer to the ECMAScript spec.