
Security News
/Research
Wallet-Draining npm Package Impersonates Nodemailer to Hijack Crypto Transactions
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
vigour-orientation
Advanced tools
Observe device orientation
Add "orientation": "git+ssh://git@github.com:vigour-io/orientation.git#master"
to the dependencies in your app's pakage.json, then run npm update orientation
Coming soon: npm i vigour-orientation
The plugin will observe device orientation changes and can also be used to force the device to use a specific orientation. Orientation can also be locked.
By default if the orientation is set by the JS side (eg: or.val = 'landscape'
) the plugin will also lock the orientation preventing any other change to it.
// once required the plugin will execute the initialisation and receive
// back the current orientation.
var or = require('vigour-orientation')
// we can then listen for changes
or.on(() => {
if (this.val === 'landscape') console.log('Hey I\'m landscape')
if (this.val === 'portrait') console.log('Hey I\'m portrait')
})
// the plugin with a value or set the value later
// in either cases value changes will set 'or.locked.val' to true
// we can listen for changes on 'locked'
or.val = 'landscape'
// we can listens for orientation locks
or.locked.on((data) => {
if (data === true) console.log('Hey I\'m locked')
else if (data === true) console.log('Hey I\'m unlocked')
})
// and we can lock it
or.locked.val = true
// or unlock it
or.locked.val = false
See tests for more use cases.
The plugin at startup will fire the init
command expecting in return the current orientation as a String which can be portrait
or landscape
.
orientation
is fired with the desidered orientation passed as String parameter which can be portrait
or landscape
change
command when the orientation changes passing the current orientation as String which can be portrait
or landscape
Locks can be used to prevent orientation changes to happen automatically when the device turns. In order to do that the JS side can request locks and remove them using the methods:
change
events shouldn't be fired from nativechange
events againFAQs
Observe device orientation
We found that vigour-orientation demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.