![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
viz.js
Advanced tools
Readme
This project is a Makefile for building Graphviz with Emscripten and a simple wrapper for using it in the browser.
Install with Bower:
bower install viz.js
Or with npm:
npm install viz.js
Or download the viz.js
"binary" from the releases page.
A smaller version of Viz.js can be downloaded from the releases page and is available in the Bower package. viz-lite.js
omits Expat and the NEATO layout plugin.
src
is a string representing the graph to render in the DOT language.options
format
sets the output format, and may be one of "svg"
, "xdot"
, "plain"
, "ps"
, "json"
, or "png-image-element"
.engine
sets the Graphviz engine to use, and may be one of "circo"
, "dot"
, "neato"
, "osage"
, or "twopi"
.scale
sets the scale factor for the "png-image-element"
format. If this is not specified, window.devicePixelRatio
will be used if available, and 1
if not.totalMemory
sets the total memory available for the Emscripten module instance. This should be a power of 2. The default of 16MB should be sufficient for most cases — only consider using a larger number if you run into the error "Cannot enlarge memory arrays".Parses src
and renders a graph according to the options
given. Output is a string, except when using the "png-image-element" format, when it is returned as an instance of HTMLImageElement.
For example:
result = Viz("digraph { a -> b; }");
result = Viz("digraph { a -> b; }", { format: "png-image-element", scale: 2 });
result = Viz("graph { n0 -- n1 -- n2 -- n3 -- n0; }", { engine: "neato" });
result = Viz("digraph { x -> y -> z; }", { format: "plain" });
If Graphviz encounters an error, Viz will throw an Error
object with the error message.
svgXml
is an SVG XML string, as may be obtained from the Viz
function using the "svg"
format option.scale
sets the scale factor for the output. If this is not specified, window.devicePixelRatio
will be used if available, and 1
if not.callback
is an optional Node-style callback. If specified, it is given two arguments, (err, image)
. If not specified, Viz.svgXmlToPngImageElement
returns an instance of HTMLImageElement.Converts svgXml
to a PNG HTMLImageElement. If callback
is specfied, image
is loaded by the time the callback is invoked.
svgXml
is an SVG XML string, as may be obtained from the Viz
function using the "svg"
format option.scale
sets the scale factor for the output. If this is given as undefined
, window.devicePixelRatio
will be used if available, and 1
if not.callback
is a Node-style callback. It is given two arguments, (err, data)
.Converts svgXml
to a PNG represented as a Base64 string. This function requires a callback, unlike svgXmlToPngImageElement
.
These engines are supported:
These formats are supported:
Viz.js provides the "png-image-element"
format in addition to the regular Graphviz formats. This returns an HTMLImageElement
which can be inserted into the document.
image = Viz("digraph g { a -> b; }", { format: "png-image-element" });
document.body.appendChild(image);
However, this won't work in a Web Worker context. In that case, ask for the "svg"
format in the worker and convert using the accessory function Viz.svgXmlToPngImageElement
in the window context. See tests/png.js for an example.
Internet Explorer 10 and 11 require Fabric.js as an optional dependency for PNG output. Viz.js will look for a fabric
object as a member of the global object with a loadSVGFromString()
function and use that if present.
To build from source, you will need to install the Emscripten SDK.
To download the sources and build everything:
make
If you find Viz.js useful, please consider a donation. Thank you!
FAQs
Unknown package
The npm package viz.js receives a total of 47,949 weekly downloads. As such, viz.js popularity was classified as popular.
We found that viz.js demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.