Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
= Prawn: Fast, Nimble PDF Generation For Ruby
Prawn is a PDF writing library for Ruby designed to be tiny, fast, and nimble, just like the majestic sea creature.
Development on this library was initially made possible thanks to the many people who donated to the Ruby Mendicant project: http://rubymendicant.wikidot.com
The project is currently maintained by Gregory Brown, with lots of help from Prawn's core developers and the community.
== Quick Start
Getting started with Prawn can be as simple as:
require 'prawn' pdf = Prawn::Document.new pdf.text("Prawn Rocks") pdf.render_file('prawn.pdf')
But prawn can do a lot more:
===Any page size you can think of
Prawn::Document.new('A0')
...gives you an really big page.
Prawn::Document.new(:page_size => [11.32, 8.49], :page_layout => :portrait)
...giving you a postage stamp.
{Learn more}[link:classes/Prawn/Document.html]
===Multiple Font Handling with UTF-8 Support
pdf.text("Prawn Rocks") pdf.font("/myfont.ttf") pdf.text("Prawn still rocks in a different font")
...allowing you to use any font you want.
{Learn more}[link:classes/Prawn/Font.html]
===Drawing graphics directly into the page
Simple shapes:
pdf.stroke do pdf.circle_at [100,100], :radius => 25 pdf.rectangle [300,300], 100, 200 end
(note, you need to stroke the path to put "ink" there)
{Learn more}[link:classes/Prawn/Graphics.html]
===Embedding JPEG and PNG Images Natively
Reading an image directly from a file:
prawn_logo = "#{Prawn::BASEDIR}/data/images/prawn_logo.png" pdf.image prawn_logo, :at => [50,450], :width => 450
Or reading it from an IO stream:
require "open-uri" pdf.image open("http://prawn.majesticseacreature.com/media/prawn_logo.png")
{Learn more}[link:classes/Prawn/Images.html]
===Measurement Conversion Tools for Your Sanity
Prawn deals exclusively in PDF points... which work out to about 2.83464567mm... don't try and do it in your head, instead, let Prawn help you:
require "prawn/measurement_extensions"
Prawn::Document.generate(:page_layout => :portrait, :left_margin => 10.mm, # different :right_margin => 1.cm, # units :top_margin => 0.1.dm, # work :bottom_margin => 0.01.m, # well :page_size => 'A4') do text "Prawn Rocks" end
{Learn more}[link:classes/Prawn/Measurements.html]
== Resources
=== Website:
http://prawn.majesticseacreature.com
=== Examples:
http://github.com/sandal/prawn/tree/stable/examples
For tables and grid based layout:
http://github.com/sandal/prawn-layout/tree/stable/examples
For encryption, password protection, and permissions:
http://github.com/madriska/prawn-security/tree/stable/examples
(or gem unpack prawn-core, prawn-security and prawn-layout if you want to run them locally)
=== Bug Tracker / Wiki:
http://github.com/sandal/prawn/issues http://github.com/sandal/prawn-layout/issues http://github.com/madriska/prawn-security/issues
=== Source Code:
http://github.com/sandal/prawn http://github.com/sandal/prawn-layout http://github.com/madriska/prawn-security
=== Mailing List:
http://groups.google.com/group/prawn-ruby
=== IRC:
Find us in #prawn on irc.freenode.net
Gregory Brown:
James Healy:
Brad Ediger:
Daniel Nelson:
== Notes to Developers:
See HACKING file for details on getting set up with a local build.
FAQs
Unknown package
We found that prawn-core demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.