Package Health Score

85 / 100

security
No known security issues
popularity
Influential project
maintenance
Healthy
community
Sustainable

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
4.2.0	\|	03/2024		0 C 0 H 0 M 0 L	0 H 0 M 0 L
4.1.7	\|	11/2023		0 C 0 H 0 M 0 L	0 H 0 M 0 L
2.3.2	\|	09/2017	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
1.6.0	\|	03/2017		0 C 0 H 0 M 0 L	0 H 0 M 0 L
1.5.3	\|	02/2016		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Influential project

Weekly Downloads (431,724)

GitHub Stars: 10.08K
Forks: 2.05K
Contributors: 50

Direct Usage Popularity

The npm package signature_pad receives a total of 431,724 downloads a week. As such, we scored signature_pad popularity level to be Influential project.

Based on project statistics from the GitHub repository for the npm package signature_pad, we found that it has been starred 10,082 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Sustainable

Readme.md: Yes
Contributing.md: No
Code of Conduct: No
Contributors: 50
Funding: No

With more than 10 contributors for the signature_pad repository, this is possibly a sign for a growing and inviting community.

We found a way for you to contribute to the project! Looks like signature_pad is missing a Code of Conduct.

Embed Package Health Score Badge

Maintenance

Healthy

Commit Frequency

Open Issues: 6
Open PR: 1
Last Release: 2 months ago
Last Commit: 14 days ago

Further analysis of the maintenance status of signature_pad based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that signature_pad demonstrates a positive version release cadence with at least one new version released in the past 3 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: not defined

Age: 10 years
Dependencies: 0 Direct
Versions: 53
Install Size: 245 kB
Dist-tags: 2
# of Files: 26
Maintainers: 1
TS Typings: Yes

signature_pad has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Not sure how to use signature_pad?

To help you get started, we've collected the most common ways that signature_pad is being used within popular public projects.

enketo / enketo-core / src / widget / draw / draw-widget.js View on Github

.then( () => {
                that.pad = new SignaturePad( canvas, {
                    onEnd: () => {
                        // keep replacing this timer so continuous drawing
                        // doesn't update the value after every stroke.
                        clearTimeout( that._updateWithDelay );
                        that._updateWithDelay = setTimeout( that._updateValue.bind( that ), DELAY );
                    },
                    penColor: that.props.colors[ 0 ] || 'black'
                } );
                that.pad.off();
                if ( existingFilename ) {
                    that.element.value = existingFilename;
                    return that._loadFileIntoPad( existingFilename )
                        .then( that._updateDownloadLink.bind( that ) );
                }
                return true;
            } );

View more ways to use signature_pad

Signature Pad

Signature Pad is a JavaScript library for drawing smooth signatures. It's HTML5 canvas based and uses variable width Bézier curve interpolation based on Smoother Signatures post by Square. It works in all modern desktop and mobile browsers and doesn't depend on any external libraries.

Example

Demo

Demo works in desktop and mobile browsers. You can check out its source code for some tips on how to handle window resize and high DPI screens. You can also find more about the latter in HTML5 Rocks tutorial.

Other demos

Erase feature:
Undo feature:

Installation

You can install the latest release using npm:

npm install --save signature_pad

or Yarn:

yarn add signature_pad

You can also add it directly to your page using `


You can select a different version at [https://www.jsdelivr.com/package/npm/signature_pad](https://www.jsdelivr.com/package/npm/signature_pad).

This library is provided as UMD (Universal Module Definition) and ES6 module.

## Usage

### API

```javascript
const canvas = document.querySelector("canvas");

const signaturePad = new SignaturePad(canvas);

// Returns signature image as data URL (see https://mdn.io/todataurl for the list of possible parameters)
signaturePad.toDataURL(); // save image as PNG
signaturePad.toDataURL("image/jpeg"); // save image as JPEG
signaturePad.toDataURL("image/jpeg", 0.5); // save image as JPEG with 0.5 image quality
signaturePad.toDataURL("image/svg+xml"); // save image as SVG data url

// Return svg string without converting to base64
signaturePad.toSVG(); // ""
signaturePad.toSVG({includeBackgroundColor: true}); // add background color to svg output

// Draws signature image from data URL (mostly uses https://mdn.io/drawImage under-the-hood)
// NOTE: This method does not populate internal data structure that represents drawn signature. Thus, after using #fromDataURL, #toData won't work properly.
signaturePad.fromDataURL("data:image/png;base64,iVBORw0K...");

// Draws signature image from data URL and alters it with the given options
signaturePad.fromDataURL("data:image/png;base64,iVBORw0K...", { ratio: 1, width: 400, height: 200, xOffset: 100, yOffset: 50 });

// Returns signature image as an array of point groups
const data = signaturePad.toData();

// Draws signature image from an array of point groups
signaturePad.fromData(data);

// Draws signature image from an array of point groups, without clearing your existing image (clear defaults to true if not provided)
signaturePad.fromData(data, { clear: false });

// Clears the canvas
signaturePad.clear();

// Returns true if canvas is empty, otherwise returns false
signaturePad.isEmpty();

// Unbinds all event handlers
signaturePad.off();

// Rebinds all event handlers
signaturePad.on();

Options

dotSize: (float or function) Radius of a single dot. Also the width of the start of a mark.
minWidth: (float) Minimum width of a line. Defaults to 0.5.
maxWidth: (float) Maximum width of a line. Defaults to 2.5.
throttle: (integer) Draw the next point at most once per every x milliseconds. Set it to 0 to turn off throttling. Defaults to 16.
minDistance: (integer) Add the next point only if the previous one is farther than x pixels. Defaults to 5.
backgroundColor: (string) Color used to clear the background. Can be any color format accepted by context.fillStyle. Defaults to "rgba(0,0,0,0)" (transparent black). Use a non-transparent color e.g. "rgb(255,255,255)" (opaque white) if you'd like to save signatures as JPEG images.
penColor: (string) Color used to draw the lines. Can be any color format accepted by context.fillStyle. Defaults to "black".
velocityFilterWeight: (float) Weight used to modify new velocity based on the previous velocity. Defaults to 0.7.
canvasContextOptions: (CanvasRenderingContext2DSettings) part of the Canvas API, provides the 2D rendering context for the drawing surface of a canvas element. It is used for drawing shapes, text, images, and other objects (MDN).

You can set options during initialization:

const signaturePad = new SignaturePad(canvas, {
    minWidth: 5,
    maxWidth: 10,
    penColor: "rgb(66, 133, 244)"
});

or during runtime:

const signaturePad = new SignaturePad(canvas);
signaturePad.minWidth = 5;
signaturePad.maxWidth = 10;
signaturePad.penColor = "rgb(66, 133, 244)";

Events

beginStroke: Triggered before stroke begins.
Can be canceled with event.preventDefault()
endStroke: Triggered after stroke ends.
beforeUpdateStroke: Triggered before stroke update.
afterUpdateStroke: Triggered after stroke update.

You can add listeners to events with .addEventListener:

const signaturePad = new SignaturePad(canvas);
signaturePad.addEventListener("beginStroke", () =&gt; {
  console.log("Signature started");
}, { once: true });

Tips and tricks

Handling high DPI screens

To correctly handle canvas on low and high DPI screens one has to take devicePixelRatio into account and scale the canvas accordingly. This scaling is also necessary to properly display signatures loaded via SignaturePad#fromDataURL. Here's an example how it can be done:

function resizeCanvas() {
    const ratio =  Math.max(window.devicePixelRatio || 1, 1);
    canvas.width = canvas.offsetWidth * ratio;
    canvas.height = canvas.offsetHeight * ratio;
    canvas.getContext("2d").scale(ratio, ratio);
    signaturePad.clear(); // otherwise isEmpty() might return incorrect value
}

window.addEventListener("resize", resizeCanvas);
resizeCanvas();

Instead of resize event you can listen to screen orientation change, if you're using this library only on mobile devices. You can also throttle the resize event - you can find some examples on this MDN page.

Handling canvas resize

When you modify width or height of a canvas, it will be automatically cleared by the browser. SignaturePad doesn't know about it by itself, so you can call signaturePad.fromData(signaturePad.toData()) to reset the drawing, or signaturePad.clear() to make sure that signaturePad.isEmpty() returns correct value in this case.

This clearing of the canvas by the browser can be annoying, especially on mobile devices e.g. when screen orientation is changed. There are a few workarounds though, e.g. you can lock screen orientation, or read an image from the canvas before resizing it and write the image back after.

Handling data URI encoded images on the server side

If you are not familiar with data URI scheme, you can read more about it on Wikipedia.

There are 2 ways you can handle data URI encoded images.

You could simply store it in your database as a string and display it in HTML like this:

<img src="data:image/png;base64,iVBORw0K...">

but this way has many disadvantages - it's not easy to get image dimensions, you can't manipulate it e.g. to create a thumbnail and it also has some performance issues on mobile devices.

Thus, more common way is to decode it and store as a file. Here's an example in Ruby:

require "base64"

data_uri = "data:image/png;base64,iVBORw0K..."
encoded_image = data_uri.split(",")[1]
decoded_image = Base64.decode64(encoded_image)
File.open("signature.png", "wb") { |f| f.write(decoded_image) }

Here's an example in PHP:

$data_uri = "data:image/png;base64,iVBORw0K...";
$encoded_image = explode(",", $data_uri)[1];
$decoded_image = base64_decode($encoded_image);
file_put_contents("signature.png", $decoded_image);

Here's an example in C# for ASP.NET:

var dataUri = "data:image/png;base64,iVBORw0K...";
var encodedImage = dataUri.Split(',')[1];
var decodedImage = Convert.FromBase64String(encodedImage);
System.IO.File.WriteAllBytes("signature.png", decodedImage);

Removing empty space around a signature

If you'd like to remove (trim) empty space around a signature, you can do it on the server side or the client side. On the server side you can use e.g. ImageMagic and its trim option: convert -trim input.jpg output.jpg. If you don't have access to the server, or just want to trim the image before submitting it to the server, you can do it on the client side as well. There are a few examples how to do it, e.g. here or here and there's also a tiny library trim-canvas that provides this functionality.

Drawing over an image

Demo:

License

Released under the MIT License.

FAQs

What is signature_pad?

Library for drawing smooth signatures. Visit Snyk Advisor to see a full health score report for signature_pad, including popularity, security, maintenance & community analysis.

Is signature_pad popular?

The npm package signature_pad receives a total of 431,724 weekly downloads. As such, signature_pad popularity was classified as an influential project. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is signature_pad well maintained?

We found that signature_pad demonstrated a healthy version release cadence and project activity. It has a community of 50 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is signature_pad safe to use?

The npm package signature_pad was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 25 April-2024, at 01:12 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

Package Health Score

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (431,724)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Not sure how to use signature_pad?

Signature Pad

Demo

Other demos

Installation

Options

Events

Tips and tricks

Handling high DPI screens

Handling canvas resize

Handling data URI encoded images on the server side

Removing empty space around a signature

Drawing over an image

License

signature_pad development dependencies

FAQs

What is signature_pad?

Is signature_pad popular?

Is signature_pad well maintained?

Is signature_pad safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues