Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@analytics/listener-utils
Advanced tools
Backward compatible event listener library for attaching & detaching event handlers
A tiny utilities library for dealing with event listeners.
Exposes addListener
, removeListener
functions.
This library will work with analytics or as a standalone package.
This package makes it a little easy to work with addEventListener
& removeEventListener
by returning a clean up function for both. This makes it easy to re-attach a listener or disable a listener with it's return function.
Additionally this package is backwards compatible with older browsers. This library is backwards compatible back to IE 8.
Install @analytics/listener-utils
from npm.
npm install @analytics/listener-utils
Below is the api for @analytics/listener-utils
.
addListener
Add an event listener to an element.
import { addListener } from '@analytics/listener-utils'
addListener('#button', 'click', () => {
console.log('do stuff')
})
This method returns a cleanup function. When the cleanup function is called the event listener is removed.
import { addListener } from '@analytics/listener-utils'
const selectorOrNode = '#my-button'
const event = 'click'
const opts = {} // (optional) See opts at https://mzl.la/2QtNRHR
const handler = () => {
console.log('wow you clicked it!')
}
// addListener returns a disable listener function
const disableListener = addListener(selectorOrNode, event, handler, opts)
// Detach the listener
const reAttachListner = disableListener()
// reAttach the listener
const disableAgain = reAttachListner()
// ...and so on
Below is an example of automatically disabling a click handler while an api request is in flight
import { addListener } from '@analytics/listener-utils'
const disableFetchListener = addListener('#api', 'click', () => {
// Fetch in progress disable click handler to avoid duplicate calls
const renableAPIClickHandler = disableFetchListener()
fetch(`https://swapi.dev/api/people/?search=l`)
.then((response) => {
return response.json()
})
.then((json) => {
console.log("data", json.results)
// Success! Reattach event handler
renableAPIClickHandler()
})
.catch((err) => {
console.log('API error', err)
// Error! Reattach event handler
renableAPIClickHandler()
})
})
// call disableFetchListener wherever you wish to disable this click handler
See addEventListener docs for options
Fire an event once
import { addListener } from '@analytics/listener-utils'
addListener('#my-button', 'click', () => {
console.log('will fire only once')
}, { once: true })
Fire an event on multiple event types
import { addListener } from '@analytics/listener-utils'
addListener('#my-button', 'click mouseover', () => {
console.log('will fire on click & mouseover events')
})
removeListener
Removes an event listener from an element.
import { addListener, removeListener } from '@analytics/listener-utils'
const buttonSelector = '#my-button'
const simpleFunction = () => console.log('wow you clicked it!')
addListener(buttonSelector, 'click', simpleFunction)
const options = {}
// (optional) See opts at https://mzl.la/2QtNRHR
// removeListener returns an enable listener function
const altSeletor = document.querySelector('#my-button')
const reAttachListener = removeListener(altSeletor, 'click', simpleFunction, options)
// Reattach the listener
reAttachListener()
See removeEventListener docs for options
FAQs
Backward compatible event listener library for attaching & detaching event handlers
We found that @analytics/listener-utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.