Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@cerebral/react
Advanced tools
React view for Cerebral.
npm install @cerebral/react react react-dom babel-preset-react
import React from 'react'
import {render} from 'react-dom'
import {Controller} from 'cerebral'
import {Container} from '@cerebral/react'
import App from './App'
const controller = Controller({
state: {
foo: 'bar'
}
})
render((
<Container controller={controller}>
<App />
</Container>
), document.querySelector('#app'))
Typically you add a stateless component:
import React from 'react'
import {state, signal} from 'cerebral/tags'
import {connect} from '@cerebral/react'
export default connect({
foo: state`foo`,
click: signal`clicked`
},
function MyComponent ({foo, click}) {
return <div onClick={() => click()}>{foo}</div>
}
)
But you can also use stateful components:
import React from 'react'
import {state, signal} from 'cerebral/tags'
import {connect} from '@cerebral/react'
export default connect({
foo: state`foo`,
click: signal`clicked`
},
class MyComponent extends React.Component {
render () {
return <div onClick={() => this.props.click()}>{this.props.foo}</div>
}
}
)
You can add an additional function to connect that gives you full control of properties of the component and dependencies. The returned object from this function will be the exact props passed into the component.
import React from 'react'
import {signal, state} from 'cerebral/tags'
import {connect} from '@cerebral/react'
export default connect({
foo: state`app.foo`,
clicked: signal`app.somethingClicked`
}, (dependencyProps, ownProps, resolve) => {
// we can resolve values or path here. Note: it's not tracked as dependency
const path = resolve.path(state`entities.foo.{ownProps}`)
return {
// values from state could be transformed here
foo: `Label: ${foo}`,
// signals calls could be bound here, so component uses it as general callback
onClick: (e) => clicked({ id: ownProps.id })
}
},
function App({foo, onClick}) {
return <div onClick={onClick}>{foo}</div>
}
)
dependencyProps are the props you connected.
props are the props passed into the component by the parent.
resolve allows you to resolve computed etc., just like resolve in actions.
If you use TypeScript, you can type your component props with connect:
import React from 'react'
import {state, signal} from 'cerebral/tags'
import {connect} from '@cerebral/react'
// connected props
interface Props {
click (): void
foo: string
}
// component props such as <MyComponent name='foobar' />
interface EProps {
name: string
}
// Stateless
export default connect<Props, EProps>({
foo: state`foo`,
click: signal`clicked`
},
// TypeScript now knows about foo and click props
function MyComponent ({foo, click}) {
return <div onClick={() => click()}>{foo}</div>
}
)
// Stateful
export default connect<Props, EProps>({
foo: state`foo`,
click: signal`clicked`
},
class MyComponent extends React.Component<Props, EProps> {
render () {
return <div onClick={() => this.props.click()}>{this.props.foo}</div>
}
}
)
FAQs
React view for Cerebral
The npm package @cerebral/react receives a total of 2,573 weekly downloads. As such, @cerebral/react popularity was classified as popular.
We found that @cerebral/react demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.