Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
@cerebral/react
Advanced tools
React view for Cerebral.
npm install @cerebral/react react react-dom babel-preset-react
import React from 'react'
import {render} from 'react-dom'
import {Controller} from 'cerebral'
import {Container} from '@cerebral/react'
import App from './App'
const controller = Controller({
state: {
foo: 'bar'
},
signals: {
clicked: []
}
})
render((
<Container controller={controller}>
<App />
</Container>
), document.querySelector('#app'))
Typically you add a stateless component:
import React from 'react'
import {state, signal} from 'cerebral/tags'
import {connect} from '@cerebral/react'
export default connect({
foo: state`foo`,
click: signal`clicked`
},
function MyComponent ({foo, click}) {
return <div onClick={() => click()}>{foo}</div>
}
)
But you can also use stateful components:
import React from 'react'
import {state, signal} from 'cerebral/tags'
import {connect} from '@cerebral/react'
export default connect({
foo: state`foo`,
click: signal`clicked`
},
class MyComponent extends React.Component {
render () {
return <div onClick={() => this.props.click()}>{this.props.foo}</div>
}
}
)
You can add an additional function to connect that gives you full control of properties of the component and dependencies. The returned object from this function will be the exact props passed into the component.
import React from 'react'
import {signal, state} from 'cerebral/tags'
import {connect} from '@cerebral/react'
export default connect({
foo: state`app.foo`,
clicked: signal`app.somethingClicked`
}, (dependencyProps, ownProps, resolve) => {
// we can resolve values or path here. Note: it's not tracked as dependency
const path = resolve.path(state`entities.foo.{ownProps}`)
return {
// values from state could be transformed here
foo: `Label: ${foo}`,
// signals calls could be bound here, so component uses it as general callback
onClick: (e) => clicked({ id: ownProps.id })
}
},
function App({foo, onClick}) {
return <div onClick={onClick}>{foo}</div>
}
)
dependencyProps are the props you connected.
props are the props passed into the component by the parent.
resolve allows you to resolve computed etc., just like resolve in actions.
If you use TypeScript, you can type your component props with connect:
import React from 'react'
import {state, signal} from 'cerebral/tags'
import {connect} from '@cerebral/react'
// connected props
interface Props {
click (): void
foo: string
}
// component props such as <MyComponent name='foobar' />
interface EProps {
name: string
}
// Stateless
export default connect<Props, EProps>({
foo: state`foo`,
click: signal`clicked`
},
// TypeScript now knows about foo and click props
function MyComponent ({foo, click}) {
return <div onClick={() => click()}>{foo}</div>
}
)
// Stateful
export default connect<Props, EProps>({
foo: state`foo`,
click: signal`clicked`
},
class MyComponent extends React.Component<Props, EProps> {
render () {
return <div onClick={() => this.props.click()}>{this.props.foo}</div>
}
}
)
FAQs
React view for Cerebral
We found that @cerebral/react demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.