Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@cycle/callbags
Advanced tools
![Build](https://github.com/cyclejs/callbags/workflows/Build/badge.svg) [![codecov](https://codecov.io/gh/cyclejs/callbags/branch/master/graph/badge.svg)](https://codecov.io/gh/cyclejs/callbags) [![code style: prettier](https://img.shields.io/badge/code_s
This is the set of callbags that will most likely be used in the next version of Cycle.js. They are written in TypeScript and export ES modules to allow for tree shaking. Also, the implementation is specifically tailored to the Cycle.js use case, so all of them are push-only. Using them with sink or operators that try to pull the sources here will most likely lead to bugs und weird behavior.
This project uses pnpm
, other package managers might work, but only pnpm has a lockfile that pins dependencies. To build run:
pnpm install
pnpm run build
Currently, the following set of operators is implemented, others might follow. Note that this repo is not designed to become the "official" home of callbags, so after a basic set is implemented it is very unlikely that further operators will be added. This is no problem in practise as all of the callbags here adhere to the spec, so you can easily mix and match them with any callbag operator out there.
fromArray
fromPromise
from
of
create
never
empty
throwError
merge
combine
combineWith
makeSubject
makeAsyncSubject
FAQs
![Build](https://github.com/cyclejs/callbags/workflows/Build/badge.svg) [![codecov](https://codecov.io/gh/cyclejs/callbags/branch/master/graph/badge.svg)](https://codecov.io/gh/cyclejs/callbags) [![code style: prettier](https://img.shields.io/badge/code_s
We found that @cycle/callbags demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.