Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@degjs/event-aggregator
Advanced tools
EventAggregator is a module that acts as a single source of events for objects that wish to publish and/or subscribe to events. This module was heavily inspired by Eric Elliot and his excellent book Programming JavaScript Applications. Go read it.
Install eventAggregator from NPM with command:
$ npm install @degjs/event-aggregator
EventAggregator is a singleton, so it does not need to be instantiated.
import eventAggregator from "@degjs/event-aggregator";
function onSomeEvent(e) {
console.log(e);
}
/* Subscribe to 'someEvent' event */
eventAggregator.subscribe('someEvent', onSomeEvent);
/* Unsubscribe from 'someEvent' event */
eventAggregator.unsubscribe('someEvent', onSomeEvent);
/* Publish 'yetAnotherEvent' event */
eventAggregator.publish({
/* type property is required */
type: 'yetAnotherEvent',
data: {...}
});
Subscribe to an event.
Type: String
The name of the event to subscribe to.
Type: Function
The listener function that will be called when the event is fired.
Unsubscribe from an event.
Type: String
The name of the event to unsubscribe from.
Type: Function
The listener function that was subscribed to the event.
Publish an event.
Type: Object
or String
The event to publish. If the parameter is a String
, it should be the name of the event. If the parameter is an Object
, it must have a type
property with a value that is the name of the event. Any other properties on the object will be passed along to all subscribers of the event.
Breakpoints depends on the following browser APIs:
To support legacy browsers, you'll need to include polyfills for the above APIs.
FAQs
Publish and subscribe to events across modules.
We found that @degjs/event-aggregator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.