Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@effect-ts/system
Advanced tools
Effect-TS is a zero dependency set of libraries to write highly productive, purely functional TypeScript at scale.
Effect-TS is a zero dependency set of libraries to write highly productive, purely functional TypeScript at scale.
The main driver of inspiration and the source of most of the ideas politely borrowed by this library is the core ZIO and its ecosystem of libraries, in particular ZIO-Prelude from which we take the naming and design of a highly innovative typeclass system.
Within the TypeScript ecosystem, this library takes inspiration from fp-ts, io-ts, morphic-ts, waveguide, qio and please forgive us if we are forgetting some.
Before anything we would like to say THANK YOU to all the contributors and authors of all the libraries we took something from, this work would have not been possible without you!
Just like ZIO
in scala, which was taken as source-code reference for the typescript port, @effect-ts/core/Effect
is powered by highly-scalable, non-blocking fibers that never waste or leak resources, Effect
lets you build scalable, resilient, and reactive applications that meet the needs of your business.
Promise
.Maximum call stack size exceeded
and profit.Within the ecosystem of packages you will find:
@effect-ts/core
The main entry point of the library, contains the effect system, the typeclasses inspired by zio-prelude and a set of commonly used modules like Sync
, Array
, Option
, and many more.
@effect-ts/jest
The main entry point for testing, provides an integration to jest of a test runtime based on managed effect layers that support Effect
as first class citizen.
@effect-ts/monocle
Based on a fork of monocle-ts
experimental modules this library offers low boilerplate optics for your needs.
@effect-ts/morphic
Based on a fork of morphic-ts
this library provides derivation of common typeclasses like Decoder
, Encoder
, Guard
in a highly configurable manner and utilities around ADT
in general data-modelling needs.
@effect-ts/tracing-plugin
This typescript compiler plugin, to be used with ttypescript
, can be configured to:
pipe
flow
identity
We recommend the usage of yarn
and if you have multiple packages the usage of yarn workspaces
that handles by default hoisting of dependencies:
yarn add @effect-ts/system
Join us using discord at: https://discord.gg/hdt7t7jpvn
If you like to know more check out our, incomplete, series of articles:
This is not an excuse, we will write docs when the active development slows down but:
Functional libraries tend to have almost no documentation and the reason is that the best documentation for a function is its own definition assuming the name is meaningful and the types are clear.
For the reason above, when we will begin documenting it, it will be along the lines of a guide in order to introduce concepts used in the library rather than just an "online database of function definitions"
This library is actively maintained by Matechs-Garage the R&D
leg of the Matechs group that sponsor its development.
Many thanks to all contributors of this amazing project, many of you have contributed from functionality up to bug reporting and fixing this library would have been nowhere near without your work. If you are interested to join us then reach out (regardless of your experience)!
FAQs
Effect-TS is a zero dependency set of libraries to write highly productive, purely functional TypeScript at scale.
We found that @effect-ts/system demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.