Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@fluidframework/synthesize
Advanced tools
An Ioc type library for synthesizing a FluidObject based on FluidObject providers.
When taking a dependency on a Fluid Framework library's public APIs, we recommend using a ^
(caret) version range, such as ^1.3.4
.
While Fluid Framework libraries may use different ranges with interdependencies between other Fluid Framework libraries,
library consumers should always prefer ^
.
If using any of Fluid Framework's unstable APIs (for example, its beta
APIs), we recommend using a more constrained version range, such as ~
.
It allows for the creation of a DependencyContainer
that can have FluidObjects registered with it
based on their interface Symbol. So for example if I wanted to register something as IFoo
I would
need to provide and object that implements IFoo
along side it.
The DependencyContainer
also exposes a synthesize
method that returns an object with a Promise
to the
correct optional and required symbols requested.
So if I wanted an object with an optional IFoo
and a required IBar
I would get back:
{
IFoo: Promise<IFoo | undefined>;
IBar: Promise<IBar>;
}
const dc = new DependencyContainer<FluidObject<IFoo & IBar>>();
dc.register(IFoo, new Foo());
const s = dc.synthesize({IFoo}, {});
const foo = await s.IFoo;
console.log(s.IFoo?.foo;)
Fluid object Providers are the the different ways you can return a FluidObject when registering.
There are four types of providers:
type FluidObjectProvider<T> =
| NonNullable<T>
| Promise<NonNullable<T>>
| ((dependencyContainer: IFluidDependencySynthesizer) => NonNullable<T>)
| ((dependencyContainer: IFluidDependencySynthesizer) => Promise<NonNullable<T>>);
Provide an FluidObject of a given type.
const dc = new DependencyContainer<FluidObject<IFoo>>();
dc.register(IFoo, new Foo());
Provide a Promise to an FluidObject of a given type.
const dc = new DependencyContainer<FluidObject<IFoo>>();
const generateFoo: Promise<IFoo> = await() => {
const foo = new Foo();
await foo.initialize();
return foo;
}
dc.register(IFoo, generateFoo());
Provide a function that will resolve an FluidObject of a given type.
const dc = new DependencyContainer<FluidObject<IFoo & IBar>>();
const fooFactory = () => new Foo();
dc.register(IFoo, fooFactory);
// Factories can utilize the DependencyContainer if the FluidObject depends
// on other providers
const barFactory = (dc) => new Bar(dc);
dc.register(IFoo, barFactory);
Provide a function that will resolve a Promise to an FluidObject of a given type.
const dc = new DependencyContainer<FluidObject<IFoo & IBar>>();
const generateFoo: Promise<IFoo> = await() => {
const foo = new Foo();
await foo.initialize();
return foo;
}
dc.register(IFoo, generateFoo);
const generateBar: Promise<IBar> = await(dc) => {
const bar = new Bar();
await bar.initialize(dc);
return bar;
}
dc.register(IBar, generateBar);
Once you have a DependencyContainer
with registered providers you can synthesize/generate a new FluidObject
from it. The object that is returned will have the correct typing of optional and required types.
An Example:
If I wanted an object with an optional IFoo
and a required IBar
I would get back:
{
IFoo: Promise<IFoo | undefined>;
IBar: Promise<IBar>;
}
synthesize
takes optionalTypes
and requiredTypes
as well as their corresponding types. FluidObjectSymbolProvider<>
is a TypeScript type
that ensures the types being passed match the ones in the object being provided.
Optional types will return a Promise to it's corresponding FluidObject or undefined. Because of this we need to do
an if check to validate the object or use the ?
like in the example below.
const dc = new DependencyContainer<FluidObject<IFoo>>();
const s = dc.synthesize<IFoo>({ IFoo }, {});
const foo = await s.IFoo;
console.log(foo?.foo);
Note: Because of how generics in TypeScript work we need to provide an empty requiredTypes
object even though we don't
need to provide the type.
Required types will return a Promise to it's corresponding FluidObject or it will throw.
You can see below that we don't need to add the ?
to check our requested type.
const dc = new DependencyContainer<FluidObject<IFoo>>();
const scope = dc.synthesize<{}, IFoo>({}, { IFoo });
const foo = await s.IFoo;
console.log(foo.foo);
You can declare multiple types for both Optional and Required using the &
or creating a separate type.
const dc = new DependencyContainer<FluidObject<IFoo & IBar>>();
const scope = dc.synthesize<IFoo & IBar>({ IFoo, IBar }, {});
const fooP = s.IFoo;
const barP = s.IBar;
const [foo, bar] = Promise.all([foo, bar]);
console.log(foo?.foo);
console.log(bar?.bar);
const dc = new DependencyContainer<FluidObject<IFoo & IBar>>();
const scope = dc.synthesize<{}, IFoo & IBar>({}, { IFoo, IBar });
const fooP = s.IFoo;
const barP = s.IBar;
const [foo, bar] = Promise.all([foo, bar]);
console.log(foo.foo);
console.log(bar.bar);
const dc = new DependencyContainer<FluidObject<IFoo & IBar>>();
const scope = dc.synthesize<IFoo, IBar>({ IFoo }, { IBar });
const fooP = s.IFoo;
const barP = s.IBar;
const [foo, bar] = Promise.all([foo, bar]);
console.log(foo?.foo);
console.log(bar.bar);
The DependencyContainer
takes one optional parameter which is the parent
. When resolving providers the DependencyContainer
will first
check the current container then look in the parent.
This project may contain Microsoft trademarks or logos for Microsoft projects, products, or services.
Use of these trademarks or logos must follow Microsoft's Trademark & Brand Guidelines.
Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship.
FAQs
A library for synthesizing scope objects.
The npm package @fluidframework/synthesize receives a total of 3,164 weekly downloads. As such, @fluidframework/synthesize popularity was classified as popular.
We found that @fluidframework/synthesize demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.