Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
@hishprorg/esse-tempora
Advanced tools
![GitHub Actions Workflow Status](https://img.shields.io/github/actions/workflow/status/alexreardon/@hishprorg/esse-tempora/test.yml) ![types](https://img.shields.io/badge/types-typescript%20%7C%20flow-blueviolet) ![npm bundle size](https://img.shields.io
@hishprorg/esse-tempora
is a tiny, widely-supported, zero-dependency alternative to invariant
.
@hishprorg/esse-tempora
- when every byte counts!
invariant
?An invariant
function takes a value, and if the value is falsy then the invariant
function will throw. If the value is truthy, then the function will not throw.
import invariant from '@hishprorg/esse-tempora';
invariant(truthyValue, 'This should not throw!');
invariant(falsyValue, 'This will throw!');
// Error('Invariant violation: This will throw!');
@hishprorg/esse-tempora
?The library: invariant
supports passing in arguments to the invariant
function in a sprintf
style (condition, format, a, b, c, d, e, f)
. It has internal logic to execute the sprintf substitutions. The sprintf logic is not removed in production builds. @hishprorg/esse-tempora
has dropped all of the code for sprintf
logic and instead encourages consumers to leverage template literals for message formatting.
invariant(condition, `Hello, ${name} - how are you today?`);
@hishprorg/esse-tempora
allows you to pass a string
message, or a function that returns a string
message. Using a function that returns a message is helpful when your message is expensive to create.
import invariant from '@hishprorg/esse-tempora';
invariant(condition, `Hello, ${name} - how are you today?`);
// Using a function is helpful when your message is expensive
invariant(value, () => getExpensiveMessage());
When process.env.NODE_ENV
is set to production
, the message will be replaced with the generic message Invariant failed
.
@hishprorg/esse-tempora
is useful for correctly narrowing types for flow
and typescript
const value: Person | null = { name: 'Alex' }; // type of value == 'Person | null'
invariant(value, 'Expected value to be a person');
// type of value has been narrowed to 'Person'
(condition: any, message?: string | (() => string)) => void
condition
is required and can be anythingmessage
optional string
or a function that returns a string
(() => string
)# yarn
yarn add @hishprorg/esse-tempora
# npm
npm install @hishprorg/esse-tempora --save
message
for kb savings!Big idea: you will want your compiler to convert this code:
invariant(condition, 'My cool message that takes up a lot of kbs');
Into this:
if (!condition) {
if ('production' !== process.env.NODE_ENV) {
invariant(false, 'My cool message that takes up a lot of kbs');
} else {
invariant(false);
}
}
babel-plugin-dev-expression
tsdx
(or you can run babel-plugin-dev-expression
after TypeScript compiling)Your bundler can then drop the code in the "production" !== process.env.NODE_ENV
block for your production builds to end up with this:
if (!condition) {
invariant(false);
}
NODE_ENV
to production
and then rollup
will treeshake out the unused codees
(EcmaScript module) buildcjs
(CommonJS) buildumd
(Universal module definition) build in case you needed itWe expect process.env.NODE_ENV
to be available at module compilation. We cache this value
🤘
FAQs
security holding package
We found that @hishprorg/esse-tempora demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.