Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@preact/signals
Advanced tools
Signals is a performant state management library with two primary goals:
Read the announcement post to learn more about which problems signals solves and how it came to be.
npm install @preact/signals
The Preact integration can be installed via:
npm install @preact/signals
It allows you to access signals as if they were native to Preact. Whenever you read a signal inside a component we'll automatically subscribe the component to that. When you update the signal we'll know that this component needs to be updated and will do that for you.
// The Preact adapter re-exports the core library
import { signal } from "@preact/signals";
const count = signal(0);
function CounterValue() {
// Whenever the `count` signal is updated, we'll
// re-render this component automatically for you
return <p>Value: {count.value}</p>;
}
If you need to instantiate new signals or create new side effects on signal changes inside your components, you can use the useSignal
, useComputed
and useSignalEffect
hooks.
import { useSignal, useComputed, useSignalEffect } from "@preact/signals";
function Counter() {
const count = useSignal(0);
const double = useComputed(() => count.value * 2);
useSignalEffect(() => {
console.log(`Value: ${count.value}, value x 2 = ${double.value}`);
});
return (
<button onClick={() => count.value++}>
Value: {count.value}, value x 2 = {double.value}
</button>
);
}
The Preact adapter ships with several optimizations it can apply out of the box to skip virtual-dom rendering entirely. If you pass a signal directly into JSX, it will bind directly to the DOM Text
node that is created and update that whenever the signal changes.
import { signal } from "@preact/signals";
const count = signal(0);
// Unoptimized: Will trigger the surrounding
// component to re-render
function Counter() {
return <p>Value: {count.value}</p>;
}
// Optimized: Will update the text node directly
function Counter() {
return <p>Value: {count}</p>;
}
To opt into this optimization, simply pass the signal directly instead of accessing the .value
property.
We can also pass signals directly as an attribute to an HTML element node.
import { signal } from "@preact/signals";
const inputValue = signal("foobar");
function Person() {
return <input value={inputValue} onInput={...} />;
}
This way we'll bypass checking the virtual-dom and update the DOM property directly.
MIT
, see the LICENSE file.
FAQs
Manage state with style in Preact
The npm package @preact/signals receives a total of 0 weekly downloads. As such, @preact/signals popularity was classified as not popular.
We found that @preact/signals demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.