New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@prefab-cloud/prefab-cloud-react

Package Overview
Dependencies
Maintainers
4
Versions
66
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@prefab-cloud/prefab-cloud-react

Feature Flags & Dynamic Configuration as a Service

latest
npmnpm
Version
0.4.8
Version published
Weekly downloads
295
7.66%
Maintainers
4
Weekly downloads
 
Created
Source

prefab-cloud-react

A React provider and hook for Prefab

Installation

npm install @prefab-cloud/prefab-cloud-react or yarn add @prefab-cloud/prefab-cloud-react

TypeScript types are included with the package.

Usage in your app

Configure the Provider

Wrap your component tree in the PrefabProvider, e.g.

import { PrefabProvider } from "@prefab-cloud/prefab-cloud-react";

const WrappedApp = () => {
  const context = {
    user: { email: "jeffrey@example.com" },
    subscription: { plan: "advanced" },
  };

  const onError = (error) => {
    console.error(error);
  };

  return (
    <PrefabProvider apiKey={"YOUR_API_KEY"} contextAttributes={context} onError={onError}>
      <App />
    </PrefabProvider>
  );
};

Here's an explanation of each provider prop:

propertyrequiredtypepurpose
apiKeyyesstringyour Prefab API key
onErrorno(error) => voidcallback invoked if prefab fails to initialize
contextAttributesnoContextAttributesthis is the context attributes object you passed when setting up the provider
endpointsnostring[]CDN endpoints to load configuration from (defaults to 2 prefab-based CDNs)
timeoutnonumberinitialization timeout (defaults to 10 seconds)
pollIntervalnonumberconfigures prefab to poll for updates every pollInterval ms.

Usage in Your Components

Use the usePrefab hook to fetch flags and config values:

const Logo = () => {
  const { isEnabled } = usePrefab();

  if (isEnabled("new-logo")) {
    return <img src={newLogo} className="App-logo" alt="logo" />;
  }

  return <img src={logo} className="App-logo" alt="logo" />;
};

usePrefab exposes the following:

const { isEnabled, get, loading, contextAttributes } = usePrefab();

Here's an explanation of each property:

propertyexamplepurpose
isEnabledisEnabled("new-logo")returns a boolean (default false) if a feature is enabled based on the current context
getget('retry-count')returns the value of a flag or config
loadingif (loading) { ... }a boolean indicating whether prefab content is being loaded
contextAttributesN/Athis is the context attributes object you passed when setting up the provider
prefabN/Athe underlying JavaScript prefab instance
keysN/Aan array of all the flag and config names in the current configuration

Usage in your test suite

Wrap the component under test in a PrefabTestProvider and provide a config object to set up your test state.

e.g. if you wanted to test the following trivial component

function MyComponent() {
  const { get, isEnabled, loading } = usePrefab();
  const greeting = get("greeting") || "Greetings";

  if (loading) {
    return <div>Loading...</div>;
  }

  return (
    <div>
      <h1 role="alert">{greeting}</h1>
      {isEnabled("secretFeature") && (
        <button type="submit" title="secret-feature">
          Secret feature
        </button>
      )}
    </div>
  );
}

You could do the following in jest/rtl

import { PrefabTestProvider } from '@prefab-cloud/prefab-cloud-react';

const renderInTestProvider = (config: {[key: string]: any}) => {
  render(
    <PrefabTestProvider config={config}>
      <MyComponent />
    </PrefabTestProvider>,
  );
};

it('shows a custom greeting', async () => {
  renderInTestProvider({ greeting: 'Hello' });

  const alert = screen.queryByRole('alert');
  expect(alert).toHaveTextContent('Hello');
});

it('shows the secret feature when it is enabled', async () => {
  renderInTestProvider({ secretFeature: true });

  const secretFeature = screen.queryByTitle('secret-feature');
  expect(secretFeature).toBeInTheDocument();
});

Contributing

Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated. For detailed contributing guidelines, please see CONTRIBUTING.md

Release Scripts

This package includes scripts to simplify the release process:

Standard Release

To publish a new standard release (patch version):

./publish-release.sh

This script:

  • Runs tests
  • Builds the package
  • Bumps the patch version
  • Publishes to npm with the latest tag

Pre-release

To publish a pre-release version:

  • Manually bump the version in package.json (e.g. bump the patch version and add -pre1)
  • npm install to update the lockfile
./publish-prerelease.sh

This script:

  • Runs tests
  • Builds the package
  • Publishes to npm with the pre tag

To install the pre-release version:

npm install @prefab-cloud/prefab-cloud-react@pre

Keywords

feature-flags
config

FAQs

Package last updated on 02 Sep 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

The Hidden Blast Radius of the Axios Compromise

Security News

The Hidden Blast Radius of the Axios Compromise

The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.

By Ahmad Nassri  -  Apr 01, 2026