Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@reactive-js/observable
Advanced tools
Reactive-Js's core reactive programming API.
Reactive-Js unifies reactive and interactive programming into a single API, defined by two core interfaces: ObservableLike and EnumerableLike. In addition, basic utilities for safely creating, transforming, and using ObservableLike
and EnumerableLike
streams are provided.
ObservableLike
streams are always asynchronous. Subscribing only sets up subscription, but does not synchronously produce values (doing so is a programming error). Instead scheduling is deeply integrated into the SubscriberLike
type. During subscription setup, ObservableLike
sources schedule work to be done in the future, such as iterating through an iterable source. This enables tight integrationg with platform specific scheduling implementations such as React's internal scheduler.
While reactive-js does not provide an API to directly apply backpressure to an ObservableLike
source, the library does provided several primitives that can be used to achieve the effect.
CPU bound backpressure can be achieved via the @reactive-js/scheduler SchedulerLike
interface's support for cooperative multi-tasking. Specifically, ObservableLike
sources must honor a SchedulerLike
's shouldYield
requests, yielding control back to the scheduler, and returning a SchedulerContinuationLike
if additional work is to be completed.
A second approach is provided by the @reactive-js/async-enumerable package, which defines a push/pull interface for iterating through asynchronous producers.
npm install @reactive-js/observable
yarn add @reactive-js/observable
import { subscribe } from "@reactive-js/observable";
import { pipe } from "@reactive-js/pipe";
const observableSource;
const platformScheduler;
// Setup a subscription to the observableSource using the platform scheduler
const subscription = pipe(observableSource, subscribe(platformScheduler));
// ...later in the future
// Dispose the observable subscription
subscription.dispose();
API documentation is available here.
FAQs
Reactive-Js's core reactive programming API.
The npm package @reactive-js/observable receives a total of 4 weekly downloads. As such, @reactive-js/observable popularity was classified as not popular.
We found that @reactive-js/observable demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.