Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@sidiousvic/phantom
Advanced tools
npm i @sidiousvic/phantom
phantom
lets you build state—reactive UIs using raw HTML in functional components.export default function Pizza(slices) {
return `
<div id="pizza-box">
<h1 data-phantom="${slices}" id="slices-h1">${slices}</h1>
</div>
`;
}
phantom
swaps DOM nodes for you.phantom
will couple with Redux to subscribe DOM rendering to state updates.
npm i redux
import { createStore } from "redux";
const data = {
slices: ["🍕", "🍕", "🍕"],
};
function reducer(state = data, action) {
switch (action.type) {
case "EAT_SLICE":
// remove a slice from array
return { ...state, slices: state.slices.slice(0, -1) };
default:
return state;
}
}
const store = createStore(reducer);
export default reduxStore;
phantom
componentphantom
components are functions that return HTML template strings. This allows you to inject dynamic data (including other components) via template literals ${}
.
We leet-html
extension for VSCode is recommended for HTML template highlighting.
function phantomComponent() {
return `
${Pizza()} // inject the Pizza component from above
`;
}
phantom.launch()
Start the phantom
engine with the reduxStore
and a phantomElement
.
import phantom from "@sidiousvic/phantom";
import reduxStore from "./reduxStore.js";
import Pizza from "./ui/Pizza.js";
export const { fire, data, launch } = phantom(reduxStore, phantomComponent);
launch(); // initial render
phantom
will expose three key methods: fire
, data
, and launch
.
fire
and data
are only syntactic pointers to the reduxStore
's dispatch
and getState
methods respectively. You are welcome to avoid them and call the store directly for action dispatching and state getting.
launch
will perform the initial DOM render on call.
data()
to read state from the Redux store.function phantomComponent() {
const { slices } = data();
return `
${Pizza(slices)}
`;
}
export default function Pizza(slices) {
return `
<div id="pizza-box">
<h1 data-phantom="${slices}" id="slices-h1">${slices}</h1>
</div>
`;
}
⚠️ Always bind stateful elements with the data-phantom attribute. |
---|
⚠️ Specify an id attribute for all elements. |
---|
fire()
to fire an action and trigger a state update + re—render.document.addEventListener("click", eatPizza);
function eatPizza(e) {
if (e.target.id === "slices-h1") {
fire({ type: "EAT_PIZZA" }); // fire an action to the store
}
}
phantom
?phantom
is the bike you need.With phantom
, you can write markup in a declarative way ala JSX using raw HTML strings, and inject dynamic data using template literals—staying fully JS native.
phantom
lets you divide your UI into components, abstracting markup into composable functions.
The phantom
engine integrates with your Redux store and subscribes to state updates. It swaps nodes when their data changes.
phantom
only helps with DOM rendering. Listeners, effects, style manipulation, routing—the fun stuff—is still in your hands. 🙌🏼
No JSX, no complex API, no syntactic hyperglycemia.
phantom
is for JavaScript devs.○∆* unpacked size of ReactDOM is 3MB. Vue is 2.98MB. Phantom is < 40 kB.
○ phantom
users may be the hipsterest of them all.
∆ Angular? What is Angular?
phantom
use a virtual DOM?When a component's data changes, phantom
will re—render that node in the DOM by diffing its internal PseudoDOM, an object representation of the DOM.
data-phantom
attribute in stateful elements?In order for your element to be reactive to data changes, phantom
needs to know which nodes are bound to the updated data. Specifying a data-phantom="${yourData}"
attribute is a simple way to do that.
id
attribute in stateful elements?Two reasons, one philosophical, one technical:
Once you get into the habit, specifying id
s results in remarkably declarative markup. It encourages you to think about each element's specific function in the UI and also helps to identify it visually.
id
is one of the mechanisms that the phantom
engine uses to detect which nodes to update.
phantom
is written in TypeScript and bundled using Webpack.
npm i
npm run build
generates a static build in dist/
.
npm run test
runs the tests located in __tests__/
.
npm run example/[example name]
runs an example app from examples/
via webpack-dev-server
.
There are several examples you can run, each furnished with their own devServer
configuration.
Use npm run example/[example name]
and navigate to the url that appears in your terminal.
FAQs
A state—reactive DOM rendering engine for building UIs. 👻
The npm package @sidiousvic/phantom receives a total of 21 weekly downloads. As such, @sidiousvic/phantom popularity was classified as not popular.
We found that @sidiousvic/phantom demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.