Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@solid-primitives/props
Advanced tools
Library of primitives focused around component props.
combineProps
- Reactively merges multiple props objects together while smartly combining some of Solid's JSX/DOM attributes.filterProps
- Create a new props object with only the property names that match the predicate.npm install @solid-primitives/props
# or
yarn add @solid-primitives/props
# or
pnpm add @solid-primitives/props
combineProps
A helper that reactively merges multiple props objects together while smartly combining some of Solid's JSX/HTML attributes.
Event handlers (onClick, onclick, onMouseMove, onSomething), and refs (props.ref) are chained.
class
, className
, classList
and style
are combined.
For all other props, the last prop object overrides all previous ones. Similarly to Solid's mergeProps.
import { combineProps } from "@solid-primitives/props";
const MyButton: Component<ButtonProps> = props => {
// primitives of a lot of headless ui libraries will provide props to spread
const { buttonProps } = createButton();
// they can be combined with user's props easily
const combined = combineProps(props, buttonProps);
return <button {...combined} />;
};
// component consumer can provide button props
// they will be combined with those provided by createButton() primitive
<MyButton style={{ margin: "24px" }} />;
Every function/tuple property with on___
name get's chained. That could potentially include properties that are not actually event-listeners – such as only
or once
. Hence you should remove them from the props (with splitProps).
Chained functions will always return void
. If you want to get the returned value from a callback, you have to split those props and handle them yourself.
Warning: The types for event-listeners often won't correctly represent the values. Chaining is meant only for DOM Events spreading to an element.
const combined = combineProps(
{
onClick: e => {},
onclick: e => {},
},
{
onClick: [(n, e) => {}, 123],
},
);
// combined.onClick() will call all 3 of the functions above
The default order of execution is left-to-right. If you want to change it, you can use an options object as the last argument: (reverseEventHandlers: true
)
const combined = combineProps(
// props need to be passed in an array
[{ onClick: () => console.log("parent") }, { onClick: () => console.log("child") }],
{
reverseEventHandlers: true,
},
);
combined.onClick(); // "child" "parent"
combineProps
works, see the TESTSA couple of lower-lever helpers that power combineProps
:
stringStyleToObject
const styles = stringStyleToObject("margin: 24px; border: 1px solid #121212");
styles; // { margin: "24px", border: "1px solid #121212" }
combineStyle
const styles = combineStyle("margin: 24px; border: 1px solid #121212", {
margin: "2rem",
padding: "16px",
});
styles; // { margin: "2rem", border: "1px solid #121212", padding: "16px" }
https://codesandbox.io/s/combineprops-demo-ytw247?file=/index.tsx
filterProps
A helper that creates a new props object with only the property names that match the predicate.
An alternative primitive to Solid's splitProps that will split the props eagerly, without letting you change the omitted keys afterwards.
The predicate
is run for every property read lazily — any signal accessed within the predicate
will be tracked, and predicate
re-executed if changed.
Params:
props
— The props object to filter.predicate
— A function that returns true
if the property should be included in the filtered object.Returns A new props object with only the properties that match the predicate.
import { filterProps } from "@solid-primitives/props";
const MyComponent = props => {
const dataProps = filterProps(props, key => key.startsWith("data-"));
return <div {...dataProps} />;
};
createPropsPredicate
Creates a predicate function that can be used to filter props by the prop name dynamically.
The provided predicate
function get's wrapped with a cache layer to prevent unnecessary re-evaluation. If one property is requested multiple times, the predicate
will only be evaluated once.
The cache is only cleared when the keys of the props object change. (when spreading props from a singal) This also means that any signal accessed within the predicate
won't be tracked.
import { filterProps, createPropsPredicate } from "@solid-primitives/props";
const MyComponent = props => {
const predicate = createPropsPredicate(props, key => key.startsWith("data-"));
const dataProps = filterProps(props, predicate);
return <div {...dataProps} />;
};
See CHANGELOG.md
FAQs
Library of primitives focused around component props.
We found that @solid-primitives/props demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.