Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
@visisoft/staticland
Advanced tools
StaticLand functions for Algebraic Data Types based on native JavaScript types
Operations on Algebraic Data Types (ADT) (Either, Maybe, Promise) realised with free static functions. The static functions do not expect custom-made ADTs but work on the native JavaScript types as Array
and Promise
. Using these native types means that @visisoft/staticland practically gives up on type inspection and leaves that to the calling code. This is in line with the characteristics of JavaScript.
npm install @visisoft/staticland
Greeting with a 0.5 sec 2-way delay.
import {map as map_p, mapRej as mapRej_p, chain as chain_p} from '@visisoft/staticland/promise';
import {fromThrowable} from '@visisoft/staticland/either';
import {fromNilable, getOrElse} from '@visisoft/staticland/maybe';
import {curry, pipe} from 'ramda'; // or pipe from 'crocks' or any other composition function
const
// :: String -> {k: String} -> Maybe String
getProperty = R.curry((property, object) => fromNilable(object[property])),
// :: a -> Promise any a
delay = x => new Promise(resolve => setTimeout(resolve, 500, x)),
// :: any -> Either Error String
safeGreet = fromThrowable(x => "Hello " + x.toString() + "!"),
// :: any -> Promise (Maybe String) String
getAnswer = R.pipe(
delay, // Promise any any
map_p(safeGreet), // Promise any (Either Error String)
chain_p(delay), // Promise any (Either Error String)
chain_p(eitherToPromise), // Promise (any|Error) String
mapRej_p(getProperty('message')) // Promise (Maybe String) String
);
getAnswer("Earth")
.then(console.log, me => console.warn(getOrElse("unknown error", me)));
// -> "Hello Earth!"
getAnswer(null)
.then(console.log, me => console.warn(getOrElse("unknown error", me)));
// -> "Cannot read property 'toString' of null"
Support programming in functional pipelines by exposing a familiar set of operations on asynchronous, optional and faulty data.
Most functions comply with Static-Land`s algebraic laws. Where this is not possible (e.g. nesting of resolved Promises) a few reasonable paradigms have to be followed when using this library.
At the expense of complete algebraic lawfulness the data wrapping remains transparent and light-weight.
The functions are designed to support the usual functional programming style in JavaScript as it is the design philosophy for many libraries for example Ramda's:
Ramda-Fantasy is very well documented, but sadly no longer maintained. Crocks is an exemplary implementation of common data types.
As FP utility library Ramda is used. The patch fork semmel-ramda will be replaced with Ramda when it gets published as proper dual-mode or hybrid module.
FAQs
StaticLand functions for Algebraic Data Types based on native JavaScript types
The npm package @visisoft/staticland receives a total of 4 weekly downloads. As such, @visisoft/staticland popularity was classified as not popular.
We found that @visisoft/staticland demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.