Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@webex/ts-events
Advanced tools
Readme
A library for subscribing to and emitting type-safe events using a familiar, javascript-style API:
myClass.on('eventName', (value: number) { ... });
// Error: handler signature is wrong
myClass.on('eventName', (value: boolean) { ... });
// Error: event name is wrong
myClass.on('eventNameWithATypo', (value: number) { ... });
There exist multiple typesafe event emitter libraries for typescript (we were previously using this one and also tried this one), so why is this library necessary?
When using existing solutions, we were unable to implement an event 'hierarchy': where a class inheritance chain could have each class defining appropriate events for their level. Some links to issues others have had around this can be found here, and here. Playgrounds with our own attempts to make the above libraries work can be found below:
An additional downside of the above libraries is that, since they involve inheriting from the EventEmitter
class, the emit
method was
exposed as part of the class' API; we'd like to be able to prevent outside entities from emitting a class' events.
When developing this library, we had the following requirements:
class.on('eventName', <handler>)
.The implementation of this library accomplishes the above requirements, but not without tradeoffs. A summary of what is required to use this library can be found below.
This library implements the behaviors described above via the use of a mixin and a helper type.
The mixin defines the event subscription APIs (on
, off
, once
, etc.) and is generic around a type defining the event names and their handler signatures. This is
what provides the type safety when calling the event subscription methods.
The helper type helps make sure the resulting type (after adding the mixin) is defined as a type not a value, such that it can be used just like a normal
class.
Given a class:
interface ParentEvents {
eventOne: TypedEvent<(value: number) => void>;
}
class _Parent {
protected eventOne = new TypedEvent<(value: number) => void>();
}
NOTE: The property names between the events definition (ParentEvents
) and the class (_Parent
) must match. I.e. it needs to be eventOne
in both places.
The type that should be exposed can be generated like so:
// Create and export the mixin type by adding the event subscription APIs
export const Parent = AddEvents<typeof _Parent, ParentEvents(_Parent);
// Export it as a type as well, to avoid "'Parent' refers to a value, but is being used as a type".
export const Parent = _Parent & WithEventsDummyType(ParentEvents);
This type (Parent
) is what should be exported and used by other code (not _Parent
).
U
in AddEvents via documentation, why not express them in the type system?This was attempted. We originally borrowed a type defined in the EventEmitter libraries above, like so:
type EventMap = {
[key: string]: (...args: any[]) => void
}
Which could enforce that the events type always had keys that were strings and values which were functions. But unfortunately this will allow undefined event names to be passed without an error. A playground illustrating this issue can be found here. This is something I'd love to improve, so would be happy to learn of a solution here.
yarn
to install dependencies.yarn prepare
to prepare dependencies.yarn watch
to build and watch for updates.yarn test
to build, run tests, lint, and run test coverage.FAQs
A library for subscribing to and emitting type-safe events using a familiar, javascript-style API:
The npm package @webex/ts-events receives a total of 644 weekly downloads. As such, @webex/ts-events popularity was classified as not popular.
We found that @webex/ts-events demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.