Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@xstate/inspect
Advanced tools
@xstate/inspect is a tool for visualizing, inspecting, and debugging XState state machines and statecharts. It provides a way to see the current state, events, and transitions of your state machines in real-time, which can be extremely helpful for development and debugging purposes.
Real-time Inspection
This feature allows you to inspect the state machine in real-time. By using the `inspect` function, you can open a new window or an iframe that shows the current state, events, and transitions of your state machine.
import { inspect } from '@xstate/inspect';
inspect({
iframe: false // open in new window
});
// Then, use the inspect service in your XState machine
import { createMachine, interpret } from 'xstate';
const toggleMachine = createMachine({
id: 'toggle',
initial: 'inactive',
states: {
inactive: { on: { TOGGLE: 'active' } },
active: { on: { TOGGLE: 'inactive' } }
}
});
const service = interpret(toggleMachine, { devTools: true }).start();
Event Logging
This feature logs events and state transitions to the console, which can be useful for debugging and understanding the flow of your state machine.
import { inspect } from '@xstate/inspect';
inspect({
iframe: false // open in new window
});
import { createMachine, interpret } from 'xstate';
const toggleMachine = createMachine({
id: 'toggle',
initial: 'inactive',
states: {
inactive: { on: { TOGGLE: 'active' } },
active: { on: { TOGGLE: 'inactive' } }
}
});
const service = interpret(toggleMachine, { devTools: true }).onTransition((state) => {
console.log(state.value);
}).start();
State Visualization
This feature provides a visual representation of your state machine, showing the current state, possible transitions, and events. This can be extremely helpful for understanding and debugging complex state machines.
import { inspect } from '@xstate/inspect';
inspect({
iframe: false // open in new window
});
import { createMachine, interpret } from 'xstate';
const toggleMachine = createMachine({
id: 'toggle',
initial: 'inactive',
states: {
inactive: { on: { TOGGLE: 'active' } },
active: { on: { TOGGLE: 'inactive' } }
}
});
const service = interpret(toggleMachine, { devTools: true }).start();
// The state visualization will be available in the new window or iframe
Redux DevTools is a set of tools to help with debugging Redux applications. It provides a way to inspect the state and actions of your Redux store in real-time, similar to how @xstate/inspect works for XState state machines. However, Redux DevTools is specifically designed for Redux and does not support XState state machines.
MobX DevTools is a set of tools for inspecting and debugging MobX applications. It provides real-time inspection of the state and actions in your MobX store, similar to @xstate/inspect for XState. However, it is specifically designed for MobX and does not support XState state machines.
Reactotron is a desktop app for inspecting and debugging React and React Native applications. It provides real-time inspection of state, actions, and network requests, similar to @xstate/inspect. However, it is more general-purpose and not specifically designed for XState state machines.
@xstate/inspect
Inspection tools for XState.
npm install @xstate/inspect
# or yarn add @xstate/inspect
import { inspect } from '@xstate/inspect';
inspect({
// options
// url: 'https://statecharts.io/inspect', // (default)
iframe: false // open in new window
});
{ devTools: true }
to any interpreted machines you want to visualize:import { interpret } from 'xstate';
import { inspect } from '@xstate/inspect';
// ...
const service = interpret(someMachine, { devTools: true });
// defaults
inspect({
iframe: () => document.querySelector('iframe[data-xstate]'),
url: 'https://statecharts.io/inspect'
});
// the above is the same as this:
inspect();
Arguments: the options
object passed to inspect(options)
with the following optional properties:
iframe
(function or iframe Element
or false
) - resolves to the iframe
element to display the inspector in. If this is set to iframe: false
, then a popup window will be used instead.
⚠️ Note: you might need to allow popups to display the inspector in a popup window, as they might be blocked by the browser by default.
By default, the inspector will look for an <iframe data-xstate>
element anywhere in the document. If you want to target a custom iframe, specify it eagerly or lazily:
// eager
inspect({
iframe: document.querySelector('iframe.some-xstate-iframe')
});
// lazy
inspect({
iframe: () => document.querySelector('iframe.some-xstate-iframe')
});
url
(string) - the URL of the inspector to connect to. By default, the inspector is running on http://statecharts.io/inspect
.
Returns: an inspector object with the following properties:
disconnect
(function) - a function that disconnects the inspector and cleans up any listeners.FAQs
XState inspection utilities
The npm package @xstate/inspect receives a total of 105,915 weekly downloads. As such, @xstate/inspect popularity was classified as popular.
We found that @xstate/inspect demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.