Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
alien-signals
Advanced tools
Project Status: Preview
The goal of alien-signals
is to create a push-pull model based signal library with the lowest overhead.
We have set the following scheduling logic constraints:
Experimental results have shown that with these constraints, it is possible to achieve excellent performance for a Signal library without using sophisticated scheduling strategies. The overall performance of alien-signals
is approximately 400% that of Vue 3.4's reactivity system.
For more detailed performance comparisons, please visit: https://github.com/transitive-bullshit/js-reactivity-benchmark
To achieve high-performance code generation in https://github.com/vuejs/language-tools, I needed to write some on-demand computed logic using Signals, but I couldn't find a low-cost Signal library that satisfied me.
In the past, I accumulated some knowledge of reactivity systems in https://github.com/vuejs/core/pull/5912, so I attempted to develop alien-signals
with the goal of creating a Signal library with minimal memory usage and excellent performance.
Since Vue 3.5 switched to a Pull reactivity system in https://github.com/vuejs/core/pull/10397, I continued to research the Push-Pull reactivity system here. It is worth mentioning that I was inspired by the doubly-linked concept, but alien-signals
does not use a similar implementation.
Used in Vue language tools (https://github.com/vuejs/language-tools) for virtual code generation.
The core reactivity system code was ported to Vue 3.6 and later. (https://github.com/vuejs/core/pull/12349)
import { signal, computed, effect } from 'alien-signals';
const count = signal(1);
const doubleCount = computed(() => count.get() * 2);
effect(() => {
console.log(`Count is: ${count.get()}`);
}); // Console: Count is: 1
console.log(doubleCount.get()); // 2
count.set(2); // Console: Count is: 2
console.log(doubleCount.get()); // 4
import { signal, effectScope } from 'alien-signals';
const count = signal(1);
const scope = effectScope();
scope.run(() => {
effect(() => {
console.log(`Count in scope: ${count.get()}`);
}); // Console: Count in scope: 1
count.set(2); // Console: Count in scope: 2
});
scope.stop();
count.set(3); // No console output
propagate
and checkDirty
functionsIn order to eliminate recursive calls and improve performance, we record the last link node of the previous loop in propagate
and checkDirty
functions, and implement the rollback logic to return to this node.
This results in code that is difficult to understand, and you don't necessarily get the same performance improvements in other languages, so we record the original implementation without eliminating recursive calls here for reference.
propagate
export function propagate(link: Link, targetFlag: SubscriberFlags = SubscriberFlags.Dirty): void {
do {
const sub = link.sub;
const subFlags = sub.flags;
if (!(subFlags & SubscriberFlags.Tracking)) {
let canPropagate = !(subFlags >> 2);
if (!canPropagate && subFlags & SubscriberFlags.CanPropagate) {
sub.flags &= ~SubscriberFlags.CanPropagate;
canPropagate = true;
}
if (canPropagate) {
sub.flags |= targetFlag;
const subSubs = (sub as Dependency).subs;
if (subSubs !== undefined) {
propagate(subSubs, 'notify' in sub
? SubscriberFlags.RunInnerEffects
: SubscriberFlags.ToCheckDirty);
} else if ('notify' in sub) {
if (queuedEffectsTail !== undefined) {
queuedEffectsTail.nextNotify = sub;
} else {
queuedEffects = sub;
}
queuedEffectsTail = sub;
}
} else if (!(sub.flags & targetFlag)) {
sub.flags |= targetFlag;
}
} else if (isValidLink(link, sub)) {
if (!(subFlags >> 2)) {
sub.flags |= targetFlag | SubscriberFlags.CanPropagate;
const subSubs = (sub as Dependency).subs;
if (subSubs !== undefined) {
propagate(subSubs, 'notify' in sub
? SubscriberFlags.RunInnerEffects
: SubscriberFlags.ToCheckDirty);
}
} else if (!(sub.flags & targetFlag)) {
sub.flags |= targetFlag;
}
}
link = link.nextSub!;
} while (link !== undefined);
if (targetFlag === SubscriberFlags.Dirty && !batchDepth) {
drainQueuedEffects();
}
}
checkDirty
export function checkDirty(link: Link): boolean {
do {
const dep = link.dep;
if ('update' in dep) {
if (dep.version !== link.version) {
return true;
}
const depFlags = dep.flags;
if (depFlags & SubscriberFlags.Dirty) {
if (dep.update()) {
return true;
}
} else if (depFlags & SubscriberFlags.ToCheckDirty) {
if (checkDirty(dep.deps!)) {
if (dep.update()) {
return true;
}
} else {
dep.flags &= ~SubscriberFlags.ToCheckDirty;
}
}
}
link = link.nextDep!;
} while (link !== undefined);
return false;
}
Version | Savings |
---|---|
0.3 | Satisfy all 4 constraints |
0.2 | Correctly schedule computed side effects |
0.1 | Correctly schedule inner effect callbacks |
0.0 | Add APIs: signal() , computed() , effect() , effectScope() , startBatch() , endBatch() |
FAQs
The lightest signal library.
The npm package alien-signals receives a total of 450,528 weekly downloads. As such, alien-signals popularity was classified as popular.
We found that alien-signals demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.