Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
aurelia-cycle
Advanced tools
An Aurelia plugin that allows you to manage Aurelia's View-Bindings functionally, converting them into RxJS observables, consumable as Cycle.js drivers.
Cycle.js' architecture is arguably better (and definitely more flexible) than the traditional MVC, or even the more recent Flux or Redux programming patterns. It's functional style can be a little overwhelming at first, but thanks to sites like http://rxmarbles.com its concepts are much easier to grasp.
If you're new to Observables or Cycle.js, I'd recommend watching the fantastic talk by Cycle.js' creator, André Staltz:
Cycle.js is more of an architecture style, a paradigm, a design concept, than a full-blown web-framework like Aurelia, Angular2 or even React. It's a way of dealing with data coming in and out, in a cycle, and it needs to drive a set of drivers to be useful.
This is one such driver that enables it to drive Aurelia's View-Bindings. Cycle.js has it's own effort to drive the DOM with the use of its DOM Driver, however it is still in an earlier development phase than Aurelia and many issues have yet to be worked out. Aurelia on the other hand is already awesome at driving the DOM, so my thinking was - why not have the best of both worlds?
This way, Aurelia acts as an abstraction layer for the DOM, and all you need to worry about is the pure data that goes in and out.
The added benefit of Aurelia's binding system is that you don't have to go all-pure-and-functional at once - you can mix-and-match, driving only some components using aurelia-cycle
, while leaving others to be dealt with by Aurelia.
rxjs
via jspm
with following commandjspm install aurelia-cycle rxjs
configure
function in the main.js
file of your src
folder export function configure(aurelia) {
aurelia.use
.standardConfiguration()
.developmentLogging();
+ aurelia.use.plugin('aurelia-cycle');
aurelia.start().then(a => a.setRoot());
}
aurelia-cycle
should be visible automatically. However you will need to install rxjs
to npm to get intellisense for Rx and Observables:npm install rxjs --save-dev
The plugin enables you to use Aurelia's View-Bindings as Cycle.js drivers.
To make bindings visible to the driver you need to apply the cycle
Binding Behavior to them as shown below:
<template>
<h2>${count & cycle}</h2>
<button click.delegate="increment() & cycle">+</button>
<button click.delegate="decrement() & cycle">-</button>
</template>
This will make Aurelia bypass the default View <-> ViewModel binding and feed the data in and out of the Rx Observables available as sources in the cycle(sources)
method.
By defining the cycle(sources)
method on a given ViewModel, the plugin will use it to run Cycle.js on it.
By default, one driver is created for you with the name YourClassNameView, but you may manually define the drivers by adding a cycleDrivers
property to your ViewModel.
import {Observable} from 'rxjs/Rx'
import {makeAureliaDriver, ViewSource} from 'aurelia-cycle'
export class Counter {
// commented out, as this is done automatically by default:
// cycleDrivers = { CounterView: makeAureliaDriver(this) }
cycle({ CounterView }) {
const action$ = Observable.merge(
CounterView.actions('increment').map(ev => 1),
CounterView.actions('decrement').map(ev => -1)
)
const count$ = action$
.startWith(0)
.scan((total, change) => total + change)
const sinks = {
CounterView: count$.map((count) => ({
count: count
}))
}
return sinks
}
}
A ViewSource (CounterView
in the above example) exposes two methods (similarly to Cycle.js DOM driver's select(...)
and events(...)
):
values(bindingName)
: returns an Observable with all the changes made to the value of the selected two-way binding
actions(functionName)
: returns an Observable of all the calls made to the function of the selected name
The values of the Observable returned by actions(functionName)
is an object that contains two properties:
{
event, // this is the Event that caused the function to be invoked
arguments // an Array of arguments passed to the function from the View
}
The ViewSink (in the return value of cycle()
) should be an Observable of an object, which properties match the bindings names of the View.
The cycle(sources)
method is run immediately after bind()
.
For more examples, see the example repository.
Since this is still an early alpha, there are two things that need to be dealt with before this should be used in production:
repeat
strategy for displaying your data, their Views might get recreated every time new data is fed into the sink.This library isn't used by Aurelia. It is an optional plugin.
This library can be used in the browser as well as on the server.
To build the code, follow these steps.
npm install
npm install -g gulp
gulp build
You will find the compiled code in the dist
folder, available in three module formats: AMD, CommonJS and ES6.
See gulpfile.js
for other tasks related to generating the docs and linting.
To run the unit tests, first ensure that you have followed the steps above in order to install all dependencies and successfully build the library. Once you have done that, proceed with these additional steps:
npm install -g karma-cli
npm install -g jspm
jspm install
karma start
FAQs
An Aurelia plugin that enables the use of Cycle.js inside of Aurelia.
The npm package aurelia-cycle receives a total of 2 weekly downloads. As such, aurelia-cycle popularity was classified as not popular.
We found that aurelia-cycle demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.