
Product
Secure Your AI-Generated Code with Socket MCP
Socket MCP brings real-time security checks to AI-generated code, helping developers catch risky dependencies before they enter the codebase.
background-only
Advanced tools
This is a marker package to indicate that a module can only be used in the Background Thread.
This is a marker package to indicate that a module can only be used in the Background thread.
Say we have a Logger
module that has side effects calling into Native Modules or other APIs that are only available in the "Background" environment:
// Logger.js
import "background-only";
export function log(msg) {
// Notice how we are calling into NativeModules here.
NativeModules.hybridMonitor.reportJSError(...);
}
By adding import "background-only"
to poison this module, we are now declaring that this module is only safe to be bundled in a "Background" environment, protecting this module from being accidentally bundled into a "Main thread" environment by throwing an error at runtime.
For example, if we use log
in a desirable position from a React component, such as in useEffect
or an event handler, the log
will work as expected:
// App.jsx
import { log } from "./Logger";
function App() {
useEffect() {
log();
}
return <view />
}
However, if we use log
in a undesirable position from a React component, such as in the body of the rendering function, it will throw an error at runtime time:
// App.jsx
import { log } from "./Logger";
function App() {
// throw!
log();
return <view />
}
This is inspired by the server-only
package of React.
FAQs
This is a marker package to indicate that a module can only be used in the Background Thread.
The npm package background-only receives a total of 2,805 weekly downloads. As such, background-only popularity was classified as popular.
We found that background-only demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Product
Socket MCP brings real-time security checks to AI-generated code, helping developers catch risky dependencies before they enter the codebase.
Security News
As vulnerability data bottlenecks grow, the federal government is formally investigating NIST’s handling of the National Vulnerability Database.
Research
Security News
Socket’s Threat Research Team has uncovered 60 npm packages using post-install scripts to silently exfiltrate hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint.