Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
boundless-async
Advanced tools
A higher-order component for rendering data that isn't ready yet.
There are plenty of situations where you need to fetch content to be displayed, but want to show some sort of loading graphic in the interim. This component helps to simplify that pattern by handling common types of promises and providing a simple mechanism for materializing the fulfilled payload into JSX.
npm i boundless-async --save
Then use it like:
import Async from 'boundless-async';
Async can also just be directly used from the main Boundless library. This is recommended when you're getting started to avoid maintaining the package versions of several components:
npm i boundless --save
the ES6 import
statement then becomes like:
import { Async } from 'boundless';
Note: only top-level props are in the README, for the full list check out the website.
children
· a promise, function that returns a promise, or other type of renderable content; if a function is passed, it will
be called with the current props
Promise example:
const listDataPromise = fetch('/some/list/data/endpoint').then(
(response) => response.ok ? response.json() : 'Failed to receive list data',
(error) => error.message,
).then((payload) => {
if (typeof payload === 'string') {
return (<div className='error'>{payload}</div>);
}
return (
<ul>
{payload.map((item) => (<li key={item.id}>{item.content}</li>))}
</ul>
);
});
<Async>{listDataPromise}</Async>
Function example, reading in [data-endpoint]
as the window.fetch()
target:
const fetchListData = (props) => fetch(props['data-endpoint']).then(
(response) => response.ok ? response.json() : 'Failed to receive list data',
(error) => error.message,
).then((payload) => {
if (typeof payload === 'string') {
return (<div className='error'>{payload}</div>);
}
return (
<ul>
{payload.map((item) => (<li key={item.id}>{item.content}</li>))}
</ul>
);
});
<Async data-endpoint='/some/list/data/endpoint'>{fetchListData}</Async>
Expects | Default Value |
---|---|
function or any renderable or Promise | <div /> |
*
· any React-supported attribute
Expects | Default Value |
---|---|
any | n/a |
childrenDidRender
· a callback for when real content has been rendered; this will be called immediately if normal JSX is passed to Async, or, in the case of a promise, upon resolution or rejection
Expects | Default Value |
---|---|
function | () => {} |
pendingContent
· content to be shown while the promise is in "pending" state (like a loading graphic, perhaps)
Expects | Default Value |
---|---|
any renderable | <div /> |
You can see what variables are available to override in variables.styl.
// Redefine any variables as desired, e.g:
color-accent = royalblue
// Bring in the component styles; they will be autoconfigured based on the above
@require "node_modules/boundless-async/style"
If desired, a precompiled plain CSS stylesheet is available for customization at /build/style.css
, based on Boundless's default variables.
FAQs
A higher-order component for rendering data that isn't ready yet.
We found that boundless-async demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.