Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
browser-redux-sync
Advanced tools
Support redux-persist 3.x only
Add syncing to your redux browser (Chrome and Firefox) extension or app.
It listens to the chrome.storage
for redux-persist events. When an event occurs it will dispatch a rehydrate action.
If chrome.storage
is not defined (for Safari and old versions of Firefox), it includes redux-persist-crosstab to use localStorage
.
import { createStore, compose } from 'redux'
import { persistStore, autoRehydrate } from 'redux-persist'
import { configureSync, sync } from 'browser-redux-sync'
const finalCreateStore = compose(autoRehydrate())(createStore)
const store = finalCreateStore(reducer)
const persistor = persistStore(store, configureSync())
sync(persistor)
To blacklist some portion of state, for example if you want to avoid syncing route state:
sync(persistor, {blacklist: ['routeReducerKey']})
See browser-redux for a boilerplate and more details.
Redux Persist does a shallow merge of state during rehydration. This means that if state changes on two tabs simulataneously, it is possible that legitimate state will be lost in the merge. In most cases this will not be an issue. One scenario where this could happen is if both tabs are listening on a socket and they both receive a message at the same time. If you have this type of set up you will either need to blacklist the relevant reducers or implement a custom rehydration handler that takes into account the nuances of this situation.
FAQs
Keep redux states in sync for browser extensions and apps.
The npm package browser-redux-sync receives a total of 7 weekly downloads. As such, browser-redux-sync popularity was classified as not popular.
We found that browser-redux-sync demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.