Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
class-autobind-decorator
Advanced tools
A small framework-agnostic utility for auto-binding "class" methods to instances (with customization options) using either "legacy" decorator syntax or plain old ES5 (without needing ES2015+ polyfills).
A small, customizable, framework-agnostic, ES5-compatible class-level
decorator for automatically binding "class" methods -- i.e., methods on
a constructor's prototype
object -- to instances, so that this
refers to the relevant instance within those methods.
@autoBindMethods
)
or as a configured decorator (@autoBindMethods(options)
)npm install --save class-autobind-decorator
Note that this is currently only usable as a "class"-level (or, in ES5
terms, a constructor-function-level) decorator. It can't currently be
used on individual methods. However, the decorator accepts an options
object that can define an array of methods not to bind (using the method
names or Symbol keys; see the use of methodsToIgnore
in the examples
below, as well as the test cases in the tests).
ES6-style as a "legacy" class decorator, without options:
import autoBindMethods from 'class-autobind-decorator';
@autoBindMethods // You could also use `@autoBindMethods()` if you want.
class Foo {
someMethod() {
return this instanceof Foo;
}
}
const smReference = new Foo().someMethod;
console.log(smReference()); // => `true`
ES6-style as a "legacy" class decorator, with options:
import autoBindMethods from 'class-autobind-decorator';
@autoBindMethods({ methodsToIgnore: ['unboundMethod', 'render'] })
class MyComponent extends React.Component {
someComponentMethod() {
// Do something with `this` here. If the React `onClick`
// handler below is triggered, `this` will be bound to the
// component instance.
}
unboundMethod() {
// `this` will not be auto-bound in this method, given the
// options passed in to the decorator.
}
// This method will not be bound by `autoBindMethods` either (it
// doesn't need to be).
render() {
return (
<button onClick={this.someComponentMethod} />
);
}
}
ES5-style, without options:
var autoBindMethods = require('class-autobind-decorator').default;
var Foo = (function () {
function Foo () {}
Foo.prototype.someMethod = function () {
return this instanceof Foo;
};
return Foo;
}());
autoBindMethods(Foo);
var smReference = new Foo().someMethod;
console.log(smReference()); // => `true`
ES5-style, with options:
var autoBindMethods = require('class-autobind-decorator').default;
var customAutoBinder = autoBindMethods({
methodsToIgnore: ['secondMethod']
});
var Foo = (function () {
function Foo () {}
Foo.prototype.firstMethod = function () {
return this instanceof Foo;
};
Foo.prototype.secondMethod = function () {
return this instanceof Foo;
};
return Foo;
}());
customAutoBinder(Foo);
var fooInstance = new Foo();
var fmReference = fooInstance.firstMethod;
var smReference = fooInstance.secondMethod;
console.log(fmReference()); // => `true`
console.log(smReference()); // => `false`, due to passed in options
methodsToIgnore: An array of method names that should not be bound if found on the prototype. See the above examples for usage.
dontOptimize: The default behavior of this decorator is to only bind methods to instances once,
and, from that point onward, to store the bound method on the instance itself. You can override
this behavior by setting dontOptimize
to true. If you do that, the method will be re-bound to the
instance on every access; a bound version of the method will not be stored on the instance itself
(so, a use case for this might be if you need the instance not to be modified at all).
Clone the repository, run npm install
, then, in the main (top-level) repo
directory:
npm run build
Compiled code will be placed in the ./build
directory. You can also
download compiled code directly from this repository.
Clone the repository and go to the main (top-level) repo directory. Be
sure to run npm install
first, and then:
npm run test
Tests are specified in the ./tests
directory, and use mocha
and
chai
. Running the tests also requires a few extra babel
dependencies
specified in package.json
.
Well, I'm not currently aware of another project that has all of the features mentioned in the "Features" section, above (the ones I am aware of either hard-code React-specific stuff, or don't check whether properties are configurable before trying to redefine them, or inadvertently bind to non-instance objects when methods are accessed first via the prototype, or can't be used as both "bare" (unconfigured) decorators and configured decorators, or don't have TypeScript declarations, and things like that -- no hate, though!). I also just wanted an opportunity to work more directly with decorators, so I used it as a learning experience. :)
v2.2.0 (12/17/2016)
FAQs
A small framework-agnostic utility for auto-binding "class" methods to instances (with customization options) using either "legacy" decorator syntax or plain old ES5 (without needing ES2015+ polyfills).
The npm package class-autobind-decorator receives a total of 1,735 weekly downloads. As such, class-autobind-decorator popularity was classified as popular.
We found that class-autobind-decorator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.