Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
A Flux dispatcher for applications that run on the server and the client.
For a more detailed example, see our example application.
var Dispatchr = require('dispatchr')(),
ExampleStore = require('./example-store.js'),
context = {};
Dispatchr.registerStore(ExampleStore);
var dispatcher = new Dispatchr(context);
dispatcher.dispatch('NAVIGATE', {});
// Action has been handled fully
Dispatchr's main goal is to facilitate server-side rendering of Flux applications while also working on the client-side to encourage code reuse. In order to isolate stores between requests on the server-side, we have opted to instantiate the dispatcher and stores classes per request.
In addition, action registration is done by stores as a unit rather than individual callbacks. This allows us to lazily instantiate stores as the events that they handle are dispatched. Since instantiation of stores is handled by the dispatcher, we can keep track of the stores that were used during a request and dehydrate their state to the client when the server has completed its execution.
Lastly, we are able to enforce the Flux flow by restricting access to the dispatcher from stores. Instead of stores directly requiring a singleton dispatcher, we pass a dispatcher interface to the constructor of the stores to provide access to only the functions that should be available to it: waitFor
and getStore
. This prevents the stores from dispatching an entirely new action, which should only be done by action creators to enforce the unidirectional flow that is Flux.
A static method to register stores to the Dispatcher class making them available to handle actions and be accessible through getStore
on Dispatchr instances.
Creates a new Dispatcher instance with the following parameters:
context
: A context object that will be made available to all stores. Useful for request or session level settings.Dispatches an action, in turn calling all stores that have registered to handle this action.
actionName
: The name of the action to handle (should map to store action handlers)payload
: An object containing action information.Retrieve a store instance by name. Allows access to stores from components or stores from other stores.
Waits for another store's handler to finish before calling the callback. This is useful from within stores if they need to wait for other stores to finish first.
stores
: A string or array of strings of store names to wait forcallback
: Called after all stores have fully handled the actionReturns a serializable object containing the state of the Dispatchr instance as well as all stores that have been used since instantiation. This is useful for serializing the state of the application to send it to the client.
Takes an object representing the state of the Dispatchr instance (usually retrieved from dehydrate) to rehydrate the instance as well as the store instance state.
We have provided utilities for creating stores in a couple of forms:
require('dispatchr/utils/createStore')
returns a React.createClass
-like function for creating stores.require('dispatchr/utils/BaseStore')
returns an extendable class.You are not required to use these if you want to keep your stores completely decoupled from the dispatcher. Dispatchr expects that your stores use the following interface:
The store should have a constructor function that will be used to instantiate your store using new Store(dispatcherInterface)
where the parameters are as follows:
dispatcherInterface
: An object providing access to dispatcher's waitFor and getStore functionsdispatcherInterface.getContext()
: Retrieve the context object that was passeddispatcherInterface.getStore(store)
dispatcherInterface.waitFor(store[], callback)
The constructor is also where the initial state of the store should be initialized.
function ExampleStore(dispatcher) {
this.dispatcher = dispatcher;
if (this.initialize) {
this.initialize();
}
}
It is also recommended to extend an event emitter so that your store can emit change
events to the components.
util.inherits(ExampleStore, EventEmitter);
The store should define a static property that gives the name of the store. This is used for accessing stores from the dispatcher via dispatcher.getStore(name)
.
ExampleStore.storeName = 'ExampleStore';
The store should define a static property that maps action names to handler functions or method names. These functions will be called in the event that an action has been dispatched by the Dispatchr instance.
ExampleStore.handlers = {
'NAVIGATE': 'handleNavigate'
};
The handler function will be passed one parameter:
payload
: An object containing action information.ExampleStore.prototype.handleNavigate = function (payload) {
this.navigating = true;
this.emit('change'); // Component may be listening for changes to state
};
If you prefer to define private methods for handling actions, you can use a static function instead of a method name. This function will be bound to the store instance when it is called:
ExampleStore.handlers = {
'NAVIGATE': function handleNavigate(payload) {
// bound to store instance
this.navigating = true;
this.emit('change');
}
};
The store should define this function to dehydrate the store if it will be shared between server and client. It should return a serializable data object that will be passed to the client.
ExampleStore.prototype.dehydrate = function () {
return {
navigating: this.navigating
};
};
The store should define this function to rehydrate the store if it will be shared between server and client. It should restore the store to the original state using the passed state
.
ExampleStore.prototype.rehydrate = function (state) {
this.navigating = state.navigating;
};
This software is free to use under the Yahoo! Inc. BSD license. See the LICENSE file for license text and copyright information.
FAQs
A Flux dispatcher for applications that run on the server and the client.
The npm package dispatchr receives a total of 1,056 weekly downloads. As such, dispatchr popularity was classified as popular.
We found that dispatchr demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.