
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
DISS is simple and convinient dependency injector for node.js. It usees similar pattern to AngularJS
dependency injector.
To use DISS you should use a provider pattern for your code.
Instead of:
var d1 = require('d1'),
d2 = require('d2');
module.exports = {
method: m1
}
Use:
module.exports = function( d1, d2 ) {
return {
method: m1
}
}
main.js
var diss = require('diss')(),
pkg = require('./package.json');
// automaticly load all dependencies defined in package.json and register them under their own names
diss.loadDependencies(pkg);
// load providers from files and register them under same names:
diss.loadProviders(['cfg', 'logger', 'worker', 'rest']);
// register pkg as 'pkg', so it can be used by our modules
diss.register.module('pkg',pkg);
// start actual application.
diss.resolve(function(rest) {
rest.startServer();
});
require('diss') gives you a injector provider. Call it to get an instance of incejctor. Register
all your dependencies and call it's resolve on your main application provider.
provider: provider to resolve.Takes a provider, examines it's signature using reflection and injects all it's depencencies. If any of said dependencies are providers themselves, it will resolve their dependencies recursively.
diss.resolve(function(mysql, logger, http) {
// [...]
});
name: string representing a name of module to load and register.main: module to call require from. Defaults to require.main, which is the entry pointof application.A convinience method, shortcut to:
diss.register.module('name', require('name') );
diss.register.module('name', main.require('name') );
pkg: object representing package.json, ie. require('package.json')main: module to call require from. Defaults to require.main, which is the entry pointof application.A convinience method, equivalent to iterating over all dependencies listed in package.json and calling
diss.require on all of them.
diss.loadDependencies(require('package.json'));
providers: array of string names of your providers.main: module to call require from. Defaults to require.main, which is the entry pointof application.directory: directory to load from. Defaults to current directory.A convinience method, equivalent to call of diss.register.provider on all supplied files.
diss.loadProviders(['mod1','mod2','mod3','foo/mod4'])
diss.loadProviders(['bar/a','bar/b'],module,'./src/examlpe');
is equivalent to:
diss.register.provider('mod1', require('./mod1'));
diss.register.provider('mod2', require('./mod2'));
diss.register.provider('mod3', require('./mod3'));
diss.register.provider('fooMod4', require('./foo/mod3'));
diss.register.provider('barA', require('./src/example/bar/a'));
diss.register.provider('barB', require('./src/example/bar/b'));
name: string containing name to register.module: object to register under that sting.Module is a object provied as-is to providers when resolving them. Use modules for non-DI dependencies, ie:
diss.register.module('Promise', require('bluebird') );
///[...]
diss.resolve(function( Promise ) {
// Promise contains bluebird module
});
name: string containing name to register.provider: provider to register.Provider is a function that has dependencies as parameters and returns an object, which is passed as dependency to other providers.
diss.register.provider('myLogger', function(genericLogger, pkg) {
return genericLogger.createInstance({
name: pkg.name,
level: 'info'
});
});
diss.resolve(function( myLogger ) {
// myLogger here will be the result of .createInstance
});
When names are auto-generated using convinience methods, they are based
on passed name and camelcased: some-module becomes someModule in dependencies.
FAQs
Dependency Injection Super Simple
The npm package diss receives a total of 4 weekly downloads. As such, diss popularity was classified as not popular.
We found that diss demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.