
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
ember-cli-shims
Advanced tools
NOTE: this repo is frozen until ember's public module interface has been finalized.
Ember CLI Shims (ECS) contain all the shims used in Ember CLI.
Note: The ember-data shim has been removed as of v0.1.0. The latest
Ember-Data no longer has a bower dependency;
ember-cli-shims >= v0.1.0 is only intended for use with Ember-Data v2.3.0 and up.
Simply import any of the shims as an ES6 module:
import Component from 'ember-component';
import run from 'ember-runloop';
import injectService from 'ember-service/inject';
Some of the shims have named exports (instead of/in addition to a default export):
import { assert, copy } from 'ember-metal/utils';
import { debounce } from 'ember-runloop';
import { isEmpty } from 'ember-utils';
The app-shims file provides a complete reference of all modules currently supported by this library.
Historically, Ember has recommended that developers reference core classes
& utilities (ie Component, Route, isEmpty) via the root Ember namespace.
This leads to the entire Ember module being imported into nearly every file:
import Ember from 'ember';
export default Ember.Component.extend({
foo: Ember.inject.service(),
bar: Ember.computed.readOnly('foo.bar')
});
It would be preferable to have different parts of Ember available as separate modules, allowing developers to only import what they need. This is the direction the framework is moving in, but the modules are not yet available. This has led to a common pattern of ES6 destructuring assignment to enable writing future-proof code:
import Ember from 'ember';
const { Component, computed, inject } = Ember;
export default Component.extend({
foo: inject.service(),
bar: computed.readOnly('foo.bar');
});
However, this library provides shims to mimic the future modules that Ember may provide, enabling developers to avoid destructuring and instead import the namespaces as modules today.
import Component from 'ember-component';
import computed from 'ember-computed';
import injectService from 'ember-service/inject';
export default Component.extend({
foo: injectService(),
bar: computed.readOnly('foo.bar');
});
That way, as true modules become available in the Ember ecosystem, we can merely remove
the shims from ECS upstream, requiring little to no refactoring on the part of
developers who have opted-in to this pattern early. Ultimately, the goal of this
library is to be replaced completely once Ember itself is an npm package/addon and exports its own modules.
Ember CLI Shims is MIT Licensed.
FAQs
The default blueprint for ember-cli addons.
The npm package ember-cli-shims receives a total of 9,383 weekly downloads. As such, ember-cli-shims popularity was classified as popular.
We found that ember-cli-shims demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.