Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
ember-promise-helpers
Advanced tools
ember install ember-promise-helpers
When Ember's templates encounter a promise, it won't re-render it when the promise is resolved or rejected. For an example of the problem (where model is a specific single model, not an RSVP.hash):
{{#if model.author}}
The author is: {{model.author.name}}
{{else}}
No author!
{{/if}}
If model.author
is a promise (like a an Ember Data belongsTo
relationship), the template will always contain the text: "The author
is:", rather than "No author!".
Ember Promise Helpers allow you to work with Promises easily in your
Ember templates, without wrapping your objects with something like
Ember.PromiseProxyMixin
in the Route, Controller, or Component.
{{#if (await model.author)}}
{{get (await model.author) 'name'}}
{{else}}
No author!
{{/if}}
The await
helper also works anywhere, because it's just a Handlebars
subexpression. For example, you can pass it to another helper...
{{#each (await model.comments) as |comment|}}
{{comment.author}} wrote {{comment.text}}
{{/each}}
Or pass it to a component:
{{twitter-timeline users=(await user.following)}}
Or use it by itself:
{{await model.title}}
Resolves with false
if the promise resolved or rejected, otherwise
true until the promise resolves or rejects.
{{#if (is-pending promise)}}
<img src="loading.gif"/>
{{else}}
Loaded!
{{/if}}
Resolves with true
if the promise rejects or fails, false
otherwise. Initial value is null
until the promise is resolved.
{{#unless (is-pending promise)}}
{{#if (is-rejected promise)}}
rejected! :(((
{{/if}}
{{/unless}}
Resolves with true
if the promise resolved successfully, false
otherwise. Initial value is null
until the promise is resolved.
{{#unless (is-pending promise)}}
{{#if (is-fulfilled promise)}}
Yay it worked!
{{else}}
Oh :(
{{/if}}
{{/unless}}
Gives you the error
or reason
as to why a promise was rejected. Null
until the promise rejects or if the promise resolves. For example:
// app/controllers/index.js
import Ember from 'ember';
export default Ember.Controller.extend({
promise: Ember.computed(function() {
return Ember.RSVP.reject(new Error('whoops'));
})
});
{{! app/templates/index.js }}
{{#if (is-rejected promise)}}
The error was {{get (promise-rejected-reason promise) 'message'}}.
{{/if}}
Uses the Ember.RSVP.all
function to create a promise.
It also accepts 1..n
promises as arguments or an array as first argument.
{{#if (is-pending (promise-all promise1 promise2))}}
<img src="loading.gif"/>
{{else}}
Loaded!
{{/if}}
{{#if (is-pending (promise-all promiseArray))}}
<img src="loading.gif"/>
{{else}}
Loaded!
{{/if}}
Uses the Ember.RSVP.hash
function to create a promise.
{{#if (is-pending (promise-hash foo=promise1 bar=promise2))}}
<img src="loading.gif"/>
{{else}}
Loaded!
{{/if}}
This would render "The error was whoops."
git clone <repository-url>
cd ember-promise-helpers
yarn install
yarn lint
yarn lint:fix
ember test
– Runs the test suite on the current Ember versionember test --server
– Runs the test suite in "watch mode"ember try:each
– Runs the test suite against multiple Ember versionsember serve
For more information on using ember-cli, visit https://ember-cli.com/.
FAQs
The default blueprint for ember-cli addons.
The npm package ember-promise-helpers receives a total of 12,562 weekly downloads. As such, ember-promise-helpers popularity was classified as popular.
We found that ember-promise-helpers demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.