Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
immutable-class
Advanced tools
A little library to facilitate creating and testing serializable, immutable classes.
This library is really just a set of templates and testing tools to allow for quick construction of immutable classes.
An object Blah
is considered a immutable class of it meats the following criteria:
Blah.isBlah
method for checking if something is an instance of the given classBlah.fromJS
method for deserializing classesblah.valueOf
method that return a minimally serialized object (preserving all sub classes as immutable classes)blah.toJS
method that return a fully serialized object (recursively serializing all sub classes)blah.toJSON
method that returns the same as the toJS method allowing the object to be passed into JSON.stringify
blah.toString
method that is implemented in some way (and returns a string
)blah.equals
method that can be used to compare this object to other classes to check for equivalence.Immutable Class provides one testing function for testing potential immutable classes: testImmutableClass
It is used like so:
testImmutableClass(MyImmutableClassConstructor, [
{ "potential": 1 }
{ "distinct": 2 }
{ "js": 3 }
{ "immutable classes": 4 }
]);
This function will then try to call fromJS
on each candidate and run it through a series of tests to ensure that it
corresponds to the rules above. It will also do an equality check of every object with every other object and make sure
that it only equals itself.
For an example of the usage of this library look at these files: source, tests.
FAQs
A template for creating immutable classes
The npm package immutable-class receives a total of 2,069 weekly downloads. As such, immutable-class popularity was classified as popular.
We found that immutable-class demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.