Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
impression-tracker-react-hook
Advanced tools
Readme
This library is used to track impressions using a react useImpressionTracker hook.
See unit tests for a detailed example for both the React Hook and Higher Order Component (HOC).
import { useImpressionTracker } from 'impression-tracker-react-hook';
import { createEventLogger } from 'promoted-snowplow-logger';
export const handleError = process.env.NODE_ENV !== 'production' ? (err) => { throw err; } : console.error;
export const eventLogger = createEventLogger({
enabled: true,
platformName: 'mymarket',
handleError,
});
const HookedExampleComponent = ({
// Set insertionId and/or contentId.
insertionId,
contentId,
}: Props) => {
// ref needs to be set on the div to observe.
// impressionId can be passed directly into a logAction call.
// logImpressionFunctor can be called to force an impression.
const [ref, impressionId, logImpressionFunctor] = useImpressionTracker({
enable: true,
insertionId,
contentId,
handleError,
logImpression: eventLogger.logImpression,
});
return <div ref={ref}>{text}</div>;
};
interface Props {
...
// TODO - set this ref on the div.
impressionRef: (node?: Element | null) => void;
// Optional props.
impressionId: string;
// In case you want to log an impression early.
logImpressionFunctor: () => void;
}
class ExampleComponent extends React.Component<Props> {
...
render() {
...
return <div ref={this.props.impressionRef}>{text}</div>;
}
}
const WrappedExampleComponent = withImpressionTracker(ExampleComponent, {
handleError,
isEnabled: () => impressionLoggingEnabled,
getContentId: props => props.contentId,
getInsertionId: props => props.insertionId,
// Can be changed to modify the impression.
logImpression: eventLogger.logImpression,
});
const WrappedExampleComponent = compose(
...,
composableImpressionTracker({
handleError,
isEnabled: () => impressionLoggingEnabled,
getContentId: props => props.contentId,
getInsertionId: props => props.insertionId,
// Can be changed to modify the impression.
logImpression: eventLogger.logImpression,
})
)(ExampleComponent);
Uses
npm run finish
npm run build
npm run size
npm run lint
npm test
or npm test
Broken - We previously had an npm run updateLink
command to use npm link for local development. This fails with a Error: Cannot find module 'react'
.
For now, just copy/paste the impression tracker code into the client code and test it out.
We use a GitHub action that runs semantic-release to determine how to update versions. Just do a normal code review and this should work. Depending on the message prefixes (e.g. feat:
, fix:
, clean:
, docs:
), it'll update the version appropriately.
When doing a breaking change, add BREAKING CHANGE:
to the PR. The colon is important.
The base of this repository is a combination of the following repos:
FAQs
Tracks impressions in React using a Hook
We found that impression-tracker-react-hook demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.