Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
incarnate
Advanced tools
Readme
Runtime Dependency Lifecycle Management for JavaScript.
npm i -S incarnate
http://incarnate.resist.design
import Incarnate from 'incarnate';
// Declare your application.
const inc = new Incarnate({
subMap: {
// Keep track of your state.
state: {
subMap: {
user: {
factory: () => ({
authToken: undefined
})
}
}
},
// Supply some services.
services: {
// Some services need authorization information.
shared: {
user: 'state.user'
},
subMap: {
user: true,
login: {
factory: () => {
return async (username, password) => {
// Make a login request, get the `authToken`.
const fakeToken = `${username}:${password}`;
// For demo purposes we'll use the `Buffer` API in node.js to base64 encode the credentials.
return Buffer.from(fakeToken).toString('base64');
};
}
},
accounts: {
dependencies: {
user: 'user'
},
factory: ({dependencies: {user: {authToken = ''} = {}} = {}} = {}) => {
return async () => {
// NOTE: IF we call this service method AFTER `login`,
// the `authToken` will have been automatically updated,
// in this service, by Incarnate.
if (!authToken) {
throw new Error('The accounts service requires an authorization token but none was supplied.');
}
// Get a list of accounts with the `authToken` in the headers.
console.log('Getting accounts with headers:', {
Authorization: `Bearer: ${authToken}`
});
return [
{name: 'Account 1'},
{name: 'Account 2'},
{name: 'Account 3'},
{name: 'Account 4'}
];
};
}
}
}
},
// Expose some actions that call services and store the results in a nice, tidy, reproducible way.
actions: {
shared: {
user: 'state.user',
loginService: 'services.login'
},
subMap: {
user: true,
loginService: true,
login: {
dependencies: {
loginService: 'loginService'
},
setters: {
setUser: 'user'
},
factory: ({dependencies: {loginService} = {}, setters: {setUser} = {}} = {}) => {
return async ({username, password} = {}) => {
// Login
const authToken = await loginService(username, password);
// Store the `authToken`.
setUser({
authToken
});
return true;
};
}
}
}
}
}
});
// Here's your app.
export default async function app() {
// Get the Login Action.
const loginAction = inc.getResolvedPath('actions.login');
// Do the login.
const loginResult = await loginAction({
username: 'TestUser',
password: 'StopTryingToReadThis'
});
// Get the Accounts Service. It needs the User's `authToken`,
// but you declared it as a Dependency,
// so Incarnate took care of that for you.
const accountsService = inc.getResolvedPath('services.accounts');
// Get those accounts you've been dying to see...
const accounts = await accountsService();
// Here they are!
console.log('These are the accounts:', accounts);
}
// You need to run your app.
app();
FAQs
Dependency Injection (DI) with Lifecycle features for JavaScript.
The npm package incarnate receives a total of 3 weekly downloads. As such, incarnate popularity was classified as not popular.
We found that incarnate demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.