Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
The CommonJS module syntax is one of the most widely accepted conventions in the JavaScript ecosystem. Everyone seems to agree that require
and exports
are a reasonable way of expressing module dependencies and interfaces, and the tools for managing modular code are getting better all the time.
Much less of a consensus has developed around the best way to deliver CommonJS modules to a web browser, where the synchronous semantics of require
pose a non-trivial implementation challenge. This module loader contributes to that confusion, yet also demonstrates that a amply-featured module loader need not stretch into the hundreds or thousands of lines.
When evaluated, the contents of install.js create a global function called install
. This function is the only external interface to the module loader, and it can be called in two ways.
The first way is to pass a module identifier string followed by a module factory function:
install("some/module/id", function(require, exports, module) {
// CommonJS module code goes here.
// For example:
exports.setImmediate = function(callback) {
return setTimeout(callback, 0);
};
});
This makes the module available for requirement, but does not evaluate the contents of the module until the first time another module calls require("some/module/id")
.
The second way to invoke install
is to omit the module identifier and pass an anonymous module factory function:
install(function(require) {
// Code that uses require goes here.
// For example:
require("some/module/id").setImmediate(function() {
console.log("setImmediate fired");
});
});
Anonymous modules are executed in order of installation, as soon as their requirements have been installed. Note that such modules do not have exports objects, because anonymous modules cannot be required.
If a named module has no requirements and does not need its own scope, the following shorthand can be used to install the module:
install("simple/module", { exports: {
one: 1,
two: 2,
buckle: "my shoe"
}});
FAQs
Minimal JavaScript module loader
The npm package install receives a total of 588,341 weekly downloads. As such, install popularity was classified as popular.
We found that install demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.