Product
Socket Now Supports uv.lock Files
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
By Trevor Norris - Jan 09, 2025
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
Latching
Run-Time Hook Latching
About
Latching is a small JavaScript library for use in Node and Browser environments, providing a small run-time hook latching facility, allowing your program to be extended by plugins which latch into provided run-time hooks.
Example
Assume you have an application which, at some point in time, has to check whether an user is allowed access. The default is to allow access, but once a plugin is loaded it can provide a more fine-grained access control.
-
app.js:class App extends Latching { constructor () { super() ... } main () { let options = [ { names: [ "version", "v" ], type: "bool", "default": false, help: "Print tool version and exit." }, { names: [ "help", "h" ], type: "bool", "default": false, help: "Print this help and exit." }, ... ] this.hook("cli-options", "none", options) let parser = dashdash.createParser({ options: options, }) ... } log (level, msg) { msg = this.hook("log-message", "pass", msg) logger.log(level, msg) } login (username, password) { ... if (!this.hook("access-allowed", "and", username, password)) throw new Error("access not allowed") ... } ... } app = new App() ... -
plugin-foo.js:/* extend applications CLI option parsing */ app.latch("cli-options", (options) => { options.push({ names: [ "foo", "f" ], type: "bool", "default": false, help: "Enable the Foo feature" }) }) -
plugin-geoip.js:/* extend applications logging with client location */ app.latch("log-message", (msg) => { let location = ... return `${msg}, location=${location}` }) -
plugin-auth.js/* extend application authentication strategy with a database variant */ app.latch("access-allowed", (username, password) => { return db.user.findBy(username).sha1 === sha1(password) })
Installation
Node environments (with NPM package manager):
$ npm install latching
Browser environments (with Bower package manager):
$ bower install latching
Application Programming Interface (API)
-
Latching
The exported latching context API class.Example:
var latching = new Latching()This creates a new latching context. Usually you need just a single one per application. The latching context has to be provided to all plugins. This is the usual approach for applications using Latching.
class Foo extends Latching { constructor () { super() ... } ... }This defines a class as a latching context by inheriting from it. This is the usual approach for libraries using Latching. This is the more elegant ECMAScript 6 syntax.
var Foo = function () { Latching.call(this) ... } Foo.prototype = Object.create(Latching.prototype) Foo.prototype.constructor = FooThis defines a class as a latching context by inheriting from it. This is the usual approach for libraries using Latching. This is the less elegant ECMAScript 5 syntax.
-
Latching#proc(proc: string, init: (params: any[]) => any step: (prevResult: any, nextResult: any) => any): Latching
Define a custom result processing strategy under nameproc, based on an initial value produced byinit(which optionally can be derived from thehookparametersparams) and a zero or multiple times applied result processingstep.Example (also the default):
latching.proc("none", function ( ) { return undefined }, function ( ) { }) latching.proc("pass", function (p) { return p[0] }, function (o, n) { return n }) latching.proc("or", function ( ) { return false }, function (o, n) { return o || n }) latching.proc("and", function ( ) { return true }, function (o, n) { return o && n }) latching.proc("mult", function ( ) { return 1 }, function (o, n) { return o * n }) latching.proc("add", function ( ) { return 0 }, function (o, n) { return o + n }) latching.proc("append", function ( ) { return "" }, function (o, n) { return o + n }) latching.proc("push", function ( ) { return [] }, function (o, n) { o.push(n); return o }) latching.proc("concat", function ( ) { return [] }, function (o, n) { return o.concat(n) }) latching.proc("insert", function ( ) { return {} }, function (o, n) { o[n] = true; return o }) latching.proc("assign", function ( ) { return {} }, function (o, n) { Object.keys(n).forEach(function (k) { o[k] = n[k] }) } ) -
Latching#{at,latch}(name: string, cb: (...params: any, prevResult: any, cancel: () => void) => any, ctx: object, prepend: boolean): number
Latch into a hook of namenamewith the help of a callback functioncband optionally its contextctxand optionally by prepending (instead of appending, the default) this latching in the processing order. The methodatis just a short alias for the canonicallatch.Example:
var id = latching.latch("access-allowed", function (user, password, resultPrev, cancel) { return db.user.findBy(user).sha1 === sha1(password) }) -
Latching#unlatch(name: string, id: number): Latching
Unlatch, from the hook of namename, the callback function withid.Example:
latching.unlatch("access-allowed", id) -
Latching#hook(name: string, proc: name, ...params: any): any
Execute the hook of namenamewith the processing strategyproc. This calls all previously latched callbacks with the n+2 (n >= 0) parameters...params: any, resultPrev: any, cancel: () => void.Example:
var allowed = latching.hook("access-allowed", "and", user, password)
History
The latching functionality was first introduced 2012 in ComponentJS and then revised 2015 for Microkernel. It then was factored out 2015 into this separate Latching library as the functionality is useful to have at hand in other applications and libraries through a simple dependency only.
License
Copyright (c) 2012-2015 Ralf S. Engelschall (http://engelschall.com/)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Run-Time Hook Latching
We found that latching demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 14 Aug 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Gmail For Exfiltration: Malicious npm Packages Target Solana Private Keys and Drain Victims' Wallets
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.
By Kirill Boychenko - Jan 08, 2025
Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
By Sarah Gooding - Jan 07, 2025