Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
lit-directive-assert
Advanced tools
Readme
Social Media Photo by Damon Lam on Unsplash
lit-html
Esta directiva exporta dos factorías de Directivas, de LitHtml, para pintar un resultado en función de un valor. Éste valor puede ser un Promise o otro valor; según la parte (propiedad, atributo, evento, contenido) que se quiera actualizar.
Está muy enfocado a un estilo más funcional; donde creamos una función que devuelve un templete en función del resultado.
Esta herramienta se exporta en los formatos CommonJs, IFFIE, ESM. Puedes descargarlo o instalarlo a través de NPM o desde Unpkg.
Npm
npm install --save lit-directive-assert
Unpkg
import {assertDirective, assertAsyncDirective} from 'https://unpkg.com/lit-directive-assert?module'
Esta función de factoría que duelve una función, tipo, assert que pintará uno de los valores proporcionados.
Devuelve una función que recibe un único argumento que será transformado a Boolean y según el valor se renderizará una de las opciones proporcionadas
import {render, html} from 'lit-html'
import {assertDirective} from 'lit-directive-assert';
const assertPart = assertDirective('ok', 'ko');
const assertEventPart = assertDirective(_ => console.log('ok'), _ => console.log('ko'));
render(html`
<h1>Assert</h1>
<h2>Node Part</h2>
<ul>
<li> ok === ${assertPart(true)}</li>
<li> ko === ${assertPart(false)}</li>
</ul>
<h2>Property Part</h2>
<ul>
<li> <span .title=${assertPart(true)}>ok</span></li>
<li> <span .title=${assertPart(false)}>ok</span></li>
</ul>
<h2>Attribute Part</h2>
<ul>
<li>ok == <input type="text" value="${assertPart(true)}" /></li>
<li>ko == <input type="text" value="${assertPart(false)}" /></li>
</ul>
<h2>Event Part</h2>
<ul>
<li> <span @click=${assertEventPart(true)}>ok</span></li>
<li> <span @click=${assertEventPart(false)}>ko</span></li>
</ul>`, window.container);
Esta función duelve una función, tipo, assert que evalua Promises y en función de la resolución de ésta, pinta uno de los templates proporcionados:
Devuelve una función que recibe un único argumento que será una Promise y según el estado y resultado de ésta; se renderizará una de las opciones proporcionadas
import {render, html} from 'lit-html'
import {assertAsyncDirective} from 'lit-directive-assert';
const assertAsyncPart = assertAsyncDirective('pending...', 'ok', 'ko');
const assertAsyncEventPart = assertAsyncDirective(
v => ev => console.log('pending...', ev, v),
v => ev => console.log('ok', ev, v),
v => ev => console.log('ko', ev, v));
const pendingPromise = new Promise((resolve) => setTimeout(_ => resolve(), 3000));
render(html`
<h1>Assert</h1>
<h2>Node Part</h2>
<ul>
<li> async: ok === ${assertAsyncPart(Promise.resolve())}</li>
<li> async: ko === ${assertAsyncPart(Promise.reject())}</li>
<li> async: -- === ${assertAsyncPart(pendingPromise)}</li>
</ul>
<h2>Property Part</h2>
<ul>
<li> <span .title=${assertAsyncPart(Promise.resolve())}>ok</span></li>
<li> <span .title=${assertAsyncPart(Promise.reject())}>ok</span></li>
<li> <span .title=${assertAsyncPart(pendingPromise)}>ok</span></li>
</ul>
<h2>Attribute Part</h2>
<ul>
<li> async: ok === <input type="text" value="${assertAsyncPart(Promise.resolve())}" /></li>
<li> async: ko === <input type="text" value="${assertAsyncPart(Promise.reject())}" /></li>
<li> async: -- === <input type="text" value="${assertAsyncPart(pendingPromise)}" /></li>
</ul>
<h2>Event Part</h2>
<ul>
<li> <span @click=${assertAsyncEventPart(Promise.resolve())}>ko</span></li>
<li> <span @click=${assertAsyncEventPart(Promise.reject())}>ko</span></li>
<li> <span @click=${assertAsyncEventPart(pendingPromise)}>ko</span></li>
</ul>`, window.container);
Según la parte que se quiere cambiar:
FAQs
Lit HTML directive for assertion value and render some options
The npm package lit-directive-assert receives a total of 2 weekly downloads. As such, lit-directive-assert popularity was classified as not popular.
We found that lit-directive-assert demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.