Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
AOP for JS with before, around, on, afterReturning, afterThrowing, after advice, and pointcut support
Aspect Oriented Programming for Javascript. It allows you to change the behavior of, or add behavior to methods and functions (including constructors) non-invasively.
As a simple example, instead of changing code, you can use meld to log the result of myObject.doSomething
:
var myObject = {
doSomething: function(a, b) {
return a + b;
}
};
// Call a function after myObject.doSomething returns
var remover = meld.after(myObject, 'doSomething', function(result) {
console.log('myObject.doSomething returned: ' + result);
});
myObject.doSomething(1, 2); // Logs: "myObject.doSomething returned: 3"
remover.remove();
myObject.doSomething(1, 2); // Nothing logged
Get it using one of the following
yeoman install meld
, orbower install meld
, orgit clone https://github.com/cujojs/meld
, orgit submodule add https://github.com/cujojs/meld
Configure your loader with a package:
packages: [
{ name: 'meld', location: 'path/to/meld', main: 'meld' },
// ... other packages ...
]
define(['meld', ...], function(meld, ...) { ... });
or require(['meld', ...], function(meld, ...) { ... });
npm install meld
var meld = require('meld');
ringo-admin install cujojs/meld
var meld = require('meld');
Install buster.js
npm install -g buster
Run unit tests in Node:
buster test
meld()
is now a function that adds aspects.
meld.add()
. Use meld()
instead.console.log
.Object.defineProperty
.meld.joinpoint()
- Access the current joinpoint from any advice type.window.meld
is no longer supported. See this post on the cujo.js Google Group for an explanation.See the full Changelog here
FAQs
AOP for JS with before, around, on, afterReturning, afterThrowing, after advice, and pointcut support
We found that meld demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.