Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The mitt npm package is a tiny, functional event emitter or pub/sub library that provides a way to emit and listen for events in JavaScript applications. It is designed to be simple, small, and fast, making it suitable for use in both the browser and Node.js environments.
Event Emission
Emitting events with optional data. Listeners can subscribe to these events and react accordingly.
{"const mitt = require('mitt');\nconst emitter = mitt();\nemitter.emit('myEvent', { some: 'data' });"}
Event Listening
Subscribing to events. This allows functions to listen for specific events and execute code when those events are emitted.
{"const mitt = require('mitt');\nconst emitter = mitt();\nemitter.on('myEvent', (data) => {\n console.log('Event received with data:', data);\n});"}
Event Unlistening
Removing event listeners. This provides a way to unsubscribe from events when a listener is no longer needed or the context changes.
{"const mitt = require('mitt');\nconst emitter = mitt();\nconst handler = (data) => {\n console.log('Event received with data:', data);\n};\nemitter.on('myEvent', handler);\nemitter.off('myEvent', handler);"}
All Events Listening
Listening to all events. This special event type allows a listener to react to all events emitted by the emitter.
{"const mitt = require('mitt');\nconst emitter = mitt();\nemitter.on('*', (type, event) => {\n console.log(`Type: ${type}, Event:`, event);\n});"}
EventEmitter3 is a high-performance event emitter. It is similar to mitt but provides more features like context binding and wildcard listeners. It is also slightly larger in size compared to mitt.
TinyEmitter is another small event emitter library that offers basic event emitting and listening functionality. It is comparable to mitt in terms of size and simplicity but does not support wildcard listeners.
The 'events' package is Node.js's EventEmitter class for the browser. It is more feature-rich than mitt, including asynchronous event emitting and more complex event handling capabilities, but it is also larger in size.
Tiny 200b functional event emitter / pubsub.
"*"
event type listens to all eventsthis
Mitt was made for the browser, but works in any JavaScript runtime. It has no dependencies and supports IE9+.
This project uses node and npm. Go check them out if you don't have them locally installed.
$ npm install --save mitt
Then with a module bundler like rollup or webpack, use as you would anything else:
// using ES6 modules
import mitt from 'mitt'
// using CommonJS modules
var mitt = require('mitt')
The UMD build is also available on unpkg:
<script src="https://unpkg.com/mitt/dist/mitt.umd.js"></script>
You can find the library on window.mitt
.
import mitt from 'mitt'
const emitter = mitt()
// listen to an event
emitter.on('foo', e => console.log('foo', e) )
// listen to all events
emitter.on('*', (type, e) => console.log(type, e) )
// fire an event
emitter.emit('foo', { a: 'b' })
// clearing all events
emitter.all.clear()
// working with handler references:
function onFoo() {}
emitter.on('foo', onFoo) // listen
emitter.off('foo', onFoo) // unlisten
Set "strict": true
in your tsconfig.json to get improved type inference for mitt
instance methods.
import mitt from 'mitt';
type Events = {
foo: string;
bar?: number;
};
const emitter = mitt<Events>(); // inferred as Emitter<Events>
emitter.on('foo', (e) => {}); // 'e' has inferred type 'string'
emitter.emit('foo', 42); // Error: Argument of type 'number' is not assignable to parameter of type 'string'. (2345)
Alternatively, you can use the provided Emitter
type:
import mitt, { Emitter } from 'mitt';
type Events = {
foo: string;
bar?: number;
};
const emitter: Emitter<Events> = mitt<Events>();
Mitt: Tiny (~200b) functional event emitter / pubsub.
Returns Mitt
A Map of event names to registered handler functions.
Register an event handler for the given type.
type
(string | symbol) Type of event to listen for, or '*'
for all eventshandler
Function Function to call in response to given eventRemove an event handler for the given type.
If handler
is omitted, all handlers of the given type are removed.
type
(string | symbol) Type of event to unregister handler
from, or '*'
handler
Function? Handler function to removeInvoke all handlers for the given type.
If present, '*'
handlers are invoked after type-matched handlers.
Note: Manually firing '*' handlers is not supported.
type
(string | symbol) The event type to invokeevt
Any? Any value (object is recommended and powerful), passed to each handlerFirst off, thanks for taking the time to contribute! Now, take a moment to be sure your contributions make sense to everyone else.
Found a problem? Want a new feature? First of all see if your issue or idea has already been reported. If don't, just open a new clear and descriptive issue.
Pull requests are the greatest contributions, so be sure they are focused in scope, and do avoid unrelated commits.
git clone https://github.com/<your-username>/mitt
cd mitt
git checkout -b my-new-feature
npm install
git commit -am 'Add some feature'
git push origin my-new-feature
FAQs
Tiny 200b functional Event Emitter / pubsub.
The npm package mitt receives a total of 7,515,957 weekly downloads. As such, mitt popularity was classified as popular.
We found that mitt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.