Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
mobx-keystone
Advanced tools
A MobX powered state management solution based on data trees with first class support for Typescript, snapshots, patches and much more
A MobX powered state management solution based on data trees with first class support for Typescript, snapshots, patches and much more
Full documentation can be found on the site:
mobx-keystone.js.org
mobx-keystone
is a state container that combines the simplicity and ease of mutable data with the traceability of immutable data and the reactiveness and performance of observable data, all with a fully compatible Typescript syntax.
Simply put, it tries to combine the best features of both immutability (transactionality, traceability and composition) and mutability (discoverability, co-location and encapsulation) based approaches to state management; everything to provide the best developer experience possible.
Unlike MobX itself, mobx-keystone
is very opinionated about how data should be structured and updated.
This makes it possible to solve many common problems out of the box.
Central in mobx-keystone
(mobx-keystone
) is the concept of a living tree. The tree consists of mutable, but strictly protected objects (models, arrays and plain objects).
From this living tree, immutable, structurally shared, snapshots are automatically generated.
Another of the core design goals of mobx-keystone
it to offer a great Typescript syntax out of the box, be it for models (and other kind of data such as plain objects and arrays) or for its generated snapshots.
To see some code and a a glimpse of how it works check the Todo List Example
Because state trees are living, mutable models, actions are straight-forward to write; just modify local instance properties where appropriate. It is not necessary to produce a new state tree yourself, mobx-keystone
's snapshot functionality will derive one for you automatically.
Although mutable sounds scary to some, fear not, actions have many interesting properties. By default trees can only be modified by using an action that belongs to the same subtree. Furthermore, actions are replayable and can be used to distribute changes.
Moreover, because changes can be detected on a fine grained level, JSON patches are supported out of the box. Simply subscribing to the patch stream of a tree is another way to sync diffs with, for example, back-end servers or other clients.
Since mobx-keystone
uses MobX behind the scenes, it integrates seamlessly with mobx and mobx-react.
Even cooler, because it supports snapshots, action middlewares and replayable actions out of the box, it is possible to replace a Redux store and reducer with a MobX data model.
This makes it possible to connect the Redux devtools to mobx-keystone
.
Like React, mobx-keystone
consists of composable components, called models, which captures a small piece of state. They are instantiated from props and after that manage and protect their own internal state (using actions). Moreover, when applying snapshots, tree nodes are reconciled as much as possible.
This library requires a more or less modern Javascript environment to work, namely one with support for:
In other words, it should work on mostly anything except it won't work in Internet Explorer.
If you are using Typescript, then version >= 3.6.2 is recommended, though it might work with older versions.
npm install mobx-keystone
yarn add mobx-keystone
Full documentation can be found on mobx-keystone.js.org
0.17.0
FAQs
A MobX powered state management solution based on data trees with first class support for TypeScript, snapshots, patches and much more
The npm package mobx-keystone receives a total of 5,837 weekly downloads. As such, mobx-keystone popularity was classified as popular.
We found that mobx-keystone demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.