Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
mobx-keystone
Advanced tools
A MobX powered state management solution based on data trees with first class support for Typescript, snapshots, patches and much more
A MobX powered state management solution based on data trees with first-class support for Typescript, snapshots, patches and much more
Full documentation can be found on the site:
mobx-keystone.js.org
mobx-keystone
is a state container that combines the simplicity and ease of mutable data with the traceability of immutable data and the reactiveness and performance of observable data, all with a fully compatible Typescript syntax.
Simply put, it tries to combine the best features of both immutability (transactionality, traceability and composition) and mutability (discoverability, co-location and encapsulation) based approaches to state management; everything to provide the best developer experience possible.
Unlike MobX itself, mobx-keystone
is very opinionated about how data should be structured and updated.
This makes it possible to solve many common problems out of the box.
Central in mobx-keystone
is the concept of a living tree. The tree consists of mutable, but strictly protected objects (models, arrays and plain objects).
From this living tree, immutable, structurally shared snapshots are automatically generated.
Another core design goal of mobx-keystone
is to offer a great Typescript syntax out of the box, be it for models (and other kinds of data such as plain objects and arrays) or for its generated snapshots.
To see some code and get a glimpse of how it works check the Todo List Example.
Because state trees are living, mutable models, actions are straightforward to write; just modify local instance properties where appropriate. It is not necessary to produce a new state tree yourself, mobx-keystone
's snapshot functionality will derive one for you automatically.
Although mutable sounds scary to some, fear not, actions have many interesting properties. By default trees can only be modified by using an action that belongs to the same subtree. Furthermore, actions are replayable and can be used to distribute changes.
Moreover, because changes can be detected on a fine-grained level, JSON patches are supported out of the box. Simply subscribing to the patch stream of a tree is another way to sync diffs with, for example, back-end servers or other clients.
Since mobx-keystone
uses MobX behind the scenes, it integrates seamlessly with mobx
and mobx-react
.
Even cooler, because it supports snapshots, action middlewares and replayable actions out of the box, it is possible to replace a Redux store and reducer with a MobX data model.
This makes it possible to connect the Redux devtools to mobx-keystone
.
Like React, mobx-keystone
consists of composable components, called models, which capture small pieces of state. They are instantiated from props and after that manage and protect their own internal state (using actions). Moreover, when applying snapshots, tree nodes are reconciled as much as possible.
This library requires a more or less modern Javascript environment to work, namely one with support for:
In other words, it should work on mostly anything except it won't work in Internet Explorer.
If you are using Typescript, then version >= 4.2.0 is recommended, though it might work with older versions.
npm install mobx-keystone
yarn add mobx-keystone
Full documentation can be found on mobx-keystone.js.org
0.62.0
$modelId
is no longer a requirement and will be no longer automatically added to models. If you want your models to keep using the old behavior (having a $modelId
property) then add a [modelIdKey]: idProp
or a $modelId: idProp
property to them. Note that $modelId
can still be used in instances to get/set the current ID property, just that it might be undefined (get) / throw (set) when there is none.FAQs
A MobX powered state management solution based on data trees with first class support for TypeScript, snapshots, patches and much more
The npm package mobx-keystone receives a total of 8,132 weekly downloads. As such, mobx-keystone popularity was classified as popular.
We found that mobx-keystone demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.