Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
obvious-core
Advanced tools
it's an experimental libarary now, do not use in production enviroment
Obvious is a progressive micro-front-end library. In the micro-front-end architecture, Obvious focuses on solving the problem of scheduling and communication between micro frontend applications. It aims to help users quickly build a basic micro-front-end system and support deeper customization to achieve a complete and reliable micro-front-end architecture by providing easy-to-understand APIs and flexible middlewares.
npm:
npm install obvious-core
umd:
<script src="https://unpkg.com/obvious-core@{version}/dist/index.umd.js"></script>
In host enviroment, create a bus and declare the resource info
import { touchBus } from 'obvious-core';
const [bus] = touchBus()
bus.config({
assets: {
'react-app': {
js: [
'http://localhost:3000/static/js/bundle.js',
'http://localhost:3000/static/js/0.chunk.js',
'http://localhost:3000/static/js/main.chunk.js'
]
},
'vue-app': {
js: [
'http://localhost:8081/js/app.js',
'http://localhost:8081/js/chunk-vendors.js'
]
}
}
});
micro frontend application can get the bus, and create an App with it, at the same time, a socket can be created to communicate with other App
react-app
import React from 'react';
import ReactDOM from 'react-dom';
import { touchBus } from 'obvious-core';
const [bus] = touchBus();
const socket = bus.createSocket();
bus.createApp('react-app')
.bootstrap(async (config) => {
socket.unicast('unicast-event');
socket.broadcast('broadcast-event');
socket.initState('someState', true);
ReactDOM.render(<App />, document.querySelector(config.mountPoint));
});
vue-app
import Vue from 'vue';
import App from './App.vue';
import { touchBus } from 'obvious-core';
Vue.config.productionTip = false;
const [bus] = touchBus();
const socket = bus.createSocket();
bus.createApp('vue-app')
.bootstrap(async (config) => {
socket.onUnicast('unicast-event', () => {
// do something
});
socket.onBroadcast('broadcast-event', () => {
// do something
});
socket.setState('someState.sub.prop.array', [])
socket.watchState('someState.sub.prop.array[0]', (val) => {
// do something
});
new Vue({
render: h => h(App),
}).$mount(config.mountPoint);
});
In host enviroment, activate the application
bus.activateApp('react-app', {mountPoint: document.getElementById('#react-app')});
bus.activateApp('vue-app', {mountPoint: document.getElementById('#vue-app')});
npm run demo:install
npm run demo:react
npm run demo:vue
npm run demo:host
obvious.js: the progressive micro frontend library
obvious is MIT Licensed
[0.3.5] - 2021-09-06
ctx.loadJs
to ctx.loadScript
ctx.loadCss
to ctx.loadLink
ctx.fetchJs
to ctx.fetchScript
FAQs
a progressive micro front framework
The npm package obvious-core receives a total of 2 weekly downloads. As such, obvious-core popularity was classified as not popular.
We found that obvious-core demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.