Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
One
is a browser side application cache. It guarantees entity uniqueness across the entire cache.
Each entity tracked for uniqueness must have a unique id. There is precisely ONE distinct entity in the cache for each unique id. Entities that do not have a unique id are still cached but not tracked for uniqueness.
###Usage
npm install one --save
import * as cache from 'one';
let One = cache.createCache();
// or with debugging options
let One = cache.createCache(true);
###Api There are three significant operation types to be aware of:
put
operation and come out with a get
call. Use evict
to force items out of the cache.undo()
and redo()
to go back and forth in timeSome code
let item1 = {uid:1}
let item2 = {uid:2, ref:item1}
One.put(item2)
// puts all items with uid separately in the cache
One.get(item1) === undefined // false (item1 is added from item2)
item1 === One.get(item1) // true (same object)
item2.ref === One.get(1) // true
###Immutable All data is immutable. Once an item enters the cache it freezes and cannot change. This is to enable quick identity checks against immutable entities (ie React identity check).
let item = {uid:1}
Object.isFrozen(item) // false
One.put(item);
Object.isFrozen(item) // true
let result = One.get(item)
result === item // true
If you later want to edit a reference of the object you can get an editable copy from the cache. This gives you a separate clone of the object that is now editable:
let item = {uid:1}
One.put(item)
let editable = One.getEdit(1) // or cuid.getEditable(item1);
Object.isFrozen(editable) // false
item === editable // false
editable.text = "test"
One.put(editable)
let edited = One.get(1)
edited.text = "text" // true
Object.isFrozen(edited) // true
Editing an item changes all its instances in the cache:
let item = {uid:1}
let item2 = {uid:1, child:item}
One.put(item2)
One.get(1) === item // true
One.get(2) === item2 // true
// Let's do some editing
let editable = One.getEdit(1);
editable.text = "test"
One.put(editable) // also updates item2 reference to item
let result = One.get(2)
console.log(JSON.stringify(result.item)) // {uid:1, text:"test"}
###Motivation More an more applications are giving users the ability to edit data in the browser. With a normalized data model various instances of an entity can exist at the same time in different locations. This depends on how data is received from the server and added to the local model / store.
This is inconvenient because:
Redux brings a great breakthrough by putting the entire application state in one place and mutating it only via dispatched actions. But it doesn't enforce entity uniqueness. One
aims to take the concept a step further by making each entity unique and immutable in a single store (cache).
###Performance considerations
Yes there is a performance cost in analyzing each entity deeply to track its dependencies. One
offers a couple of ways to mitigate this: Read optimization and Queuing.
One
defers the write analysis when writing to the queue. The queue can commit between render operations. This way the UI remains fluid.###Data shape
This is not currently designed to work with cyclical data. It is best for non-cyclical objects received from the server in the form of json (or other non-cyclical fomats).
It might happen later if there's a need.
###Documentation
FAQs
One is a new React Framework that makes Vite serve both native and web.
The npm package one receives a total of 1,573 weekly downloads. As such, one popularity was classified as popular.
We found that one demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.
Security News
Biden's executive order pushes for AI-driven cybersecurity, software supply chain transparency, and stronger protections for federal and open source systems.