Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
A small library providing what might be termed as reactive expressions, Bond
s
(hence the name). Classes deriving from Bond
are expected to determine when
their value has changed and call trigger
accordingly.
TimeBond
is provided as a simple expression type which evaluates to the
current time and triggers an update once per second.
Expressions can be composed through TransformBond
, which allows both argument
dependencies (that get passed into the combination transform) and non-argument
dependencies (which do not). For its dependencies, TransformBond
is able to
work with basic values, Promise
s and other Bonds
abstractly.
npm install oo7 --save
var oo7 = require('oo7'),
Bond = oo7.Bond,
TimeBond = oo7.TimeBond,
TransformBond = oo7.TransformBond;
let t = new TimeBond;
// Prints the Unix time every second.
t.tie(console.log);
// Prints the formatted date every second.
new TransformBond(x => new Date(x), [t]).tie(console.log);
npm test
In lieu of a formal styleguide, take care to maintain the existing coding style. Add unit tests for any new or changed functionality. Lint and test your code.
For development, a number of git hooks are provides that allow you to ensure tightly couple packages remain locally referenced at development time and switched to the proper version at commit/publish time. Simply copy all files from hooks into the git hook path:
cp hooks/* .git/hooks
NPM's publishing functionality automatically ensures packages reference the latest of their dependencies in the tightly-coupled group, and bumps the patch version after publication.
For all of this to work, ensure this, oo7-parity
, oo7-react
and parity-reactive-ui
all exist in the same parent directory.
FAQs
The Bond API
We found that oo7 demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.