Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
react-localize
Advanced tools
A simple context wrapper and text localization component for localizing strings
A simple context wrapper and text localization component for localizing strings.
npm i react-localize
import Localization, { Text } from 'react-localize';
const localizationBundle = {
'app.button.Submit': 'Submit',
foo: {
bar: 'Hey %s, you must be %d old?'
}
};
<Localization messages={localizationBundle}>
<AnyParentComponent>
<Text message="prop.Val" style={{ color: 'blue' }} />
<Text message="app.button.Submit" data-magic="pretty neat" />
<Text message="foo.bar" values={['Foophen', 32]} style={{ color: 'red' }} />
</AnyParentComponent>
</Localization>
// outputs (respectively):
// <span style="color: blue">prop.Val</span>
// <span data-magic="pretty neat">Submit</span>
// <span style="color: red">Hey Foophen, you must be 32 old?</span>
// app.js
<Localization messages={myBundle}>
<YourComponent />
</Localization>
// YourComponent.jsx
import TabsMaybe from 'react-bootstrap-tabs-i-guess';
export default YourComponent = (props, context) => {
const tabsConfig = props.tabsArray.map((tab) => {
return {
id: tab.id,
message: context.localize(tab.label)
onClick: () => props.onTabClick(tab.id)
};
});
return <TabsMaybe tabs={tabConfig} />
};
<Localization />
exposes a localize(key, values)
function that is passed through ReactJS Context to all children in the render tree it wraps. It takes a messages
property that should be formatted like { 'mykey.path.to.Value': 'Value' }
or { myKey: { path: { to: { Value: 'Value' } } } }
.
The <Text />
component is just a wrapper intended to help you out when you don't need or want to wire your component up to contextTypes
and process things yourself. All it's really doing it helping you call localize(key, values)
. By default it returns a span with all the other props you pass this component. Because this renders a <span>
it's not always useful, for example when localizing <input placeholder='something' />
.
This connector behaves similarly to connect() in that it will take a context.localize()
function provided by <Localization/>
and then pass it as a prop to the component you're intending to use.
import { localizationConnector } from 'react-localize';
const MyComponent = props => {
const {label, localize} = this.props;
return <p>
<label>{label}</label>
<input placeholder={localize('foo')} />;
</p>
};
export default localizationConnector(MyComponent);
There's also an HOC wrapper to quickly provide childContextTypes for a given component. Let's redo the first example above using this pattern:
// app.js
import { LocalizationWrapper } from 'react-localize';
import MyApp from './app.js';
const localizationBundle = {
'app.button.Submit': 'Submit',
foo: {
bar: 'Hey %s, you must be %d old?'
}
};
export default LocalizationWrapper(MyApp, localizationBundle)
This is just a convenience HOC for declaring childContextTypes
for your app, the same way <Localization><MyApp /></Localization>
does.
If you pass <Localization xLocale={true} />
this short circuits context.localize()
calls to always return XXXXXX
. This can be useful for viewing your UI and identifying which parts of the application are not using localization.
Utilizing <Localization debug={true} />
expands the <Text />
helper to include an HTML attribute data-original-message
, which will be set to the message
prop given. This can be useful in areas like Chrome DevTools where you want to see what key an element is using to localize things without having to swap back to your code.
context.localize(key, values)
simply tries to look messageBundle[key]
up using lodash/get
. It then calls this.props.localize(message, key, values);
so that the string can be formatted, you can utilize the default formatter function we provide, or you can override this to suit your needs. If the key is not found on your bundle, by default you'll receive the key back.
The default localize()
format function behaves similar to printf
formatted strings. You can read more about how that works on util.format as well. Here's some quick examples:
util.format('Why hello, %s!', 'Foophen');
// 'Why hello, Foophen!'
util.format('There are %d things you have to do today', 5)
// There are 5 things you have to do today
React is in package.json's dev and peer dependencies because React is required for running the tests. You'll need to build before the tests will work as they're run against the built files. We're using Puny to test because tests for react-localize should be simple & fast.
npm run build
npm t
3.0.0, 3.0.0-beta 2017-04-26
peerDependencies
now includes prop-types
🎉.FAQs
A simple context wrapper and text localization component for localizing strings
We found that react-localize demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.