Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
react-redux
Advanced tools
The react-redux package is the official React bindings for Redux. It allows React components to read data from a Redux store, and dispatch actions to the store to update data.
Provider Component
The Provider component makes the Redux store available to any nested components that need to access the Redux store.
{"import { Provider } from 'react-redux';
import { createStore } from 'redux';
import rootReducer from './reducers';
import App from './App';
const store = createStore(rootReducer);
const rootElement = document.getElementById('root');
ReactDOM.render(
<Provider store={store}>
<App />
</Provider>,
rootElement
);"}
connect Function
The connect function connects a React component to the Redux store. It can map state and dispatch to the props of the component.
{"import { connect } from 'react-redux';
import { increment, decrement } from './actionCreators';
function Counter({ count, increment, decrement }) {
return (
<div>
<button onClick={decrement}>-</button>
<span>{count}</span>
<button onClick={increment}>+</button>
</div>
);
}
const mapStateToProps = state => ({
count: state.count
});
const mapDispatchToProps = {
increment,
decrement
};
export default connect(mapStateToProps, mapDispatchToProps)(Counter);"}
useSelector Hook
The useSelector hook allows you to extract data from the Redux store state, using a selector function.
{"import { useSelector } from 'react-redux';
function MyComponent() {
const data = useSelector(state => state.data);
return <div>{data}</div>;
}"}
useDispatch Hook
The useDispatch hook returns a reference to the dispatch function from the Redux store. You can use it to dispatch actions.
{"import { useDispatch } from 'react-redux';
import { myAction } from './actionCreators';
function MyComponent() {
const dispatch = useDispatch();
return (
<button onClick={() => dispatch(myAction())}>Dispatch Action</button>
);
}"}
MobX-react is a package that provides React bindings for MobX. MobX is a state management library that uses observables to reactively update the UI when state changes. It is conceptually different from Redux and does not use a single store or reducers, but it provides a similar capability to reactively manage state in a React application.
Zustand is a small, fast, and scalable bearbones state-management solution using simplified flux principles. It is not tied to React and does not use reducers; instead, it works with a mutable state and provides a simple and intuitive API. It's more straightforward than Redux and can be an alternative for smaller applications or for developers who prefer a less boilerplate code approach.
Recoil is a state management library for React developed by Facebook. It provides several capabilities similar to Redux, such as shared state between components, but it uses a different approach based on atoms (units of state) and selectors (pure functions to derive state). Recoil works with React's concurrent mode out of the box and is meant to be more efficient and easier to use with React's functional components.
Context-state is a library that leverages the React Context API to manage state. It is a simpler alternative to Redux that might be suitable for applications with a less complex state management requirement. It does not have middleware or the same level of devtools support as Redux, but it can be a lightweight solution for simpler use cases.
Official React bindings for Redux.
Performant and flexible.
The recommended way to start new apps with React Redux is by using the official Redux+JS template for Create React App, which takes advantage of Redux Toolkit.
npx create-react-app my-app --template redux
React Redux 7.1 requires React 16.8.3 or later.
To use React Redux with your React app, install it as a dependency:
# If you use npm:
npm install react-redux
# Or if you use Yarn:
yarn add react-redux
You'll also need to install Redux and set up a Redux store in your app.
This assumes that you’re using npm package manager with a module bundler like Webpack or Browserify to consume CommonJS modules.
If you don’t yet use npm or a modern module bundler, and would rather prefer a single-file UMD build that makes ReactRedux
available as a global object, you can grab a pre-built version from cdnjs. We don’t recommend this approach for any serious application, as most of the libraries complementary to Redux are only available on npm.
As of React Native 0.18, React Redux 5.x should work with React Native. If you have any issues with React Redux 5.x on React Native, run npm ls react
and make sure you don’t have a duplicate React installation in your node_modules
. We recommend that you use npm@3.x
which is better at avoiding these kinds of issues.
The React Redux docs are now published at https://react-redux.js.org .
We're currently expanding and rewriting our docs content - check back soon for more updates!
We do a deep dive on how React Redux works in this readthesource episode.
Also, the post The History and Implementation of React-Redux explains what it does, how it works, and how the API and implementation have evolved over time.
Enjoy!
FAQs
Official React bindings for Redux
The npm package react-redux receives a total of 6,542,528 weekly downloads. As such, react-redux popularity was classified as popular.
We found that react-redux demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.