Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
redux-deep-persist
Advanced tools
Allows to easily create a deep configuration of a whitelist or blacklist for the redux-persist module.
Redux Deep Perist contains transforms and state reconciler for Redux Persist giving you a possibility to define a nested configuration for your redux-persist.
If your redux state is deeply nested you don't have to create multiple, nested persist configs. You can easily create a whitelist or a blacklist for fields at any level of your state, using simple dot notation ['someProp.secondLevel.thirdLevel.anotherLevel']
Redux documentation recommends to keep the state as flat as possible, but it is not always possible. Redux Deep Persist may be very helpful in a situation when deep nesting is hard to avoid.
npm install redux-deep-persist
Configuration is similar to the Redux Persist, the only difference is you don't have to define nested persist configs. You can use getPersistConfig which will return the correct configuration you need.
It doesn't matter how deep you want to persist your state.
{
property1: {
a1: {
b1: {
c1: 'some value'
}
},
a2: {
b2: {
c2: 'some value',
d2: 'some value'
}
}
},
property2: {
a1: {
b1: {
c1: {
d1: 'some value'
}
}
}
a2: 'some value'
},
}
import { getPersistConfig } from 'redux-deep-persist';
const config = getPersistConfig({
key: 'root',
storage: LocalStorage, // whatever storage you use
whitelist: [
'property1.a1.b1',
'property1.a2.b2.c2',
'property2.a2',
],
rootReducer, // your root reducer must be also passed here
... // any other props from original redux-persist config omitting the state reconciler
})
Whitelist configuration property contains paths that define pieces of your state to be kept in your storage.
{
...
whitelist: ['a.b.4.c.8.5'] // the numbers represent indexes of arrays
}
The package has config validators and if your config is wrong you may see the following errors:
"You should not define a whitelist and blacklist in parallel."
"Duplicates of paths found in your whitelist/blacklist."
["property1", "property2.a2", "property1"]
."Subsets of some parent keys found in your whitelist/blacklist. You must decide if you want to persist an entire path or its specific subset."
["property1", "property1.a1"]
I want to thank Andrzej Wilde and David de Rosier for all their support and accurate reviews.
FAQs
Allows to easily create a deep configuration of a whitelist or blacklist for the redux-persist module.
We found that redux-deep-persist demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.