
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
redux-detector
Advanced tools
Redux Detector requires Redux 3.1.0 or later.
npm install --save redux-detector
This assumes that youβre using npm package manager with a module bundler like Webpack to consume ES6 or CommonJS modules.
To enable Redux Detector, use createDetectorEnhancer
:
import { createStore } from "redux";
import { createDetectorEnhancer } from "redux-detector";
import { rootReducer } from "./store/reducer/rootReducer";
import { rootDetector } from "./store/detector/rootDetector";
const store = createStore(rootReducer, createDetectorEnhancer(rootDetector));
Redux Detector enhancer allows you to detect state changes in the Redux.
The Detector
is a pure function which accepts previous and next state and returns something for given states transition.
type Detector<TState, TResult> = (
prevState: TState | undefined,
nextState: TState | undefined
) => TResult;
The Actions Detector
is a Detector
which returns action, list of actions or nothing.
Returned actions are automatically dispatched by the enhancer.
import { Detector } from "redux-detector";
import { Action } from "redux";
type ActionsDetector<TState, TAction extends Action> = Detector<
TState,
TAction | TAction[] | void
>;
Another type of the detector is the Condition Detector
which returns boolean values.
import { Detector } from "redux-detector";
type ConditionDetector<TState> = Detector<TState, boolean>;
These two types of detectors have different responsibility:
Condition Detectors
describes a condition that we want to detectActions Detectors
describes which action we want to dispatchThanks to its functional nature and purity, detectors are easy to test. They don't break Single Source of Truth principle as the input is only previous and next state.
Let's start simply - implement a condition detector that checks if number of login attempts exceeded 3.
export const exceededLoginAttemptsLimit = (prevState, nextState) =>
prevState.attempts <= 3 && nextState.attempts > 3;
We can make above example more generic - prevState.attempts <= 3
is the same as !(prevState.attempts > 3)
.
That means that we check if some condition is not truthy for the previous state but is truthy for the next state.
This kind of transition can be handled by the changedToTruthy
function.
import { changedToTruthy } from "redux-detector";
export const exceededLoginAttemptsLimit = changedToTruthy(
state => state.attempts > 3
);
Redux Detector library provides other useful functions to model condition detectors - please check the API documentation to learn more.
The next step is to use an action detector to dispatch an action when the limit became exceeded.
To do so, we will use composeIf
function.
import { composeIf, changedToTruthy } from "redux-detector";
import { blockUser } from "../action/userAction";
const blockUserDetector = composeIf(
changedToTruthy(state => state.attempts > 3),
() => blockUser()
);
The createDetectorEnhancer
function accepts only one detector, so we have to compose all
detectors to the one rootDetector
.
import { composeDetectors } from "redux-detector";
import { blockUserDetector } from "./userDetector";
// other detectors...
import { companyDetector } from "./companyDetector";
export const rootDetector = composeDetectors(
blockUserDetector,
companyDetector
);
And that's all - redux-detector
will dispatch blockUser()
when login attempts exceeded 3 π
For more detailed documentation, please check API reference.
Redux Detector provides replaceDetector
method on DetectableStore
interface (store created by Redux Detector). It's similar to
replaceReducer
- it changes detector and dispatches { type: '@@detector/INIT' }
.
If you are using TypeScript, typings are provided in the npm package. This library doesn't provide Flow typings.
MIT
FAQs
Redux enhancer for pure detection of state changes.
The npm package redux-detector receives a total of 936 weekly downloads. As such, redux-detector popularity was classified as not popular.
We found that redux-detector demonstrated a not healthy version release cadence and project activity because the last version was released a year ago.Β It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.