Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
redux-rungen
Advanced tools
Generator middleware for Redux (Based on rungen)
I like redux-saga a lot, It's quite powerfull and if you already use it and feel quite happy about it, than just continue. This is just a pale copy of it :).
But if like me,
And in the same time you find the redux-saga
approach a little bit harder to reason about in comparison to thunks
, than I made this library for you (for me at first :P)
The principle here is simple. Instead of writing your action creators using thunks, you just replace them (one to one) by generators.
Example :
Take the following thunk action creator
function requestPost(id) {
return dispatch => {
dispatch({ type: 'post-fetch', payload: id })
fetch('/api/post/' + id)
.then(post => {
dispatch({ type: 'post-fetch-success', payload: post })
})
.catch(error => {
dispatch({ type: 'post-fetch-error', payload: error })
})
}
}
The equivalent using redux-rungen
is
import {put} from 'redux-rungen'
import {call} from 'rungen'
function* requestPost(id) {
yield put({ type: 'post-fetch', payload: id })
try {
const post = yield call(fetch, '/api/post/' + id)
yield put({ type: 'post-fetch-success', payload: post })
} catch (error) {
yield put({ type: 'post-fetch-error', payload: error })
}
}
fork
/join
effects.If you are not yet familiar with ES6 generators and runtimes like co or rungen, I understand.
So if you are not interested in the ease of testing and are happy with what you're doing
using thunks
, you certainly don't want to use rungen :)
FAQs
Write your redux action creators as generators
The npm package redux-rungen receives a total of 0 weekly downloads. As such, redux-rungen popularity was classified as not popular.
We found that redux-rungen demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.