Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
should-not-update
Advanced tools
ShouldNotUpdate
Simple component utilizing the shouldComponentUpdate lifecycle hook. Wrap it around child components that you don't want to rerender on property changes.
import ShouldNotUpdate from 'should-not-update'
const MyComponent = ({ someProp }) => (
<ShouldNotUpdate>
<InnerComponent someProp={someProp}>
This is not updating on property change
</InnerComponent>
</ShouldNotUpdate>
)
Rendered component
By default, ShouldNotUpdate will render as a div element, but that can be changed by setting the component prop, which accepts either a tag name string (such as 'div' or 'span')
<ShouldNotUpdate component="ul">
or a React component type (a class or a function), which should render their children to be useful.
const MyComponent = ({ children }) => (
<div>
{children}
</div>
)
<ShouldNotUpdate component={MyComponent}>
Exceptions to the rule
Sometimes you want child components to re-render under certain conditions. You can add these conditions by setting the exceptWhen prop.
const MyComponent = ({ someProp }) => (
<ShouldNotUpdate exceptWhen={someProp === 42}>
<InnerComponent someProp={someProp}>
This only updates on property change when someProp is 42
</InnerComponent>
</ShouldNotUpdate>
)
Other properties
All properties besides children, component and exceptWhen are directly passed to the rendered component.
const MyComponent = ({ someProp }) => (
<ShouldNotUpdate component="nav" role="navigation">
<InnerComponent someProp={someProp}>
This is not updating on property change
</InnerComponent>
</ShouldNotUpdate>
)
Use cases
Amongst others, one possible use case is not re-rendering static children of a react-motion spring animation on every animation frame.
import { Link } from 'react-router'
import { Motion, spring } from 'react-motion'
const OffCanvas = ({ isVisible }) => (
<Motion style={{ left: spring(isVisible ? 0 : -250) }}>
{style => <nav role="navigation" style={style}>
<ShouldNotUpdate component="ul">
<li><Link to="/">Home</Link></li>
</ShouldNotUpdate>
</nav>}
</Motion>
);
FAQs
Declarative shouldComponentUpdate wrapper
The npm package should-not-update receives a total of 16 weekly downloads. As such, should-not-update popularity was classified as not popular.
We found that should-not-update demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 15 Jan 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026