Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
squint-cljs
Advanced tools
Squint is an experimental ClojureScript syntax to JavaScript compiler.
Squint is not intended as a replacement for ClojureScript but as a tool to target JS for anything you would not use ClojureScript for, for whatever reason: performance, bundle size, ease of interop, etc.
:warning: This project should be considered experimental and may still undergo breaking changes. It's fine to use it for non-critical projects but don't use it in production yet.
Although it's early days, you're welcome to try out squint
and submit issues.
$ mkdir squint-test && cd squint-test
$ npm init -y
$ npm install squint-cljs@latest
Create a .cljs
file, e.g. example.cljs
:
(ns example
(:require ["fs" :as fs]
["url" :refer [fileURLToPath]]))
(println (fs/existsSync (fileURLToPath js/import.meta.url)))
(defn foo [{:keys [a b c]}]
(+ a b c))
(println (foo {:a 1 :b 2 :c 3}))
Then compile and run (run
does both):
$ npx squint run example.cljs
true
6
Run npx squint --help
to see all command line options.
Squint lets you write CLJS syntax but emits small JS output, while still having parts of the CLJS standard library available (ported to mutable data structures, so with caveats). This may work especially well for projects e.g. that you'd like to deploy on CloudFlare workers, node scripts, Github actions, etc. that need the extra performance, startup time and/or small bundle size.
(slides)
"squint-cljs/core.js"
module has similar JS equivalents(def x (js/await y))
. Async functions must be marked
with ^:async
: (defn ^:async foo [])
.assoc!
, dissoc!
, conj!
, etc. perform in place mutation on objectsassoc
, dissoc
, conj
, etc. return a new shallow copy of objectsprintln
is a synonym for console.log
pr-str
and prn
coerce values to a string using JSON.stringify
If you are looking for ClojureScrip semantics, take a look at cherry.
Squint does not implement Clojure seqs. Instead it uses the JavaScript iteration protocols to work with collections. What this means in practice is the following:
seq
takes a collection and returns an Iterable of that collection, or nil if it's emptyiterable
takes a collection and returns an Iterable of that collection, even if it's emptyseqable?
can be used to check if you can call either oneMost collections are iterable already, so seq
and iterable
will simply
return them; an exception are objects created via {:a 1}
, where seq
and
iterable
will return the result of Object.entries
.
first
, rest
, map
, reduce
et al. call iterable
on the collection before
processing, and functions that typically return seqs instead return an array of
the results.
With respect to memory usage:
(js/global.gc)
(println (js/process.memoryUsage))
(defn doit []
(let [x [(-> (new Array 10000000)
(.fill 0)) :foo :bar]
;; Big array `x` is still being held on to by `y`:
y (rest x)]
(println (js/process.memoryUsage))
(vec y)))
(println (doit))
(js/global.gc)
;; Note that big array is garbage collected now:
(println (js/process.memoryUsage))
Run the above program with node --expose-gc ./node_cli mem.cljs
You can produce JSX syntax using the #jsx
tag:
#jsx [:div "Hello"]
produces:
<div>Hello</div>
and outputs the .jsx
extension automatically.
You can use Clojure expressions within #jsx
expressions:
(let [x 1] #jsx [:div (inc x)])
Note that when using a Clojure expression, you escape the JSX context so when you need to return more JSX, use the #jsx
once again:
(let [x 1]
#jsx [:div
(if (odd? x)
#jsx [:span "Odd"]
#jsx [:span "Even"])])
To pass props, you can use :&
:
(let [props {:a 1}]
#jsx [App {:& props}])
See an example of an application using JSX here (source).
squint supports async/await
:
(defn ^:async foo [] (js/Promise.resolve 10))
(def x (js/await (foo)))
(println x) ;;=> 10
Squint is licensed under the EPL. See epl-v10.html in the root directory for more information.
FAQs
Unknown package
The npm package squint-cljs receives a total of 221 weekly downloads. As such, squint-cljs popularity was classified as not popular.
We found that squint-cljs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.