![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
stimulus
Advanced tools
Readme
Stimulus is a front-end framework with structured conventions for handling events and tracking the lifecycle of DOM elements. Sprinkle your HTML with magic controller, target, and action attributes:
<div data-controller="hello">
<input data-target="hello.name" type="text">
<button data-action="click->hello#greet">Greet</button>
</div>
Then write a compatible controller. Stimulus brings it to life automatically:
// hello_controller.js
import { Controller } from "stimulus"
export default class extends Controller {
greet() {
console.log(`Hello, ${this.name}!`)
}
get name() {
return this.inputElement.value
}
get inputElement() {
return this.targets.find("name")
}
}
Unlike other frameworks, Stimulus is render-agnostic—it works regardless of how or when you change the DOM. Stimulus continuously watches the page, kicking in as soon as magic attributes appear or disappear. That makes it a great fit for static sites, server-rendered applications, and Turbolinks-style SPAs.
You can write your first controller in five minutes by following along in The Stimulus Handbook.
Stimulus integrates with the webpack asset packager to automatically load controller files from a folder in your app.
You can use Stimulus with other asset packaging systems, too. And if you prefer no build step at all, just drop a <script>
tag on the page and get right down to business.
See the Installation Guide for detailed instructions.
Stimulus is MIT-licensed open source software from Basecamp, the creators of Ruby on Rails.
Have a question about Stimulus? Find a bug? Think the documentation could use some improvement? Head over to our issue tracker and we'll do our best to help. We love pull requests, too!
We expect all Stimulus contributors to abide by the terms of our Code of Conduct.
© 2018 Basecamp, LLC.
FAQs
Stimulus JavaScript framework
The npm package stimulus receives a total of 102,179 weekly downloads. As such, stimulus popularity was classified as popular.
We found that stimulus demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.