Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
ThemeProvider
allows you to pass, update, merge and augment theme
through context down react tree.withTheme
allows you to receive theme and its updates in your components as a theme
prop.createTheming
allows you to integrate theming
into your CSSinJS library with custom channel
(if you need custom one).See Motivation for details.
npm install --save theming
# or
yarn add theming
In your components
Note: this component i will use later to show what theme you will get
import React from 'react';
import { withTheme } from 'theming';
const DemoBox = props => {
console.log(props.theme);
return (<div />);
}
export default withTheme(DemoBox);
In your app
import React from 'react';
import { ThemeProvider } from 'theming';
import DemoBox from './components/DemoBox'
const theme = {
color: 'black',
background: 'white',
};
const App = () => (
<ThemeProvider theme={theme}>
<DemoBox /> {/* { color: 'black', background: 'white' } */}
</ThemeProvider>
)
export default App;
Be our guest, play with theming
in codesandbox:
https://codesandbox.io/s/jvwzkkxrp5
These components are enabling seamless theming for your react applications. And as far as you dont want to pass theme object to each and every component. Thats why you want to use context. But as far context feature is experimental API and it is likely to break in future releases of React you don't want to use it directly. Here theming
comes to play.
If you insist on using context despite these warnings, try to isolate your use of context to a small area and avoid using the context API directly when possible so that it's easier to upgrade when the API changes.
If you insist on using context despite these warnings, try to isolate your use of context to a small area and avoid using the context API directly when possible so that it's easier to upgrade when the API changes.
— Context, React documentation
Regarding isolation your use of context to a small area and small areas_ in particular our very own react prophet Dan Abramov have a thing to say:
Should I use React unstable “context” feature?
— Dan Abramov @dan_abramov on Twitter
So you are fine to use context for theming. theming
package provides everything you need to do that:
ThemeProvider
allows you to pass and update theme
through context down react tree.withTheme
allows you to receive theme and its updates in your components as a theme
prop.createTheming
allows you to integrate theming
into your CSSinJS library with a custom context
(if you need custom one).React High-Order component, which passes theme object down the react tree by context.
import { ThemeProvider } from 'theming';
const theme = { /*…*/ };
<ThemeProvider theme={theme}>
<App />
</ThemeProvider>
Required
Type: Object
, Function
If its Object
and its root ThemeProvider
then its intact and being passed down the react tree.
const theme = { themed: true };
<ThemeProvider theme={theme}>
<DemoBox /> {/* { themed: true } */}
</ThemeProvider>
If its Object
and its nested ThemeProvider
then its being merged with theme from parent ThemeProvider
and passed down to the react tree.
const theme = { themed: true };
const patch = { merged: true };
<ThemeProvider theme={theme}>
<ThemeProvider theme={patch}>
<DemoBox /> {/* { themed: true, merged: true } */}
</ThemeProvider>
</ThemeProvider>
If its Function
and its nested ThemeProvider
then its being applied to the theme from parent ThemeProvider
. if result is an Object
it will be passed down to the react tree, throws otherwise.
const theme = { themed: true };
const augment = outerTheme =>
Object.assign({}, outerTheme, { augmented: true });
<ThemeProvider theme={theme}>
<ThemeProvider theme={augment}>
<DemoBox /> {/* { themed: true, augmented: true } */}
</ThemeProvider>
</ThemeProvider>
Required
Type: PropTypes.element
React High-Order component, which maps context to theme prop.
Required
Type: PropTypes.element
You need to have ThemeProvider
with a theme somewhere upper the react tree, after that wrap your component in withTheme
and your component will get theme as a prop. withTheme
will handle initial theme object as well as theme updates.
PS. It doesnt break if you have PureComponent
somewhere in between your ThemeProvider and withTheme (i have tests for that).
Usage with Component:
import React from 'react';
import { withTheme } from 'theming';
const DemoBox = props => {
console.log(props.theme);
return (<div />);
}
export default withTheme(DemoBox);
In the app:
import React from 'react';
import { ThemeProvider } from 'theming';
import DemoBox from './components/DemoBox'
const theme = {
color: 'black',
background: 'white',
};
const App = () => (
<ThemeProvider theme={theme}>
<DemoBox /> {/* { color: 'black', background: 'white' } */}
</ThemeProvider>
)
export default App;
Function to create ThemeProvider
and withTheme
with custom context.
The context you pass in will be used.
Type: Object
Result: Object { withTheme, ThemeProvider }
withTheme
and ThemeProvider
will use the context passed to createTheming
.
import { createTheming } from 'theming';
import createReactContext from 'create-react-context';
const context = createReactContext({});
const theming = createTheming(context);
const { withTheme, ThemeProvider } = theming;
export default {
withTheme,
ThemeProvider,
};
We export the default ThemeContext so you can use it with the new static contextType
with classes or even the new React Hooks API.
This is the context which also the exported withTheme
and ThemeProvider
use.
import { ThemeContext } from 'theming';
MIT © Vladimir Starkov
FAQs
Unified CSSinJS theming solution for React
We found that theming demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.