Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
ThinkJS - Use full ES6/7 features to develop web applications, Support TypeScript
As a Node.js MVC framework, ThinkJS 2.0 has completely been rewritten with brand-new ECMAScript 2015/2016 features. By using ES2016's async/await
or ES2015's Generator Function
features, ThinkJS 2.0 could thoroughly solve the asynchronous nesting problem within Node.js. Also, ThinkJS 2.0 has designed by absorbing the concepts and ideas of many frameworks around the world, so developing Node.js projects with ThinkJS would be more simple and efficient than ever.
It's a trend that using ES2015/2016 features to develop projects thanks to the high development efficiency. The new version of Node.js has improved to support many ES2015/2016 features, though some features have not been supported until now, and for those features we can use Babel to compile the code.
//user controller, home/controller/user.js
export default class extends think.controller.base {
//login action
async loginAction(self){
//if it's GET method,display the login page
if(this.isGet()){
return this.display();
}
//here, we can use POST retrieve all data, and the data have been validated in the logic
let data = this.post();
let md5 = think.md5('think_' + data.pwd);
//user name and encrypted password are used to match the recod in the database
let result = await this.model('user').where({name: data.name, pwd: md5}).find();
//if nothing matched, mean user name or password is/or all are incorrect
if(think.isEmpty(result)){
return this.fail('login fail');
}
//obtain the user infomation, and write to the seesion
await this.session('userInfo', result);
return this.success();
}
}
With the help of Babel compiling, we can use the ES2015/2016 features boldly, and then the code can run in the Node.js 0.12.0+ environment stably.
npm install -g thinkjs
thinkjs new demo --es
npm install
npm start
You will see some messages on console like :
[2016-01-12 15:09:51] [THINK] Server running at http://127.0.0.1:8360/
[2016-01-12 15:09:51] [THINK] ThinkJS Version: 2.1.0
[2016-01-12 15:09:51] [THINK] Cluster Status: closed
[2016-01-12 15:09:51] [THINK] WebSocket Status: closed
[2016-01-12 15:09:51] [THINK] File Auto Compile: true
[2016-01-12 15:09:51] [THINK] File Auto Reload: true
[2016-01-12 15:09:51] [THINK] App Enviroment: development
Evaluate whether a good framework, on the one hand to see the support of the function, it also depends on the performance. Although ThinkJS more suits for large projects, functions and complexity far exceeds Express and Koa, but the performance is not much less than the Express and Koa.
tips
: The above data using distributed stress testing system to test.
All we can see is that there has just little distance in ThinkJS and Express, Koa. ThinkJS and Sails.js both suits large projects, but ThinkJS has higher performance than Sails.js.
You can go https://github.com/thinkjs-team/thinkjs-performance-test to clone all testing code and run in local. If you use ab
testing tool, you shoud know it is instability on Mac.
FAQs
ThinkJS - Use full ES6+ features to develop web applications
The npm package thinkjs receives a total of 575 weekly downloads. As such, thinkjs popularity was classified as not popular.
We found that thinkjs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.