Type safe state management inspired by Vuex

Overview

Sinai

npm version Build Status sinai Dev Token

Type safe state management inspired by Vuex.

This library includes many type level hacks. Use at your own risk and do not use if you are unsure about the mechanism under the hood.

If you search a production ready state management solution, take a look vuex-smart-module

Requirements

  • Vue >= 2.5
  • TypeScript >= 2.8

Examples

import { store as createStore, module, Getters, Mutations, Actions } from 'sinai'

// Declare the module state and its initial value
class CounterState {
  count = 0
}

// Declare getters
class CounterGetters extends Getters<CounterState>() {
  get half () {
    return this.state.count / 2
  }
}

// Declare mutations
class CounterMutations extends Mutations<CounterState>() {
  inc () {
    this.state.count += 1
  }

  dec () {
    this.state.count -= 1
  }
}

// Declare actions
class CounterActions extends Actions<CounterState, CounterGetters, CounterMutations>() {
  asyncInc (ms: number) {
    console.log('count: ' + this.state.count)
    console.log('half: ' + this.getters.half)

    return new Promise(resolve => {
      setTimeout(() => {
        this.mutations.inc()
        resolve()
      }, ms)
    })
  }
}

// Create module by composing state/getters/mutations/actions
const counter = module({
  state: CounterState,
  getters: CounterGetters,
  mutations: CounterMutations,
  actions: CounterActions
})

// Create root module
const root = module().child('counter', counter)

// Create store
const store = createStore(root, {
  strict: process.env.NODE_ENV !== 'production'
})

// These will be all type checked
console.log(store.state.counter.count)
console.log(store.getters.counter.half)
store.actions.counter.asyncInc(1000)
store.mutations.counter.inc()

For other examples, see tests.

License

MIT

Comments
  • Cross module dependencies

    Cross module dependencies

    Hello there!

    I've recently started using your library since I really love the type safety it brings. However I've hit a major roadblock. I have two modules (user session & current document="adventure" being edited) which some other modules depend on.

    However, I cannot simply import my store in these modules without triggering a TypeScript compiler error due to it being a cyclic dependency: 'store' implicitly has type 'any' because it does not have a type annotation and is referenced directly or indirectly in its own initializer.ts(7022)

    index.ts: image [...snip...] image

    Room.ts: [...snip...] image [...snip...]

    If I remove the store import in the first line of the Room.ts screenshot everything compiles just fine.

    I've tried some hacks such as accessing the private member store of the __proxy__ variable, but it always leads to the same error.

    How would one introduce depenencies on other moduels with this library?

    Thanks for your time!

    opened by SachsKaylee 5
  • To use this.$store in Vue Component

    To use this.$store in Vue Component

    Set up as below code

    import * as Sinai from 'sinai'
    import aside from './aside'
    import Vue from 'vue'
    
    Vue.use(Sinai)
    
    const root = Sinai.module().child('aside', aside())
    
    export const store =  Sinai.store(root, {
      strict: process.env.DEV,
    })
    
    
    class Fake {
      get store() {
        return store
      }
    }
    
    declare module 'vue/types/vue' {
      interface Vue {
        $store: typeof Fake.prototype.store
      }
    }
    
    export default () => (store)
    

    Now you can use this.$store like below

      import {Component, Vue} from 'vue-property-decorator'
      import store from 'src/store'
    
      @Component
      export default class IndexPage extends Vue {
    
        meta: {
    
        }
    
        mounted() {
          console.log(store().state.aside.version)
        }
      }
    

    image

    opened by bichikim 3
  • Mutations of parent classes not recognized in DevTools

    Mutations of parent classes not recognized in DevTools

    Mutations are not recognized in the dev tools if the mutation method is located in a parent class and called on a sub class.

    This is my current implementation:

    abstract class AbstractMutations extends Mutations {
      myMutation() { ... }
    }
    

    And this is the mutations class that the mutation gets called on:

    class ConcreteMutations extends AbstractMutations { }
    

    The app is working as expected, it's just not debuggable like that.

    opened by econic 3
  • No store type when using module().child(...)  as per README

    No store type when using module().child(...) as per README

    Hi,

    When I try to reproduce the code on the README, I get Property 'counter' does not exist on type '{}' error when doing store.state.counter.count

    The store declaration is

    // Create root module
    const root = module().child('counter', counter)
    
    // Create store
    const rootStore = store(root, {
      strict: process.env.NODE_ENV !== 'production'
    })
    

    But if I pass the counter module instead, it works as expected when doing store.state.count :

    // Create store
    const rootStore = store(counter, { // <--
      strict: process.env.NODE_ENV !== 'production'
    })
    

    and I couldn't figure out how to make "module()" work. Is there something I'm missing? What I want is to partition my store in several modules.

    opened by fnzr 2
  • typing conlfict: store VueStore

    typing conlfict: store VueStore

    I get the following error:

    Subsequent variable declarations must have the same type. Variable 'store' must be of type 'VueStore<any, any, any, any> | undefined', but here has type 'Store | undefined'.

    It seems that the sinai VueStore Interface is conflicting with the vue Store interface

    I am using nuxtjs. This might play a role.

    opened by christophmayrhofer 2
  • chore(deps-dev): bump @types/node from 13.13.0 to 16.4.1

    chore(deps-dev): bump @types/node from 13.13.0 to 16.4.1

    Bumps @types/node from 13.13.0 to 16.4.1.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 1
  • chore(deps-dev): bump @types/node from 13.13.0 to 16.3.3

    chore(deps-dev): bump @types/node from 13.13.0 to 16.3.3

    Bumps @types/node from 13.13.0 to 16.3.3.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 1
  • chore(deps-dev): bump vue-loader from 15.9.1 to 16.3.1

    chore(deps-dev): bump vue-loader from 15.9.1 to 16.3.1

    Bumps vue-loader from 15.9.1 to 16.3.1.

    Release notes

    Sourced from vue-loader's releases.

    v16.3.0

    Features

    • pass on compilerOptions and refSugar when using <script setup> (7137294)

    v16.2.0

    Features

    • enable :slotted usage detection (66a3759)

    v16.1.2

    Note: vue-loader v16 is for Vue 3 only.

    Bug Fixes

    • resourceQuery could be undefined in webpack 5 (6a1ee76), closes #1771

    v16.1.1

    v16.1.0

    New Features

    • feat: allow manually specifying whether server-rendering is targeted (9bbb82b)

    v16.0.0

    New Features

    • feat: support for experimental sfc features
      • new <script setup> vuejs/rfcs#227
      • new <style> variable injection vuejs/rfcs#231 Requires a version of @vue/compiler-sfc that supports the above features.

    Bug Fixes

    • fix: update hmr api usage (f9dd610)
    • fixed thread-loader compatibility for <script setup> support

    v16.0.0-rc.2

    Bug Fixes

    • fix: disable esModuleInterop & allowSyntheticDefaultImports and regenerate the type definitions (c76f5e5)

    Known Issues

    • SSR usage needs more thorough testing.
    • vue-style-loader hasn't been not updated for Vue 3 yet. Please use mini-css-extract-plugin for CSS extraction.
    • No shadowMode support.
    • <script setup> support is experimental. It does not work well with thread-loader. In Vue CLI, you need to set parallel: false for this feature to work correctly. Also, please follow vuejs/rfcs#227, vuejs/rfcs#228 for more possible script setup sugars in the future.

    ... (truncated)

    Changelog

    Sourced from vue-loader's changelog.

    15.9.7 (2021-05-11)

    Bug Fixes

    • [plugin] Use compiler.webpack when possible (#1822) (f7ee30b), closes #1781
    • check for compiler.webpack existence (2472b2f)

    15.9.6 (2020-12-17)

    Bug Fixes

    • resourceQuery could be undefined in webpack 5 (a2b89d3), closes #1771

    15.9.5 (2020-11-02)

    Bug Fixes

    • add rule plugins to keep up with webpack 5 new features (7ca8e2c)
    • ensure new webpack5 generator property in rules passes ruleset checks (#1753) (f79bb08), closes #1729

    15.9.4 (2020-10-27)

    Bug Fixes

    • fix id differences between different operating systems (#1706) (afe8a0d)
    • fix mini-css-extract-plugin missing default export error (#1748) (429a284)

    15.9.3 (2020-06-23)

    Bug Fixes

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 1
  • chore(deps-dev): bump @types/node from 13.13.0 to 16.3.0

    chore(deps-dev): bump @types/node from 13.13.0 to 16.3.0

    Bumps @types/node from 13.13.0 to 16.3.0.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 1
  • chore(deps-dev): bump vue-loader from 15.9.1 to 16.3.0

    chore(deps-dev): bump vue-loader from 15.9.1 to 16.3.0

    Bumps vue-loader from 15.9.1 to 16.3.0.

    Release notes

    Sourced from vue-loader's releases.

    v16.1.2

    Note: vue-loader v16 is for Vue 3 only.

    Bug Fixes

    • resourceQuery could be undefined in webpack 5 (6a1ee76), closes #1771

    v16.1.1

    v16.1.0

    New Features

    • feat: allow manually specifying whether server-rendering is targeted (9bbb82b)

    v16.0.0

    New Features

    • feat: support for experimental sfc features
      • new <script setup> vuejs/rfcs#227
      • new <style> variable injection vuejs/rfcs#231 Requires a version of @vue/compiler-sfc that supports the above features.

    Bug Fixes

    • fix: update hmr api usage (f9dd610)
    • fixed thread-loader compatibility for <script setup> support

    v16.0.0-rc.2

    Bug Fixes

    • fix: disable esModuleInterop & allowSyntheticDefaultImports and regenerate the type definitions (c76f5e5)

    Known Issues

    • SSR usage needs more thorough testing.
    • vue-style-loader hasn't been not updated for Vue 3 yet. Please use mini-css-extract-plugin for CSS extraction.
    • No shadowMode support.
    • <script setup> support is experimental. It does not work well with thread-loader. In Vue CLI, you need to set parallel: false for this feature to work correctly. Also, please follow vuejs/rfcs#227, vuejs/rfcs#228 for more possible script setup sugars in the future.

    v16.0.0-rc.1

    Bug Fixes

    • fix: add back webpack 5 generator support (3db9ab8)

    v16.0.0-rc.0

    Bug Fixes

    • fix: should apply cloned rules to custom blocks too (b2d7ffb)
    • fix: should check for type query for render function imports (41af4b6)

    ... (truncated)

    Changelog

    Sourced from vue-loader's changelog.

    15.9.7 (2021-05-11)

    Bug Fixes

    • [plugin] Use compiler.webpack when possible (#1822) (f7ee30b), closes #1781
    • check for compiler.webpack existence (2472b2f)

    15.9.6 (2020-12-17)

    Bug Fixes

    • resourceQuery could be undefined in webpack 5 (a2b89d3), closes #1771

    15.9.5 (2020-11-02)

    Bug Fixes

    • add rule plugins to keep up with webpack 5 new features (7ca8e2c)
    • ensure new webpack5 generator property in rules passes ruleset checks (#1753) (f79bb08), closes #1729

    15.9.4 (2020-10-27)

    Bug Fixes

    • fix id differences between different operating systems (#1706) (afe8a0d)
    • fix mini-css-extract-plugin missing default export error (#1748) (429a284)

    15.9.3 (2020-06-23)

    Bug Fixes

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 1
  • chore(deps-dev): bump @types/node from 13.13.0 to 15.14.0

    chore(deps-dev): bump @types/node from 13.13.0 to 15.14.0

    Bumps @types/node from 13.13.0 to 15.14.0.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 1
  • chore(deps): [security] bump tar from 4.4.8 to 4.4.15

    chore(deps): [security] bump tar from 4.4.8 to 4.4.15

    Bumps tar from 4.4.8 to 4.4.15. This update includes security fixes.

    Vulnerabilities fixed

    Sourced from The GitHub Security Advisory Database.

    Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization

    Impact

    Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution

    node-tar aims to prevent extraction of absolute file paths by turning absolute paths into relative paths when the preservePaths flag is not set to true. This is achieved by stripping the absolute path root from any absolute file paths contained in a tar file. For example /home/user/.bashrc would turn into home/user/.bashrc.

    This logic was insufficient when file paths contained repeated path roots such as ////home/user/.bashrc. node-tar would only strip a single path root from such paths. When given an absolute file path with repeating path roots, the resulting path (e.g. ///home/user/.bashrc) would still resolve to an absolute path, thus allowing arbitrary file creation and overwrite.

    Patches

    3.2.2 || 4.4.14 || 5.0.6 || 6.1.1

    NOTE: an adjacent issue CVE-2021-32803 affects this release level. Please ensure you update to the latest patch levels that address CVE-2021-32803 as well if this adjacent issue affects your node-tar use case.

    Workarounds

    Users may work around this vulnerability without upgrading by creating a custom onentry method which sanitizes the entry.path or a filter method which removes entries with absolute paths.

    const path = require('path')
    </tr></table> 
    

    ... (truncated)

    Affected versions: >= 4.0.0 < 4.4.14

    Sourced from The GitHub Security Advisory Database.

    Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning

    Impact

    Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution

    node-tar aims to guarantee that any file whose location would be modified by a symbolic link is not extracted. This is, in part, achieved by ensuring that extracted directories are not symlinks. Additionally, in order to prevent unnecessary stat calls to determine whether a given path is a directory, paths are cached when directories are created.

    This logic was insufficient when extracting tar files that contained both a directory and a symlink with the same name as the directory. This order of operations resulted in the directory being created and added to the node-tar directory cache. When a directory is present in the directory cache, subsequent calls to mkdir for that directory are skipped. However, this is also where node-tar checks for symlinks occur.

    By first creating a directory, and then replacing that directory with a symlink, it was thus possible to bypass node-tar symlink checks on directories, essentially allowing an untrusted tar file to symlink into an arbitrary location and subsequently extracting arbitrary files into that location, thus allowing arbitrary file creation and overwrite.

    This issue was addressed in releases 3.2.3, 4.4.15, 5.0.7 and 6.1.2.

    Patches

    3.2.3 || 4.4.15 || 5.0.7 || 6.1.2

    Workarounds

    Users may work around this vulnerability without upgrading by creating a custom filter method which prevents the extraction of symbolic links.

    ... (truncated)

    Affected versions: >= 4.0.0 < 4.4.15

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies security 
    opened by dependabot-preview[bot] 0
  • chore(deps-dev): bump @types/node from 13.13.0 to 16.4.8

    chore(deps-dev): bump @types/node from 13.13.0 to 16.4.8

    Bumps @types/node from 13.13.0 to 16.4.8.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 0
  • chore(deps-dev): bump vue-loader from 15.9.1 to 16.4.0

    chore(deps-dev): bump vue-loader from 15.9.1 to 16.4.0

    Bumps vue-loader from 15.9.1 to 16.4.0.

    Release notes

    Sourced from vue-loader's releases.

    v16.3.3

    Bug Fixes

    • mark @​vue/compiler-sfc as an optional peer dependency (089473a)

    v16.3.2

    Bug Fixes

    • add undeclared peer dependency webpack and @vue/compiler-sfc (#1853) (330d672)

    v16.3.1

    Bug Fixes

    v16.3.0

    Features

    • pass on compilerOptions and refSugar when using <script setup> (7137294)

    v16.2.0

    Features

    • enable :slotted usage detection (66a3759)

    v16.1.2

    Note: vue-loader v16 is for Vue 3 only.

    Bug Fixes

    • resourceQuery could be undefined in webpack 5 (6a1ee76), closes #1771

    v16.1.1

    v16.1.0

    New Features

    • feat: allow manually specifying whether server-rendering is targeted (9bbb82b)

    v16.0.0

    New Features

    • feat: support for experimental sfc features
      • new <script setup> vuejs/rfcs#227
      • new <style> variable injection vuejs/rfcs#231 Requires a version of @vue/compiler-sfc that supports the above features.

    Bug Fixes

    ... (truncated)

    Changelog

    Sourced from vue-loader's changelog.

    15.9.7 (2021-05-11)

    Bug Fixes

    • [plugin] Use compiler.webpack when possible (#1822) (f7ee30b), closes #1781
    • check for compiler.webpack existence (2472b2f)

    15.9.6 (2020-12-17)

    Bug Fixes

    • resourceQuery could be undefined in webpack 5 (a2b89d3), closes #1771

    15.9.5 (2020-11-02)

    Bug Fixes

    • add rule plugins to keep up with webpack 5 new features (7ca8e2c)
    • ensure new webpack5 generator property in rules passes ruleset checks (#1753) (f79bb08), closes #1729

    15.9.4 (2020-10-27)

    Bug Fixes

    • fix id differences between different operating systems (#1706) (afe8a0d)
    • fix mini-css-extract-plugin missing default export error (#1748) (429a284)

    15.9.3 (2020-06-23)

    Bug Fixes

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 0
  • chore(deps-dev): bump sinon from 9.0.1 to 11.1.2

    chore(deps-dev): bump sinon from 9.0.1 to 11.1.2

    Bumps sinon from 9.0.1 to 11.1.2.

    Changelog

    Sourced from sinon's changelog.

    11.1.1 / 2021-05-26

    • Fix #2379 by using v7 of supports-color

    11.1.0 / 2021-05-25

    • Add sinon.promise() implementation (#2369)
    • Set wrappedMethod on getters/setters (#2378)
    • [Docs] Update fake-server usage & descriptions (#2365)
    • Fake docs improvement (#2360)
    • Update nise to 5.1.0 (fixed #2318)

    11.0.0 / 2021-05-24

    • Explicitly use samsam 6.0.2 with fix for #2345
    • Update most packages (#2371)
    • Update compatibility docs (#2366)
    • Update packages (includes breaking fake-timers change, see #2352)
    • Warn of potential memory leaks (#2357)
    • Fix clock test errors

    10.0.1 / 2021-04-08

    • Upgrade sinon components (bumps y18n to 4.0.1)
    • Bump y18n from 4.0.0 to 4.0.1

    10.0.0 / 2021-03-22

    • Upgrade nise to 4.1.0
    • Use @​sinonjs/eslint-config@​4 => Adopts ES2017 => Drops support for IE 11, Legacy Edge and legacy Safari

    9.2.4 / 2021-01-23

    • Upgrade @​sinonjs/samsam@​5.3.1

    9.2.3 / 2021-01-06

    • Use util.inspect for formatting human readable output (this retires @​sinonjs/formatio)

    9.2.2 / 2020-12-11

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 0
  • chore(deps-dev): bump css-loader from 3.4.2 to 5.2.7

    chore(deps-dev): bump css-loader from 3.4.2 to 5.2.7

    Bumps css-loader from 3.4.2 to 5.2.7.

    Release notes

    Sourced from css-loader's releases.

    v5.2.7

    5.2.7 (2021-07-13)

    Bug Fixes

    • fix crash when source map is unavailable with external URL in [@import](https://github.com/import) (bb76fe4)

    v5.2.6

    5.2.6 (2021-05-24)

    Bug Fixes

    • always write locals export when css modules/icss enabled (#1315) (075d9bd)

    v5.2.5

    5.2.5 (2021-05-20)

    Bug Fixes

    v5.2.4

    5.2.4 (2021-04-19)

    Bug Fixes

    v5.2.3

    5.2.3 (2021-04-19)

    Bug Fixes

    • improve performance

    v5.2.2

    5.2.2 (2021-04-16)

    Bug Fixes

    • avoid escape nonASCII characters in local names (0722733)

    v5.2.1

    5.2.1 (2021-04-09)

    ... (truncated)

    Changelog

    Sourced from css-loader's changelog.

    5.2.7 (2021-07-13)

    Bug Fixes

    • fix crash when source map is unavailable with external URL in [@import](https://github.com/import) (bb76fe4)

    5.2.6 (2021-05-24)

    Bug Fixes

    • always write locals export when css modules/icss enabled (#1315) (075d9bd)

    5.2.5 (2021-05-20)

    Bug Fixes

    5.2.4 (2021-04-19)

    Bug Fixes

    5.2.3 (2021-04-19)

    Bug Fixes

    • improve performance

    5.2.2 (2021-04-16)

    Bug Fixes

    • avoid escape nonASCII characters in local names (0722733)

    5.2.1 (2021-04-09)

    Bug Fixes

    5.2.0 (2021-03-24)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot will not automatically merge this PR because it includes an out-of-range update to a development dependency.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 0
  • chore(deps): [security] bump postcss from 7.0.14 to 7.0.36

    chore(deps): [security] bump postcss from 7.0.14 to 7.0.36

    Bumps postcss from 7.0.14 to 7.0.36. This update includes a security fix.

    Vulnerabilities fixed

    Sourced from The GitHub Security Advisory Database.

    Regular Expression Denial of Service in postcss The npm package postcss from 7.0.0 and before versions 7.0.36 and 8.2.10 is vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.

    Affected versions: >= 7.0.0 < 7.0.36

    Release notes

    Sourced from postcss's releases.

    7.0.36

    • Backport ReDoS vulnerabilities from PostCSS 8.

    7.0.35

    7.0.34

    • Fix compatibility with postcss-scss 2.

    7.0.33

    • Add error message for PostCSS 8 plugins.

    7.0.32

    7.0.31

    • Use only the latest source map annotation (by @​emzoumpo).

    7.0.30

    • Fix TypeScript definition (by @​nex3)

    7.0.29

    • Update Processor#version.

    7.0.28

    • Fix TypeScript definition (by @​nex3).

    7.0.27

    • Fix TypeScript definition (by @​nex3).

    7.0.26

    • Fix TypeScript definition (by @​nex3)

    7.0.25

    • Fix absolute path support for Windows (by @​tomrav)

    7.0.24

    7.0.23

    • Update Processor#version.

    7.0.22

    • Add funding link for npm fund.

    7.0.21

    • Revert passing nodes property to node constructor.

    7.0.20

    • Allow to pass PostCSS’s nodes in nodes property to node constructor.

    ... (truncated)

    Changelog

    Sourced from postcss's changelog.

    7.0.36

    • Backport ReDoS vulnerabilities from PostCSS 8.

    7.0.35

    • Add migration guide link to PostCSS 8 error text.

    7.0.34

    • Fix compatibility with postcss-scss 2.

    7.0.33

    • Add error message for PostCSS 8 plugins.

    7.0.32

    7.0.31

    • Use only the latest source map annotation (by Emmanouil Zoumpoulakis).

    7.0.30

    • Fix TypeScript definition (by Natalie Weizenbaum).

    7.0.29

    • Update Processor#version.

    7.0.28

    • Fix TypeScript definition (by Natalie Weizenbaum).

    7.0.27

    • Fix TypeScript definition (by Natalie Weizenbaum).

    7.0.26

    • Fix TypeScript definition (by Natalie Weizenbaum).

    7.0.25

    • Fix absolute path support for Windows (by Tom Raviv).

    7.0.24

    • Fix TypeScript definition (by Keith Cirkel).

    7.0.23

    • Update Processor#version.

    7.0.22

    • Add funding link for npm fund.

    7.0.21

    • Revert passing nodes property to node constructor.

    7.0.20

    • Allow to pass PostCSS’s nodes in nodes property to node constructor.

    ... (truncated)

    Commits
    • 67e3d7b Release 7.0.36 version
    • 54cbf3c Backport ReDoS vulnerabilities from PostCSS 8
    • 12832f3 Release 7.0.35 version
    • 4455ef6 Use OpenCollective in funding
    • e867c79 Add migration guide to PostCSS 8 error
    • 32a22a9 Release 7.0.34 version
    • 2293982 Lock build targets
    • 2c3a111 Release 7.0.33 version
    • 4105f21 Use yaspeller instead of yaspeller-ci
    • c8d02a0 Revert yaspeller-ci removal
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    If all status checks pass Dependabot will automatically merge this pull request.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies security 
    opened by dependabot-preview[bot] 0
Releases(v0.2.6)
Owner
Katashin
Katashin
Lightweight vuex inspired centralized state management library for all kinds of javascript applications. Great for React Native.

Verx Lightweight vuex inspired centralized state management library for all kinds of javascript applications. install npm install --save verx # yarn a

Jaynti Kanani 3 Nov 4, 2019
Elm-inspired Application State Management for Vue.js.

VuElm It's a Vue state management inspired by Elm architecture. Concepts There are basically four elements on Elm architecture: Model, Actions, Update

Keuller Magalhães 36 May 5, 2021
A state management library for react inspired by vue 3.0 reactivity api and immer

Welcome to costate ?? A state management library for react inspired by vue 3.0 reactivity api and immer costate is a tiny package that allows you to w

工业聚 7 Mar 29, 2022
📦 Fast, Simple, and Lightweight State Manager for Vue 3.0 built with composition API, inspired by Vuex.

v-bucket NPM STATUS: ?? Fast, Simple, and Lightweight State Management for Vue 3.0 built with composition API, inspired by Vuex. Table of Contents Mai

mehdi 42 Aug 10, 2022
Local state management within Vuex

vuex-local Local state management within Vuex Why? Global state management is one of the problems on huge application development. Developers address

Katashin 64 Nov 11, 2022
Simplify vuex loading state management

vuex-loading Simplify vuex loading state management Installing Using npm: $ npm install vuex-loadings -s Know Simplify vuex loading state management n

zhoulin 3 Jul 30, 2020
A vue boiler plate with state management, vuex, vue-router that can be backed by a laravel restful api using jwt auth

Laravel 6 (LTS) Vue.js Frontend Boilerplate A Vue.js Frontend starter project kit template/boilerplate with Laravel 6 Backend API support. Features Re

MUWONGE HASSAN 2 Oct 12, 2021
Simple counter with Vue.js and Vuex as state management

vuex-counter Project setup npm install Compiles and hot-reloads for development npm run serve Compiles and minifies for production npm run build Li

Kevin Hamdajani 0 Dec 30, 2021
Helper functions to ease working with Vuex, Centralized State Management for Vue.js.

vuex-helpers Helper functions to ease working with Vuex, Centralized State Management for Vue.js. Development The following examples use docker and do

Wikimedia Deutschland e. V. 4 Jan 17, 2022
🗃️ Centralized State Management for Vue.js.

Vuex ?? HEADS UP! You're currently looking at Vuex 3 branch. If you're looking for Vuex 4, please check out 4.0 branch. Vuex is a state management pat

vuejs 27.9k Dec 30, 2022
A very simple but powerful state management for vuejs projects.

Vuez A Simple but Powerful State Management for Vue.js projects. Vuez is a very simple but powerful state management library for Vue.js projects. Vuez

Mark Feng 42 Feb 18, 2022
:rabbit2: A tiny, light and handy state management for vuejs 2, writing less verbose code.

revuejs ?? A tiny, light and handy state management for vuejs 2, writing less verbose code. Installation Install the pkg with npm: npm install revuejs

Pomy 24 May 5, 2021
A light and easy shared state management plugin for Vue

vue-shared vue-shared is a tiny (~150 lines) vue plugin for shared state management, that can be used as an alternative to Vuex. It adds a new vue opt

null 11 Jan 22, 2021
State management system for Vue.js

Vue States Vue States is a state management system for Vue.js. Checkout the examples at https://github.com/JohannesLamberts/vue-states-examples. You m

sum.cumo GmbH 149 Nov 24, 2022
Simple, unopinionated, lightweight and extensible state management for Vue 3

Simple, unopinionated, lightweight and extensible state management for Vue 3

Andrew Courtice 466 Dec 30, 2022
A find Coach is a vue state management project that allows users to find coach to mentor a student

A find Coach is a vue state management project that allows users to find coach to mentor a student. A simple vue app with routing functionality and vuex management for solid SPA

Ogiogio Victor 4 Jul 2, 2022
A state management library for React combined immutable, mutable and reactive mode

Welcome to bistate ?? Create the next immutable state tree by simply modifying the current tree bistate is a tiny package that allows you to work with

工业聚 119 Jan 8, 2023
State Management made eXtraordinarily simple and effective for Angular, React, and Vue

XSM - State Management made eXtraordinarily simple and effective for Angular, React, Vue, and Svelte. ?? Homepage Demos Angular React Svelte Vue Realw

Peter Lu 138 Sep 21, 2022
A library providing Vue applications with asynchronous-first state management

OverVue OverVue is a stream-based persistent state management library for Vue built on RxJS observables. While Vuex provides a robust option for handl

null 49 Apr 28, 2022