Skip to content

WIP - Ember Table Implementation#6397

Open
rtablada wants to merge 63 commits into
TanStack:betafrom
rtablada:feat-ember-table-example-basic-external-state
Open

WIP - Ember Table Implementation#6397
rtablada wants to merge 63 commits into
TanStack:betafrom
rtablada:feat-ember-table-example-basic-external-state

Conversation

@rtablada

@rtablada rtablada commented Jul 9, 2026

Copy link
Copy Markdown

🎯 Changes

This PR is the initial proposed implementation for an Ember.js adapter for Tanstack Table.

This is heavily based on Lit with learnings from the Angular implementation since Ember patterns and public signals API lay somewhere between these two frameworks.

This replaces previous work #6362

Based on thread from Discord between @rtablada @KevinVandy and @NullVoxPopuli this implements the state reactivity and flex-render.

✅ Checklist

  • I have followed the steps in the Contributing guide.
  • I have tested this code locally with pnpm test:pr.

Notes

Two things are a bit different here:

  1. To support reactive external atoms, we provide our own createAtom
  2. Because of old naming conventions @args is semi-reserved with Ember and can cause lint errors for consuming apps so @options is used for flex render internally and types match this.
  3. Elint 10.x is not currently compatible with ember eslint parsing. sherif will need to be configured ignore it for this version

@coderabbitai

coderabbitai Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Important

Review skipped

Too many files!

This PR contains 299 files, which is 149 over the limit of 150.

To get a review, narrow the scope:
• coderabbit review --type committed # exclude uncommitted changes
• coderabbit review --dir # limit to a subdirectory
• coderabbit review --base # compare against a closer base

Upgrade to a paid plan to raise the limit.

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 2a6599bc-31b7-492a-862a-64c6bc960eb5

📥 Commits

Reviewing files that changed from the base of the PR and between 446bcef and c41284f.

⛔ Files ignored due to path filters (1)
  • pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml
📒 Files selected for processing (299)
  • examples/ember/basic-external-atoms/app/app.ts
  • examples/ember/basic-external-atoms/app/config.ts
  • examples/ember/basic-external-atoms/app/router.ts
  • examples/ember/basic-external-atoms/app/templates/application.gts
  • examples/ember/basic-external-atoms/app/utils/make-data.ts
  • examples/ember/basic-external-atoms/babel.config.js
  • examples/ember/basic-external-atoms/index.html
  • examples/ember/basic-external-atoms/package.json
  • examples/ember/basic-external-atoms/tsconfig.json
  • examples/ember/basic-external-atoms/vite.config.mjs
  • examples/ember/basic-external-state/app/app.ts
  • examples/ember/basic-external-state/app/config.ts
  • examples/ember/basic-external-state/app/router.ts
  • examples/ember/basic-external-state/app/templates/application.gts
  • examples/ember/basic-external-state/app/utils/make-data.ts
  • examples/ember/basic-external-state/babel.config.js
  • examples/ember/basic-external-state/index.html
  • examples/ember/basic-external-state/package.json
  • examples/ember/basic-external-state/tsconfig.json
  • examples/ember/basic-external-state/vite.config.mjs
  • examples/ember/basic-table/app/app.ts
  • examples/ember/basic-table/app/config.ts
  • examples/ember/basic-table/app/router.ts
  • examples/ember/basic-table/app/templates/application.gts
  • examples/ember/basic-table/babel.config.js
  • examples/ember/basic-table/index.html
  • examples/ember/basic-table/package.json
  • examples/ember/basic-table/tsconfig.json
  • examples/ember/basic-table/vite.config.mjs
  • examples/ember/column-groups/app/app.ts
  • examples/ember/column-groups/app/config.ts
  • examples/ember/column-groups/app/router.ts
  • examples/ember/column-groups/app/templates/application.gts
  • examples/ember/column-groups/app/utils/make-data.ts
  • examples/ember/column-groups/babel.config.js
  • examples/ember/column-groups/index.html
  • examples/ember/column-groups/package.json
  • examples/ember/column-groups/tsconfig.json
  • examples/ember/column-groups/vite.config.mjs
  • examples/ember/column-ordering/app/app.ts
  • examples/ember/column-ordering/app/config.ts
  • examples/ember/column-ordering/app/router.ts
  • examples/ember/column-ordering/app/templates/application.gts
  • examples/ember/column-ordering/app/utils/make-data.ts
  • examples/ember/column-ordering/babel.config.js
  • examples/ember/column-ordering/index.html
  • examples/ember/column-ordering/package.json
  • examples/ember/column-ordering/tsconfig.json
  • examples/ember/column-ordering/vite.config.mjs
  • examples/ember/column-pinning-split/app/app.ts
  • examples/ember/column-pinning-split/app/config.ts
  • examples/ember/column-pinning-split/app/router.ts
  • examples/ember/column-pinning-split/app/templates/application.gts
  • examples/ember/column-pinning-split/app/utils/make-data.ts
  • examples/ember/column-pinning-split/babel.config.js
  • examples/ember/column-pinning-split/index.html
  • examples/ember/column-pinning-split/package.json
  • examples/ember/column-pinning-split/tsconfig.json
  • examples/ember/column-pinning-split/vite.config.mjs
  • examples/ember/column-pinning-sticky/app/app.ts
  • examples/ember/column-pinning-sticky/app/config.ts
  • examples/ember/column-pinning-sticky/app/router.ts
  • examples/ember/column-pinning-sticky/app/templates/application.gts
  • examples/ember/column-pinning-sticky/app/utils/make-data.ts
  • examples/ember/column-pinning-sticky/babel.config.js
  • examples/ember/column-pinning-sticky/index.html
  • examples/ember/column-pinning-sticky/package.json
  • examples/ember/column-pinning-sticky/tsconfig.json
  • examples/ember/column-pinning-sticky/vite.config.mjs
  • examples/ember/column-pinning/app/app.ts
  • examples/ember/column-pinning/app/config.ts
  • examples/ember/column-pinning/app/router.ts
  • examples/ember/column-pinning/app/templates/application.gts
  • examples/ember/column-pinning/app/utils/make-data.ts
  • examples/ember/column-pinning/babel.config.js
  • examples/ember/column-pinning/index.html
  • examples/ember/column-pinning/package.json
  • examples/ember/column-pinning/tsconfig.json
  • examples/ember/column-pinning/vite.config.mjs
  • examples/ember/column-resizing-performant/app/app.ts
  • examples/ember/column-resizing-performant/app/config.ts
  • examples/ember/column-resizing-performant/app/router.ts
  • examples/ember/column-resizing-performant/app/templates/application.gts
  • examples/ember/column-resizing-performant/app/utils/make-data.ts
  • examples/ember/column-resizing-performant/babel.config.js
  • examples/ember/column-resizing-performant/index.html
  • examples/ember/column-resizing-performant/package.json
  • examples/ember/column-resizing-performant/tsconfig.json
  • examples/ember/column-resizing-performant/vite.config.mjs
  • examples/ember/column-resizing/app/app.ts
  • examples/ember/column-resizing/app/config.ts
  • examples/ember/column-resizing/app/router.ts
  • examples/ember/column-resizing/app/templates/application.gts
  • examples/ember/column-resizing/app/utils/make-data.ts
  • examples/ember/column-resizing/babel.config.js
  • examples/ember/column-resizing/index.html
  • examples/ember/column-resizing/package.json
  • examples/ember/column-resizing/tsconfig.json
  • examples/ember/column-resizing/vite.config.mjs
  • examples/ember/column-sizing/app/app.ts
  • examples/ember/column-sizing/app/config.ts
  • examples/ember/column-sizing/app/router.ts
  • examples/ember/column-sizing/app/templates/application.gts
  • examples/ember/column-sizing/app/utils/make-data.ts
  • examples/ember/column-sizing/babel.config.js
  • examples/ember/column-sizing/index.html
  • examples/ember/column-sizing/package.json
  • examples/ember/column-sizing/tsconfig.json
  • examples/ember/column-sizing/vite.config.mjs
  • examples/ember/column-visibility/app/app.ts
  • examples/ember/column-visibility/app/config.ts
  • examples/ember/column-visibility/app/router.ts
  • examples/ember/column-visibility/app/templates/application.gts
  • examples/ember/column-visibility/app/utils/make-data.ts
  • examples/ember/column-visibility/babel.config.js
  • examples/ember/column-visibility/index.html
  • examples/ember/column-visibility/package.json
  • examples/ember/column-visibility/tsconfig.json
  • examples/ember/column-visibility/vite.config.mjs
  • examples/ember/custom-plugin/app/app.ts
  • examples/ember/custom-plugin/app/config.ts
  • examples/ember/custom-plugin/app/router.ts
  • examples/ember/custom-plugin/app/templates/application.gts
  • examples/ember/custom-plugin/app/utils/make-data.ts
  • examples/ember/custom-plugin/babel.config.js
  • examples/ember/custom-plugin/index.html
  • examples/ember/custom-plugin/package.json
  • examples/ember/custom-plugin/tsconfig.json
  • examples/ember/custom-plugin/vite.config.mjs
  • examples/ember/editable/app/app.ts
  • examples/ember/editable/app/config.ts
  • examples/ember/editable/app/router.ts
  • examples/ember/editable/app/templates/application.gts
  • examples/ember/editable/app/utils/make-data.ts
  • examples/ember/editable/babel.config.js
  • examples/ember/editable/index.html
  • examples/ember/editable/package.json
  • examples/ember/editable/tsconfig.json
  • examples/ember/editable/vite.config.mjs
  • examples/ember/expanding/app/app.ts
  • examples/ember/expanding/app/config.ts
  • examples/ember/expanding/app/router.ts
  • examples/ember/expanding/app/templates/application.gts
  • examples/ember/expanding/app/utils/make-data.ts
  • examples/ember/expanding/babel.config.js
  • examples/ember/expanding/index.html
  • examples/ember/expanding/package.json
  • examples/ember/expanding/tsconfig.json
  • examples/ember/expanding/vite.config.mjs
  • examples/ember/filters-faceted/app/app.ts
  • examples/ember/filters-faceted/app/config.ts
  • examples/ember/filters-faceted/app/router.ts
  • examples/ember/filters-faceted/app/templates/application.gts
  • examples/ember/filters-faceted/app/utils/make-data.ts
  • examples/ember/filters-faceted/babel.config.js
  • examples/ember/filters-faceted/index.html
  • examples/ember/filters-faceted/package.json
  • examples/ember/filters-faceted/tsconfig.json
  • examples/ember/filters-faceted/vite.config.mjs
  • examples/ember/filters-fuzzy/app/app.ts
  • examples/ember/filters-fuzzy/app/config.ts
  • examples/ember/filters-fuzzy/app/router.ts
  • examples/ember/filters-fuzzy/app/templates/application.gts
  • examples/ember/filters-fuzzy/app/utils/make-data.ts
  • examples/ember/filters-fuzzy/babel.config.js
  • examples/ember/filters-fuzzy/index.html
  • examples/ember/filters-fuzzy/package.json
  • examples/ember/filters-fuzzy/tsconfig.json
  • examples/ember/filters-fuzzy/vite.config.mjs
  • examples/ember/filters/app/app.ts
  • examples/ember/filters/app/config.ts
  • examples/ember/filters/app/router.ts
  • examples/ember/filters/app/templates/application.gts
  • examples/ember/filters/app/utils/make-data.ts
  • examples/ember/filters/babel.config.js
  • examples/ember/filters/index.html
  • examples/ember/filters/package.json
  • examples/ember/filters/tsconfig.json
  • examples/ember/filters/vite.config.mjs
  • examples/ember/grouping/app/app.ts
  • examples/ember/grouping/app/config.ts
  • examples/ember/grouping/app/router.ts
  • examples/ember/grouping/app/templates/application.gts
  • examples/ember/grouping/app/utils/make-data.ts
  • examples/ember/grouping/babel.config.js
  • examples/ember/grouping/index.html
  • examples/ember/grouping/package.json
  • examples/ember/grouping/tsconfig.json
  • examples/ember/grouping/vite.config.mjs
  • examples/ember/kitchen-sink/app/app.ts
  • examples/ember/kitchen-sink/app/config.ts
  • examples/ember/kitchen-sink/app/router.ts
  • examples/ember/kitchen-sink/app/templates/application.gts
  • examples/ember/kitchen-sink/app/utils/make-data.ts
  • examples/ember/kitchen-sink/babel.config.js
  • examples/ember/kitchen-sink/index.html
  • examples/ember/kitchen-sink/package.json
  • examples/ember/kitchen-sink/tsconfig.json
  • examples/ember/kitchen-sink/vite.config.mjs
  • examples/ember/pagination/app/app.ts
  • examples/ember/pagination/app/config.ts
  • examples/ember/pagination/app/router.ts
  • examples/ember/pagination/app/templates/application.gts
  • examples/ember/pagination/app/utils/make-data.ts
  • examples/ember/pagination/babel.config.js
  • examples/ember/pagination/index.html
  • examples/ember/pagination/package.json
  • examples/ember/pagination/tsconfig.json
  • examples/ember/pagination/vite.config.mjs
  • examples/ember/remote-data/app/app.ts
  • examples/ember/remote-data/app/config.ts
  • examples/ember/remote-data/app/router.ts
  • examples/ember/remote-data/app/templates/application.gts
  • examples/ember/remote-data/app/utils/make-data.ts
  • examples/ember/remote-data/babel.config.js
  • examples/ember/remote-data/index.html
  • examples/ember/remote-data/package.json
  • examples/ember/remote-data/tsconfig.json
  • examples/ember/remote-data/vite.config.mjs
  • examples/ember/row-dnd/app/app.ts
  • examples/ember/row-dnd/app/config.ts
  • examples/ember/row-dnd/app/router.ts
  • examples/ember/row-dnd/app/templates/application.gts
  • examples/ember/row-dnd/app/utils/make-data.ts
  • examples/ember/row-dnd/babel.config.js
  • examples/ember/row-dnd/index.html
  • examples/ember/row-dnd/package.json
  • examples/ember/row-dnd/tsconfig.json
  • examples/ember/row-dnd/vite.config.mjs
  • examples/ember/row-pinning/app/app.ts
  • examples/ember/row-pinning/app/config.ts
  • examples/ember/row-pinning/app/router.ts
  • examples/ember/row-pinning/app/templates/application.gts
  • examples/ember/row-pinning/app/utils/make-data.ts
  • examples/ember/row-pinning/babel.config.js
  • examples/ember/row-pinning/index.html
  • examples/ember/row-pinning/package.json
  • examples/ember/row-pinning/tsconfig.json
  • examples/ember/row-pinning/vite.config.mjs
  • examples/ember/row-selection/app/app.ts
  • examples/ember/row-selection/app/config.ts
  • examples/ember/row-selection/app/router.ts
  • examples/ember/row-selection/app/templates/application.gts
  • examples/ember/row-selection/app/utils/make-data.ts
  • examples/ember/row-selection/babel.config.js
  • examples/ember/row-selection/index.html
  • examples/ember/row-selection/package.json
  • examples/ember/row-selection/tsconfig.json
  • examples/ember/row-selection/vite.config.mjs
  • examples/ember/sorting/app/app.ts
  • examples/ember/sorting/app/config.ts
  • examples/ember/sorting/app/router.ts
  • examples/ember/sorting/app/templates/application.gts
  • examples/ember/sorting/app/utils/make-data.ts
  • examples/ember/sorting/babel.config.js
  • examples/ember/sorting/index.html
  • examples/ember/sorting/package.json
  • examples/ember/sorting/tsconfig.json
  • examples/ember/sorting/vite.config.mjs
  • examples/ember/sub-components/app/app.ts
  • examples/ember/sub-components/app/config.ts
  • examples/ember/sub-components/app/router.ts
  • examples/ember/sub-components/app/templates/application.gts
  • examples/ember/sub-components/app/utils/make-data.ts
  • examples/ember/sub-components/babel.config.js
  • examples/ember/sub-components/index.html
  • examples/ember/sub-components/package.json
  • examples/ember/sub-components/tsconfig.json
  • examples/ember/sub-components/vite.config.mjs
  • knip.json
  • package.json
  • packages/ember-table/.env.development
  • packages/ember-table/.gitignore
  • packages/ember-table/README.md
  • packages/ember-table/addon-main.cjs
  • packages/ember-table/babel.config.cjs
  • packages/ember-table/babel.publish.config.cjs
  • packages/ember-table/eslint.config.mjs
  • packages/ember-table/package.json
  • packages/ember-table/rollup.config.mjs
  • packages/ember-table/src/FlexRender.gts
  • packages/ember-table/src/flex-render.ts
  • packages/ember-table/src/index.ts
  • packages/ember-table/src/reactivity.ts
  • packages/ember-table/src/signal.ts
  • packages/ember-table/src/use-table.ts
  • packages/ember-table/testem.cjs
  • packages/ember-table/tests/index.html
  • packages/ember-table/tests/integration/external-state.test.gts
  • packages/ember-table/tests/integration/flex-render.test.gts
  • packages/ember-table/tests/integration/reactivity.test.gts
  • packages/ember-table/tests/integration/use-table.test.gts
  • packages/ember-table/tests/test-helper.ts
  • packages/ember-table/tsconfig.json
  • packages/ember-table/tsconfig.publish.json
  • packages/ember-table/vite.config.mjs
  • packages/table-core/src/core/table/coreTablesFeature.utils.ts
  • pnpm-workspace.yaml
  • prettier.config.js

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@rtablada rtablada changed the title Feat ember table example basic external state WIP - Ember Table Implementation Jul 9, 2026
Comment thread packages/ember-table/.github/workflows/ci.yml Outdated
Comment thread packages/ember-table/.github/workflows/push-dist.yml Outdated
Comment thread packages/ember-table/config/ember-cli-update.json Outdated
Comment thread packages/ember-table/CONTRIBUTING.md Outdated
Comment thread packages/ember-table/.try.mjs Outdated
Comment thread packages/ember-table/.template-lintrc.mjs Outdated
Comment thread packages/ember-table/pnpm-lock.yaml Outdated
Comment thread packages/ember-table/pnpm-workspace.yaml Outdated
@rtablada rtablada force-pushed the feat-ember-table-example-basic-external-state branch from 4aaf1e6 to e83347d Compare July 9, 2026 19:11
@socket-security

socket-security Bot commented Jul 9, 2026

Copy link
Copy Markdown

@socket-security

socket-security Bot commented Jul 9, 2026

Copy link
Copy Markdown

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action Severity Alert  (click "▶" to expand/collapse)
Warn High
Obfuscated code: npm data-urls is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@embroider/compat@4.1.21npm/@embroider/core@4.6.2npm/@embroider/vite@1.7.8npm/data-urls@5.0.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/data-urls@5.0.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm es-abstract is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@tanstack/eslint-config@0.4.0npm/eslint-plugin-import@2.32.0npm/es-abstract@1.24.2

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/es-abstract@1.24.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm execa is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/testem@3.20.1npm/execa@9.6.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/execa@9.6.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm jiti is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@glint/tsserver-plugin@2.5.17npm/jiti@2.6.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/jiti@2.6.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm rimraf is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/ember-source@7.0.0npm/@embroider/addon-shim@1.10.3npm/@embroider/compat@4.1.21npm/@embroider/core@4.6.2npm/@embroider/macros@1.20.5npm/rimraf@5.0.10

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/rimraf@5.0.10. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm rrweb-cssom is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@embroider/core@4.6.2npm/@embroider/vite@1.7.8npm/rrweb-cssom@0.7.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/rrweb-cssom@0.7.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm rrweb-cssom is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/@embroider/compat@4.1.21npm/@embroider/core@4.6.2npm/@embroider/vite@1.7.8npm/rrweb-cssom@0.8.0

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/rrweb-cssom@0.8.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
High CVE: npm tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape

CVE: GHSA-ph9p-34f9-6g65 tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape (HIGH)

Affected versions: < 0.2.6

Patched version: 0.2.6

From: pnpm-lock.yamlnpm/@embroider/compat@4.1.21npm/tmp@0.0.28

ℹ Read more on: This package | This alert | What is a CVE?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Remove or replace dependencies that include known high severity CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/tmp@0.0.28. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm underscore is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/testem@3.20.1npm/underscore@1.13.8

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/underscore@1.13.8. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn High
Obfuscated code: npm workerpool is 90.0% likely obfuscated

Confidence: 0.90

Location: Package overview

From: pnpm-lock.yamlnpm/ember-source@7.0.0npm/@embroider/macros@1.20.5npm/workerpool@6.5.1

ℹ Read more on: This package | This alert | What is obfuscated code?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Packages should not obfuscate their code. Consider not using packages with obfuscated code.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/workerpool@6.5.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm glob

Reason: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me

From: pnpm-lock.yamlnpm/ember-source@7.0.0npm/@embroider/addon-shim@1.10.3npm/@embroider/compat@4.1.21npm/@embroider/core@4.6.2npm/@embroider/macros@1.20.5npm/glob@10.5.0

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/glob@10.5.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm glob

Reason: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me

From: pnpm-lock.yamlnpm/ember-source@7.0.0npm/@embroider/addon-shim@1.10.3npm/@embroider/compat@4.1.21npm/@embroider/core@4.6.2npm/@embroider/macros@1.20.5npm/glob@7.2.3

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/glob@7.2.3. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm glob

Reason: Old versions of glob are not supported, and contain widely publicized security vulnerabilities, which have been fixed in the current version. Please update. Support for old versions may be purchased (at exorbitant rates) by contacting i@izs.me

From: pnpm-lock.yamlnpm/ember-source@7.0.0npm/@embroider/macros@1.20.5npm/glob@9.3.5

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/glob@9.3.5. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm inflight

Reason: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful.

From: pnpm-lock.yamlnpm/ember-source@7.0.0npm/@embroider/addon-shim@1.10.3npm/@embroider/compat@4.1.21npm/@embroider/core@4.6.2npm/@embroider/macros@1.20.5npm/inflight@1.0.6

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/inflight@1.0.6. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Low adoption: npm node-exports-info

Location: Package overview

From: pnpm-lock.yamlnpm/@tanstack/eslint-config@0.4.0npm/eslint-plugin-import@2.32.0npm/node-exports-info@1.6.2

ℹ Read more on: This package | This alert | What are unpopular packages?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Unpopular packages may have less maintenance and contain other problems.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/node-exports-info@1.6.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm rimraf

Reason: Rimraf versions prior to v4 are no longer supported

From: pnpm-lock.yamlnpm/ember-source@7.0.0npm/@embroider/compat@4.1.21npm/@embroider/macros@1.20.5npm/rimraf@2.7.1

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/rimraf@2.7.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm rimraf

Reason: Rimraf versions prior to v4 are no longer supported

From: pnpm-lock.yamlnpm/ember-source@7.0.0npm/@embroider/addon-shim@1.10.3npm/@embroider/compat@4.1.21npm/@embroider/core@4.6.2npm/@embroider/macros@1.20.5npm/rimraf@3.0.2

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/rimraf@3.0.2. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm source-map-url

Reason: See https://github.com/lydell/source-map-url#deprecated

From: pnpm-lock.yamlnpm/@embroider/compat@4.1.21npm/@embroider/core@4.6.2npm/source-map-url@0.3.0

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/source-map-url@0.3.0. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

Warn Medium
Deprecated by its maintainer: npm source-map-url

Reason: See https://github.com/lydell/source-map-url#deprecated

From: pnpm-lock.yamlnpm/@embroider/vite@1.7.8npm/source-map-url@0.4.1

ℹ Read more on: This package | This alert | What is a deprecated package?

Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev.

Suggestion: Research the state of the package and determine if there are non-deprecated versions that can be used, or if it should be replaced with a new, supported solution.

Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/source-map-url@0.4.1. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report

rtablada and others added 23 commits July 10, 2026 21:23
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@rtablada rtablada force-pushed the feat-ember-table-example-basic-external-state branch from 2f67891 to 54e1c49 Compare July 11, 2026 02:24

const externalState = state[key as keyof typeof state]
if (externalState !== baseAtom.get()) {
if (externalState !== table._reactivity.untrack(() => baseAtom.get())) {

Copy link
Copy Markdown
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was required for Ember since setting and getting the same signal in one cycle throws an error.

This was causing errors for external state and external atom initialization

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tbf tho, any strict signals implementation will have an issue here, like the tc39 sample impl

@rtablada rtablada marked this pull request as ready for review July 11, 2026 03:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants