Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
@babel/plugin-proposal-object-rest-spread
Advanced tools
Compile object rest and spread to ES5
The @babel/plugin-proposal-object-rest-spread package allows developers to use the object rest and spread properties syntax in their JavaScript code. This syntax is part of the ECMAScript proposal and enables more concise and readable code when copying properties from one object to another or collecting the remaining properties of an object after certain properties have been extracted.
Object Spread
Allows an object's own enumerable properties to be copied into a new object. This is useful for creating a new object with the same properties as an existing object or for combining multiple objects.
{ ...source }
Object Rest
Enables extracting properties from objects and binding the remaining properties to a new object. This is useful for omitting certain properties from an object and keeping the rest.
const { a, b, ...rest } = source;
A polyfill for Object.assign which is a method used to copy the values of all enumerable own properties from one or more source objects to a target object. It is similar to the spread operator but does not allow for rest properties and is not a Babel plugin.
A library for deep (recursive) merging of objects. It is similar to object spread in that it allows for combining objects, but it goes deeper, merging nested objects as well, which is not something object spread syntax does by default.
Part of the Lodash library, this function is used for a deep merge of own and inherited enumerable properties of source objects into the destination object. It's more powerful than the spread operator in terms of deep merging capabilities.
A port of the classic jQuery.extend() method to Node.js. It can be used to copy properties from one or more source objects to a target object, similar to the spread operator, but it is not specifically a Babel plugin and does not handle the rest properties syntax.
This plugin allows Babel to transform rest properties for object destructuring assignment and spread properties for object literals.
let { x, y, ...z } = { x: 1, y: 2, a: 3, b: 4 };
console.log(x); // 1
console.log(y); // 2
console.log(z); // { a: 3, b: 4 }
let n = { x, y, ...z };
console.log(n); // { x: 1, y: 2, a: 3, b: 4 }
npm install --save-dev @babel/plugin-proposal-object-rest-spread
.babelrc
(Recommended).babelrc
{
"plugins": ["@babel/plugin-proposal-object-rest-spread"]
}
babel --plugins @babel/plugin-proposal-object-rest-spread script.js
require("@babel/core").transform("code", {
plugins: ["@babel/plugin-proposal-object-rest-spread"]
});
By default, this plugin will produce spec compliant code by using Babel's objectSpread
helper.
loose
boolean
, defaults to false
.
Enabling this option will use Babel's extends
helper, which is basically the same as Object.assign
(see useBuiltIns
below to use it directly).
:warning: Please keep in mind that even if they're almost equivalent, there's an important difference between spread and Object.assign
: spread defines new properties, while Object.assign()
sets them, so using this mode might produce unexpected results in some cases.
For detailed information please check out Spread VS. Object.assign and Assigning VS. defining properties.
useBuiltIns
boolean
, defaults to false
.
Enabling this option will use Object.assign
directly instead of the Babel's extends
helper.
.babelrc
{
"plugins": [
["@babel/plugin-proposal-object-rest-spread", { "loose": true, "useBuiltIns": true }]
]
}
In
z = { x, ...y };
Out
z = Object.assign({ x }, y);
FAQs
Compile object rest and spread to ES5
The npm package @babel/plugin-proposal-object-rest-spread receives a total of 13,855,179 weekly downloads. As such, @babel/plugin-proposal-object-rest-spread popularity was classified as popular.
We found that @babel/plugin-proposal-object-rest-spread demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.