Research
Security News
Kill Switch Hidden in npm Packages Typosquatting Chalk and Chokidar
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
@jonahsnider/util
Advanced tools
A collection of simple, optimized utility functions that help you spend more time implementing real features instead of writing the same snippets over and over.
Written in TypeScript with strong typesafety in mind (more on that below).
Works in Node.js, mostly works in browsers.
If you're considering using the library I recommend taking a glance at the docs to see if anything seems helpful to you.
yarn add @jonahsnider/util
# or
npm install @jonahsnider/util
then
import {shuffle} from '@jonahsnider/util';
// or
import * as util from '@jonahsnider/util';
const {shuffle} = require('@jonahsnider/util');
// or
const util = require('@jonahsnider/util');
There's 3 main benefits this library offers:
Readability
Because JavaScript lacks a proper standard library, you will find yourself writing the same snippets again and again. Let's look at sorting an array in ascending order (low to high) as an example:
// Sort ascending
array.sort((a, b) => a - b);
As an experienced dev you've probably seen this snippet in some form hundreds of times before. If you're a beginner you might not even be able to tell if this is an ascending or descending sort without the comment.
The alternative:
import {Sort} from '@jonahsnider/util';
array.sort(Sort.ascending);
If you were skimming through a file and saw this you can immediately understand what this code does.
This library works perfectly with existing idiomatic JavaScript and doesn't force you to change the way you write code.
(also - fun fact: the first snippet doesn't work with bigint
s, the second snippet does)
Safety
Writing your own snippets doesn't just slow you down, it can introduce bugs.
Every function is tested with 100% coverage, ensuring bug-free code.
Features
This library isn't just 1-liners you could copy-paste yourself.
Want to do a binary search on an array? We've got you covered.
Combine a bunch of regular expressions into one? No problem.
Need a deck of cards? Only one import away.
In addition to all the useful functions this library provides, a major effort has been made to ensure the best possible experience for TypeScript users.
T
or a union of related types like number | bigint
(mostly useful in the math functions)Iterable
s and ArrayLike
s are used instead of Array
s whenever possible, broader types ensure compatibility with your projects and let you avoid ugly type assertionsreadonly T[]
unless mutation is requiredThere's also a few types exported that can be handy in certain situations (ex. NonEmptyArray
or Nullish
).
My personal favorite is the TypedEventEmitter
which lets you ensure typesafety in event listeners.
FAQs
A useful collection of optimized utility functions
The npm package @jonahsnider/util receives a total of 672 weekly downloads. As such, @jonahsnider/util popularity was classified as not popular.
We found that @jonahsnider/util demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.