Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
@putout/compare
Advanced tools
Compare AST-nodes according to 🦎PutoutScript.
npm i @putout/compare
Get template values from node
according to 🦎PutouScript template
.
node
- AST-node
or code
that will be generated;template
- 🦎PutouScript;const {operator} = require('putout');
const {template} = operator;
const node = template.ast('const [] = a');
getTemplateValues(node, 'const __array = array');
// returns
({
__array: {
type: 'ArrayPattern',
//...etc
},
});
node
- AST-node
or code
that will be generated;template
- AST-node
with support of template variables
.options
- (optional) - object with properties:
findUp
(default: true
) - find up template node;Compare nodes feats templates
.
Compare any nodes that feats one of templates
compareAny(path, 'const __a = __b', {
findUp: false,
});
Any node.
compare('const x = data', 'const __ = __');
compare('const {x} = data', 'const __ = __');
compare('const x = {data}', 'const __ = __');
compare('<h1>hello</h1>', '<h1>__</h1>');
// returns
true;
ObjectPattern
or ObjectExpression
with any count of properties
.
compare('const {} = data', 'const __object = __');
compare('const {hello} = data', 'const __object = __');
// returns
true;
ArrayPattern
or ArrayExpression
with any count of elements
.
compare('const [] = data', 'const __array = __');
compare('const [hello] = data', 'const __array = __');
compare('const hello = [data]', 'const __ = __array');
// returns
true;
Any count of arguments
:
compare('(a, b, c) => {}', '(__args) => {}');
compare('(a, b) => {}', '(__args) => {}');
compare('() => {}', '(__args) => {}');
// returns
true;
Or linked arguments
:
compare('((a) => fn(a))(value)', '((__args__a) => __c(__args__a))(__args__b)');
// returns
true;
compare('((a) => fn(42))(value)', '((__args__a) => __c(__args__a))(__args__b)');
// returns
false;
Any count of imports
:
compare('import React, {Component} from "react"', 'import __imports from "react"');
Any string literal.
compare('const a = "hello"', 'const __ = "__"');
Linked literal
compare('const __a = "hello"', 'const __a = "hello"');
Linked string literal.
compare('const a = "hello"', 'const __a = "__b"');
__a
Linked template literal.
compare('const a = `hello`', 'const __a = `__b`');
// returns
true;
Any BlockStatement
.
compare('const a = () => 0', 'const a = () => __body');
// returns
false;
compare('const a = () => {}', 'const a = () => __body');
// returns
true;
Any count of children of JSXElement
:
compare('<div hello="world"></div>', '<div hello="world">__jsx_children</div>');
// returns
true;
compare('<div hello="world"><span>hi</span></div>', '<div hello="world">__jsx_children</div>');
// returns
true;
Any count of attributes of JSXElement
:
compare('<div hello="world"></div>', '<__a __jsx_attributes/>');
// returns
true;
Any Function
with no arguments
and empty body;
compare('const a = () => {}', 'const __a = __nop');
// returns
true;
compare('const a = async () => {}', 'const a = __nop');
// returns
true;
Any Identifier
compare('const a = 5', 'const __identifier = 5');
// returns
true;
Any regexp
compare('const a = /hello/g', 'const a = /__a/');
// returns
true;
MIT
FAQs
compare AST-nodes according to 🦎 PutoutScript
The npm package @putout/compare receives a total of 14,600 weekly downloads. As such, @putout/compare popularity was classified as popular.
We found that @putout/compare demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.
Security News
Biden's executive order pushes for AI-driven cybersecurity, software supply chain transparency, and stronger protections for federal and open source systems.