Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@semantic-ui/utils
Advanced tools
**Utils is a tiny 3kb library for simplifying common javascript boilerplate.**
Utils is a tiny 3kb library for simplifying common javascript boilerplate.
Utils has three primary advantages over custom implementations.
Tree Shaking - Many components will need to do similar things. When these components are bundled together its more efficient for them to reference a single code implementation than several unique ones. This means smaller bundled size when using more than one component together in a bundle.
Code Readability - Utility libraries offer a level of familiarity and consistency that can be missing with native ECMAScript features. Removing rough edges reduces the learning curve when looking at unfamiliar code so you can focus on the intention not the implementation.
Gotcha Handling - More Robust Implementations: When using utility libraries for common operations like object manipulation, you're not just avoiding gotchas (consider non-enumerated properties with object manipulation like extend/clone.); you're also leveraging a community-tested solution. These libraries often include safeguards against edge cases and peculiarities of JavaScript that a typical custom implementation might overlook. This results in more robust code, reducing the likelihood of bugs related to subtle language intricacies.
Utility includes the following helpers:
unique(arr)
- Removes duplicates from arrays.filterEmpty(arr)
- Removes falsey values from an array.last(array, number)
- Returns last (n) elements from arrayfirst(array, number)
- Returns first (n) elements from arrayfirstMatch(array, callback)
- Returns the first value that matches the provided callback function.findIndex(array, callback)
- Finds the index of the first element in the array that satisfies the provided callback function. Returns -1 if no match is found.remove(array, callbackOrValue)
- Removes elements from an array that match the given callback function or value.inArray(value, array)
- Returns whether a value is present in an array.range(start, stop, step)
- Creates an array of numbers (positive and/or negative) progressing from start up to, but not including, end.where(array, properties)
- Returns only objs with given properties in an array of objects.flatten(arr)
- Flattens an array of arrayssome/any(arr, truthFunc)
- Returns true if any/some values match truthFuncsum(values)
- sums an array of numberskeys(obj)
- Return the keys of an object.values(obj)
- Return the values of an object.mapObject(obj, callback)
- Creates an object with the same keys as object and values generated by running each own enumerable string keyed property of object thru iteratee.extend(obj, ...sources)
- Extends an object with properties from additional sources, handling getters and setters properly.pick(obj, ...keys)
- Creates an object composed of the picked object properties.get(obj, string)
- Access a nested object field with a string, like 'a.b.c'.onlyKeys(obj, keysToKeep)
- Returns an object with only specified keyshasProperty(obj, prop)
- Return true if the object has the specified property.reverseKeys(obj)
- Reverses a lookup object's keys and values.isObject(x)
- Checks if the value is an object.isPlainObject(x)
- Checks if the value is a plain object.isString(x)
- Checks if the value is a string.isNumber(x)
- Checks if the value is a number.isArray(x)
- Checks if the value is an array.isBinary(x)
- Checks if the value is binary (Uint8Array).isFunction(x)
- Checks if the value is a function.isPromise(x)
- Checks if the value is a promise.isArguments(obj)
- Checks if the value is an arguments object.isDOM(x)
- Checks if the value is a DOM element.isNode(x)
- Checks if the value is a DOM node.isEmpty(x)
Checks if the value is empty like {}formatDate(date, format)
- Formats a date object into a string based on the provided format.noop()
- A no-operation function for use as a default callback.wrapFunction(x)
- Wraps a value in a function, returning a no-op function if the value is not a function.kebabToCamel(str)
- Converts a kebab-case string to camelCase.camelToKebab(str)
- Converts a camelCase string to kebab-case.capitalize(str)
- Capitalize only the first word in a string.capitalizeWords(str)
- Capitalizes each word of a stringtoTitleCase(str)
- Converts a string to title case.escapeRegExp(string)
- Escapes special characters in a string for use in a regular expression.escapeHTML(string)
- Escapes string for html '&<>"' onlyeach(iterable, func, context)
- Calls function for each element of an iterable.isEqual(a, b)
- Deep compares two values to determine if they are equivalent.clone(a)
- Performant clone of Array, Object, Date, regExp, Map, Set, or other data.tokenize(str)
- Returns a tokenized version of a stringprettifyID(num)
- Converts a numeric ID into a more human-readable string format.hashCode(input)
- Creates a hash code from a string, object, or array (murmur hash)generateID()
- Generates a pseudo-random unique identifier.fatal(message, options)
- Throws a custom error asynchronously, allowing for metadata and stack trace modifications.FAQs
**Utils is a tiny 3kb library for simplifying common javascript boilerplate.**
The npm package @semantic-ui/utils receives a total of 102 weekly downloads. As such, @semantic-ui/utils popularity was classified as not popular.
We found that @semantic-ui/utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.