Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
array-string-at
Advanced tools
[…]
at()
, that is on the prototype of the built-in indexable objects:Array
,String
, andTypedArrays
objects. The method supports relative indexing from the end when passed a negative index.
npm install array-string-at --save
import at from 'array-string-at';
at('becky', 1); // e
at('becky', -2); // k
You can use named export preferNative
if you wish to use native
implementation if it’s available. In all other cases, ponyfill will be used.
Beware of
caveats!
import at from 'array-string-at';
if (typeof String.prototype.at === 'undefined') {
String.prototype.at = function (index) {
return at(this, index);
};
}
if (typeof Array.prototype.at === 'undefined') {
Array.prototype.at = function (index) {
return at(this, index);
};
}
Returns: *
Returns value at specified index. Supports relative indexing from the end when passed a negative index.
Type: string|Array<unknown>|TypedArray
Item to search.
Type: number
Relative index.
Tested in Chrome 72, Edge 15, Firefox 65 and should work in all modern browsers (support based on Browserslist configuration).
Test suite is taken and modified from following packages:
For automated tests, run npm run test:automated
(append :watch
for watcher
support).
MIT © Ivan Nikolić
FAQs
Array/string `.at()` ponyfill.
We found that array-string-at demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.