Socket
Socket
Sign inDemoInstall

branded-types

Package Overview
Dependencies
0
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

    branded-types

Flippin' great branded types for TypeScript!

Version published
Weekly downloads
2
Maintainers
1
Install size
8.53 kB
Created
Weekly downloads
 

Readme

Source

branded-types

Flippin' great branded types for TypeScript!

Use them like opaque types in Flow, except you get to control visibility.

Simple example

Define a branded type:

import {Branded} from 'branded-types'
export class OrderId extends Branded<string, 'my-package.OrderId'>() {}

Import and use it

import {OrderId} from './other-module';

OrderId.brand('someUuid') === 'someString' // error

Advanced example

Want to hide the branding and un-branding functions?

  • Declare your branded type in namespace
  • Use the static functions within your module to safely create instances
  • Export only the type instead of the entire class
import { Branded } from "branded-types";

namespace my {
  export class OrderId extends Branded<string, 'my-package.OrderId'>() {}
}

export function safeCreateId() {
  return my.OrderId.brand('x')
}

export type OrderId = my.OrderId;

The other module can only use the safe ID creation functions now:

import {safeCreateId, OrderId} from './other-module';

safeCreateId() == 'someString'; // error

let m: Map<OrderId, string> = new Map;

m.set(safeCreateId(),  '1');
m.set('someString', '2'); // error

Features

  • Not nominal. The same package in different places in the filesystem will still be compatible with other instances (unless you bump the brand name - you control version compatibility)
  • Nice error messages e.g. the equality comparison error looks like this: 
    This condition will always return 'false' since
the types 'string' and 'OrderId' have no overlap.
    and the incorrect map insertion above produces the error: 
    Argument of type 'string' is not assignable to parameter of type 'OrderId'.
  • No runtime overhead. Despite all the class machinery, the converted values have NO runtime representation. The conversion functions do nothing except return the same value. The machinery is there for the nice errors and API only.
  • No built in string / number operators allowed. If for example you try to concat two OrderIds with +, its not going to work. You have to use an explicit cast to the source type via e.g. String(brandedVal) or Number(brandedVal) etc, then perform the operation

FAQs

Last updated on 15 Jun 2019

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

NIST Drafts New Security Framework to Tackle Emerging Risks of Generative AI

Security News

NIST Drafts New Security Framework to Tackle Emerging Risks of Generative AI

NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.

By Sarah Gooding  -  May 03, 2024
Introducing SSO

Product

Introducing SSO

Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.

By Alex Morais  -  Apr 29, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc