Robust call-bound JavaScript intrinsics, using `call-bind` and `get-intrinsic`.
Robust call-bound JavaScript intrinsics, using call-bind and get-intrinsic.
npm install --save call-bound
const assert = require('assert');
const callBound = require('call-bound');
const slice = callBound('Array.prototype.slice');
delete Function.prototype.call;
delete Function.prototype.bind;
delete Array.prototype.slice;
assert.deepEqual(slice([1, 2, 3, 4], 1, -1), [2, 3]);
Clone the repo, npm install, and run npm test
The function-bind package provides a polyfill for Function.prototype.bind, which is a native JavaScript method that allows you to create a new function with a specific 'this' value. While call-bound focuses on binding methods to their objects, function-bind is more general-purpose, allowing any function to be bound to a specific context.
Lodash is a utility library that provides a wide range of functions for manipulating arrays, objects, and other data types. It includes a _.bind method that is similar to call-bound in that it allows you to bind a function to a specific context. However, lodash offers a much broader set of utilities beyond just function binding.
FAQs
Robust call-bound JavaScript intrinsics, using `call-bind` and `get-intrinsic`.
The npm package call-bound receives a total of 84,350,416 weekly downloads. As such, call-bound popularity was classified as popular.
We found that call-bound demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
Compromised intercom-client@7.0.4 npm package is tied to the ongoing Mini Shai-Hulud worm attack targeting developer and CI/CD secrets.
Research
Socket detected a malicious supply chain attack on PyPI package lightning versions 2.6.2 and 2.6.3, which execute credential-stealing malware on import.
Research
A brand-squatted TanStack npm package used postinstall scripts to steal .env files and exfiltrate developer secrets to an attacker-controlled endpoint.