
Security News
Django Joins curl in Pushing Back on AI Slop Security Reports
Django has updated its security policies to reject AI-generated vulnerability reports that include fabricated or unverifiable content.
The 'd' npm package is a utility for defining property descriptors for JavaScript objects. It is often used to create properties with specific characteristics such as being non-enumerable, writable, or configurable, and can be used in object property definition contexts where you want more control over how properties behave.
Defining non-enumerable properties
This code sample demonstrates how to define a non-enumerable property 'foo' with the value 'bar'. The property will not show up in for-in loops or Object.keys() calls.
{"foo": d('bar')}
Defining writable and configurable properties
This code sample shows how to define a property 'foo' that is both writable and configurable with the value 'bar'. This means the property value can be changed and the property descriptor can be modified after the initial definition.
{"foo": d(true, 'bar')}
Defining a getter and setter
This code sample illustrates defining a property 'foo' with a getter and setter function. The getter function returns the value of '_foo', and the setter function assigns the new value to '_foo'.
{"foo": d.gs(function() { return this._foo; }, function(value) { this._foo = value; })}
The 'define-property' npm package is similar to 'd' in that it is used to define a new property on an object with a given descriptor. It is a simpler and smaller utility that might be preferred for its minimalistic approach, but 'd' offers a more fluent and feature-rich API.
Originally derived from d package.
Defining properties with descriptors is very verbose:
var Account = function () {};
Object.defineProperties(Account.prototype, {
deposit: {
value: function () { /* ... */ },
configurable: true,
enumerable: false,
writable: true
},
withdraw: {
value: function () { /* ... */ },
configurable: true,
enumerable: false,
writable: true
},
balance: { get: function () { /* ... */ }, configurable: true, enumerable: false }
});
D cuts that to:
var d = require("d");
var Account = function () {};
Object.defineProperties(Account.prototype, {
deposit: d(function () { /* ... */ }),
withdraw: d(function () { /* ... */ }),
balance: d.gs(function () { /* ... */ })
});
By default, created descriptor follow characteristics of native ES5 properties, and defines values as:
{ configurable: true, enumerable: false, writable: true }
You can overwrite it by preceding value argument with instruction:
d("c", value); // { configurable: true, enumerable: false, writable: false }
d("ce", value); // { configurable: true, enumerable: true, writable: false }
d("e", value); // { configurable: false, enumerable: true, writable: false }
// Same way for get/set:
d.gs("e", value); // { configurable: false, enumerable: true }
$ npm install d
To port it to Browser or any other (non CJS) environment, use your favorite CJS bundler. No favorite yet? Try: Browserify, Webmake or Webpack
Define methods which will be automatically bound to its instances
var d = require('d');
var autoBind = require('d/auto-bind');
var Foo = function () { this._count = 0; };
Object.defineProperties(Foo.prototype, autoBind({
increment: d(function () { ++this._count; });
}));
var foo = new Foo();
// Increment foo counter on each domEl click
domEl.addEventListener('click', foo.increment, false);
Define lazy properties, which will be resolved on first access
var d = require("d");
var lazy = require("d/lazy");
var Foo = function () {};
Object.defineProperties(Foo.prototype, lazy({ items: d(function () { return []; }) }));
var foo = new Foo();
foo.items.push(1, 2); // foo.items array created and defined directly on foo
$ npm test
To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure.
FAQs
Property descriptor factory
The npm package d receives a total of 12,133,136 weekly downloads. As such, d popularity was classified as popular.
We found that d demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Django has updated its security policies to reject AI-generated vulnerability reports that include fabricated or unverifiable content.
Security News
ECMAScript 2025 introduces Iterator Helpers, Set methods, JSON modules, and more in its latest spec update approved by Ecma in June 2025.
Security News
A new Node.js homepage button linking to paid support for EOL versions has sparked a heated discussion among contributors and the wider community.