Security News
The Dark Side of Open Source
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
define-properties
Advanced tools
Package description
The define-properties npm package is used to define new properties on an object, including any necessary descriptors. It provides a simple API to define multiple properties at once while ensuring compatibility with older JavaScript engines that may not fully support ES5.
Defining multiple properties
This feature allows you to define multiple properties on an object with their descriptors. The 'enumerable' predicate ensures that the property will only be defined if the value is truthy.
{"object": {}, "properties": {"prop1": {"value": 42, "enumerable": true}, "prop2": {"value": 'hello', "enumerable": false}}, "predicates": {"enumerable": function(val) { return !!val; }}}
Defining properties with shared descriptors
This feature allows you to define properties with a shared descriptor. The predicate function can be used to conditionally define properties based on the key or value.
{"object": {}, "propertyNames": ["prop1", "prop2"], "descriptor": {"enumerable": true}, "predicate": function(key, value) { return key === 'prop1' || value > 10; }}
This package provides a similar functionality to define-properties by allowing you to define a new property directly on an object. It is a polyfill for Object.defineProperty and is useful for ensuring compatibility with older JavaScript engines.
es5-ext is a collection of ECMAScript 5 extensions, including various shims and polyfills. It offers a broader set of functionalities compared to define-properties, which includes defining properties but also other utilities for working with objects, arrays, and functions.
Changelog
Readme
Define multiple non-enumerable properties at once. Uses Object.defineProperty
when available; falls back to standard assignment in older engines.
Existing properties are not overridden. Accepts a map of property names to a predicate that, when true, force-overrides.
var define = require('define-properties');
var assert = require('assert');
var obj = define({ a: 1, b: 2 }, {
a: 10,
b: 20,
c: 30
});
assert(obj.a === 1);
assert(obj.b === 2);
assert(obj.c === 30);
if (define.supportsDescriptors) {
assert.deepEqual(Object.keys(obj), ['a', 'b']);
assert.deepEqual(Object.getOwnPropertyDescriptor(obj, 'c'), {
configurable: true,
enumerable: false,
value: 30,
writable: false
});
}
Then, with predicates:
var define = require('define-properties');
var assert = require('assert');
var obj = define({ a: 1, b: 2, c: 3 }, {
a: 10,
b: 20,
c: 30
}, {
a: function () { return false; },
b: function () { return true; }
});
assert(obj.a === 1);
assert(obj.b === 20);
assert(obj.c === 3);
if (define.supportsDescriptors) {
assert.deepEqual(Object.keys(obj), ['a', 'c']);
assert.deepEqual(Object.getOwnPropertyDescriptor(obj, 'b'), {
configurable: true,
enumerable: false,
value: 20,
writable: false
});
}
Simply clone the repo, npm install
, and run npm test
FAQs
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
The npm package define-properties receives a total of 36,820,265 weekly downloads. As such, define-properties popularity was classified as popular.
We found that define-properties demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.