Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
es-abstract
Advanced tools
The es-abstract npm package provides utility functions for ECMAScript language abstract operations. These operations are the fundamental building blocks of the ECMAScript specification, which JavaScript and other related languages are based on. The package includes methods for type conversion, manipulation of objects, and working with language semantics as defined in various ECMAScript editions.
Type Conversion
Converts a value to a number as per ECMAScript abstract operation ToNumber.
const ES = require('es-abstract');
const value = '123';
const number = ES.ToNumber(value);
Object Manipulation
Gets an array of the own enumerable property names of an object.
const ES = require('es-abstract');
const obj = { a: 1 };
const keys = ES.EnumerableOwnNames(obj);
Working with Language Semantics
Calls a given function with a specific this value and arguments list.
const ES = require('es-abstract');
const result = ES.Call(Function.prototype.toString, () => {});
Lodash is a popular utility library that offers a wide range of functions for manipulating objects, arrays, numbers, strings, etc. It is more focused on practical application development rather than strictly adhering to ECMAScript abstract operations.
Core-js is a modular standard library for JavaScript, which includes polyfills for ECMAScript features. It provides functionality similar to es-abstract in terms of implementing ECMAScript standards, but it also includes polyfills for newer language features.
ECMAScript spec abstract operations.
Every operation is available by edition/year and by name - for example, es-abstract/2020/Call
gives you the Call
operation from ES2020, es-abstract/5/Type
gives you the Type
operation from ES5.
All abstract operations are also available under an es5
/es2015
/es2016
/es2017
/es2018
/es2019
/es2020
/es2021
entry point, and as a property on the main
export, but using deep imports is highly encouraged for bundle size and performance reasons. Non-deep entry points will be removed in the next semver-major release.
var ES = require('es-abstract');
var assert = require('assert');
assert(ES.isCallable(function () {}));
assert(!ES.isCallable(/a/g));
Simply clone the repo, npm install
, and run npm test
Please email @ljharb or see https://tidelift.com/security if you have a potential security vulnerability to report.
FAQs
ECMAScript spec abstract operations.
The npm package es-abstract receives a total of 40,682,906 weekly downloads. As such, es-abstract popularity was classified as popular.
We found that es-abstract demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.