Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Fast-sort is a lightweight (850 bytes gzip), zero-dependency sorting library with TypeScript support. Its easy-to-use and flexible syntax, combined with incredible speed , make it a top choice for developers seeking efficient, reliable, and customizable sorting solutions.
import { sort } from 'fast-sort';
// Sort flat arrays
const ascSorted = sort([1,4,2]).asc(); // => [1, 2, 4]
const descSorted = sort([1, 4, 2]).desc(); // => [4, 2, 1]
// Sort users (array of objects) by firstName in descending order
const sorted = sort(users).desc(u => u.firstName);
// Sort users in ascending order by firstName and lastName
const sorted = sort(users).asc([
u => u.firstName,
u => u.lastName
]);
// Sort users ascending by firstName and descending by city
const sorted = sort(users).by([
{ asc: u => u.firstName },
{ desc: u => u.address.city }
]);
// Sort based on computed property
const sorted = sort(repositories).desc(r => r.openIssues + r.closedIssues);
// Sort using string for object key
// Only available for root object properties
const sorted = sort(users).asc('firstName');
Fore more examples check unit tests.
Fast-sort provides an inPlace sorting option that mutates the original array instead of creating a new instance, resulting in marginally faster and more memory-efficient sorting. However, both the inPlaceSort and default sort methods offer exactly the same functionality.
const { sort, inPlaceSort } = require('fast-sort');
const array = [3, 1, 5];
const sorted = sort(array).asc();
// sorted => [1, 3, 5]
// array => [3, 1, 5]
inPlaceSort(array).asc();
// array => [1, 3, 5]
By default fast-sort
is not doing language sensitive sorting of strings.
e.g 'image-11.jpg'
will be sorted before 'image-2.jpg'
(in ascending sorting).
We can provide custom Intl.Collator comparer to fast-sort for language sensitive sorting of strings.
Keep in mind that natural sort is slower then default sorting so recommendation is to use it
only when needed.
import { sort, createNewSortInstance } from 'fast-sort';
const testArr = ['image-2.jpg', 'image-11.jpg', 'image-3.jpg'];
// By default fast-sort is not doing natural sort
sort(testArr).desc(); // => ['image-3.jpg', 'image-2.jpg', 'image-11.jpg']
// We can use `by` sort to override default comparer
// with the one that is doing language sensitive comparison
sort(testArr).by({
desc: true,
comparer: new Intl.Collator(undefined, { numeric: true, sensitivity: 'base' }).compare,
}); // => ['image-11.jpg', 'image-3.jpg', 'image-2.jpg']
// Or we can create new sort instance with language sensitive comparer.
// Recommended if used in multiple places
const naturalSort = createNewSortInstance({
comparer: new Intl.Collator(undefined, { numeric: true, sensitivity: 'base' }).compare,
});
naturalSort(testArr).asc(); // => ['image-2.jpg', 'image-3.jpg', 'image-11.jpg']
naturalSort(testArr).desc(); // => ['image-11.jpg', 'image-3.jpg', 'image-2.jpg']
NOTE: It's known that Intl.Collator
might not sort null
values correctly so make sure to cast them to undefine
as described in the following issue
https://github.com/snovakovic/fast-sort/issues/54#issuecomment-1072289388
Fast sort can be tailored to fit any sorting need or use case by:
by
sorterFor example we will sort tags
by "custom" tag importance (e.g vip
tag is of greater importance then captain
tag).
import { sort, createNewSortInstance } from 'fast-sort';
const tags = ['influencer', 'unknown', 'vip', 'captain'];
const tagsImportance = { // Domain specific tag importance
vip: 3,
influencer: 2,
captain: 1,
};
// We can use power of computed prop to sort tags by domain specific importance
const descTags = sort(tags).desc(tag => tagImportance[tag] || 0);
// => ['vip', 'influencer', 'captain', 'unknown'];
// Or we can create specialized tagSorter so we can reuse it in multiple places
const tagSorter = createNewSortInstance({
comparer: (a, b) => (tagImportance[a] || 0) - (tagImportance[b] || 0),
inPlaceSorting: true, // default[false] => Check "In Place Sort" section for more info.
});
tagSorter(tags).asc(); // => ['unknown', 'captain', 'influencer', 'vip'];
tagSorter(tags).desc(); // => ['vip', 'influencer', 'captain', 'unknown'];
// Default sorter will sort tags by comparing string values not by their domain specific value
const defaultSort = sort(tags).asc(); // => ['captain', 'influencer', 'unknown' 'vip']
// Sorting values that are not sortable will return same value back
sort(null).asc(); // => null
sort(33).desc(); // => 33
// By default fast-sort sorts null and undefined values to the
// bottom no matter if sorting is in asc or decs order.
// If this is not intended behaviour you can check "Should create sort instance that sorts nil value to the top in desc order" test on how to override
const addresses = [{ city: 'Split' }, { city: undefined }, { city: 'Zagreb'}];
sort(addresses).asc(a => a.city); // => Split, Zagreb, undefined
sort(addresses).desc(a => a.city); // => Zagreb, Split, undefined
Documentation for v2 and older versions is available here.
For migrating to v3 you can reference CHANGELOG for what has been changed.
Five different benchmarks have been created to get better insight of how fast-sort perform under different scenarios. Each benchmark is run with different array sizes raging from small 100 items to large 100 000 items.
Every run of benchmark outputs different results but the results are constantly showing better scores compared to similar popular sorting libraries.
Benchmark has been run on:
Independent benchmark results from MacBook Air can be found in following PR: https://github.com/snovakovic/fast-sort/pull/48
To run benchmark on your PC follow steps from below
In case you notice any irregularities in benchmark or you want to add sort library to benchmark score please open issue here
FAQs
Fast easy to use and flexible sorting with TypeScript support
We found that fast-sort demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.