Security News
MCP Community Begins Work on Official MCP Metaregistry
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
By Sarah Gooding - May 09, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
is-callable
Advanced tools
is-callable
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.
What is is-callable?
The is-callable npm package is used to determine if a value is callable, meaning it can be called as a function. This is useful for type-checking in JavaScript where the typeof operator can be insufficient for certain cases, such as distinguishing between callable and non-callable objects.
What are is-callable's main functionalities?
Check if a value is callable
This feature allows you to check if various types of values are callable, including regular functions, async functions, arrow functions, and classes. It also correctly identifies non-callable objects like regex literals and plain objects.
const isCallable = require('is-callable');
console.log(isCallable(function() {})); // true
console.log(isCallable(async function() {})); // true
console.log(isCallable(() => {})); // true
console.log(isCallable(class MyClass {})); // true
console.log(isCallable(/regex/)); // false
console.log(isCallable(null)); // false
console.log(isCallable({})); // falseOther packages similar to is-callable
is-function
The is-function package is similar to is-callable in that it checks if a given value is a function. However, it may not handle all the cases that is-callable does, such as ES6 classes or callable objects.
lodash.isfunction
Lodash provides a method called isFunction which is part of the larger lodash utility library. It is similar to is-callable but is part of a larger set of utility functions and may not distinguish between all types of callable entities as is-callable does.
is-callable 
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.
Supported engines
Automatically tested in every minor version of node.
Manually tested in:
- Safari: v4 - v15 (4, 5, 5.1, 6.0.5, 6.2, 7.1, 8, 9.1.3, 10.1.2, 11.1.2, 12.1, 13.1.2, 14.1.2, 15.3, 15.6.1)
- Note: Safari 9 has
class, butFunction.prototype.toStringhides that progeny and makes them look like functions, soclassconstructors will be reported by this package as callable, when they are not in fact callable.
- Note: Safari 9 has
- Chrome: v15 - v81, v83 - v106(every integer version)
- Note: This includes Edge v80+ and Opera v15+, which matches Chrome
- Firefox: v3, v3.6, v4 - v105 (every integer version)
- Note: v45 - v54 has
class, butFunction.prototype.toStringhides that progeny and makes them look like functions, soclassconstructors will be reported by this package as callable, when they are not in fact callable. - Note: in v42 - v63,
Function.prototype.toStringthrows on HTML element constructors, or a Proxy to a function - Note: in v20 - v35, HTML element constructors are not callable, despite having typeof
function. - Note: in v19,
document.allis not callable.
- Note: v45 - v54 has
- IE: v6 - v11(every integer version
- Opera: v11.1, v11.5, v11.6, v12.1, v12.14, v12.15, v12.16, v15+ v15+ matches Chrome
Example
var isCallable = require('is-callable');
var assert = require('assert');
assert.notOk(isCallable(undefined));
assert.notOk(isCallable(null));
assert.notOk(isCallable(false));
assert.notOk(isCallable(true));
assert.notOk(isCallable([]));
assert.notOk(isCallable({}));
assert.notOk(isCallable(/a/g));
assert.notOk(isCallable(new RegExp('a', 'g')));
assert.notOk(isCallable(new Date()));
assert.notOk(isCallable(42));
assert.notOk(isCallable(NaN));
assert.notOk(isCallable(Infinity));
assert.notOk(isCallable(new Number(42)));
assert.notOk(isCallable('foo'));
assert.notOk(isCallable(Object('foo')));
assert.ok(isCallable(function () {}));
assert.ok(isCallable(function* () {}));
assert.ok(isCallable(x => x * x));
Install
Install with
npm install is-callable
Tests
Simply clone the repo, npm install, and run npm test
v1.2.7 - 2022-09-23
Commits
- [Fix] recognize
document.allin IE 6-1006c1db2 - [Tests] improve logic for FF 20-35
0f7d9b9 - [Fix] handle
document.allin FF 27 (and +, probably)696c661 - [Tests] fix proxy tests in FF 42-63
985df0d - [readme] update tested browsers
389e919 - [Fix] detect
document.allin Opera 12.16b9f1022 - [Fix] HTML elements: properly report as callable in Opera 12.16
17391fe - [Tests] fix inverted logic in FF3 test
056ebd4
FAQs
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.
The npm package is-callable receives a total of 41,735,525 weekly downloads. As such, is-callable popularity was classified as popular.
We found that is-callable demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 23 Sep 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025