js-select
Advanced tools
Comparing version 0.6.0 to 1.0.0
{ | ||
"name": "js-select", | ||
"description": "Traverse and modify objects with JSONSelect selectors", | ||
"version": "0.6.0", | ||
"author": "Heather Arthur <fayearthur@gmail.com>", | ||
"repository": { | ||
"type": "git", | ||
"url": "http://github.com/harthur/js-select.git" | ||
}, | ||
"main": "./index", | ||
"dependencies": { | ||
"traverse": "0.4.x", | ||
"JSONSelect": "0.2.1" | ||
}, | ||
"devDependencies": { | ||
"nomnom": "0.6.x", | ||
"color": "0.3.x" | ||
}, | ||
"keywords": ["json"] | ||
} | ||
"name": "js-select", | ||
"version": "1.0.0", | ||
"description": "", | ||
"main": "index.js", | ||
"scripts": { | ||
"test": "echo \"Error: no test specified\" && exit 1" | ||
}, | ||
"repository": { | ||
"type": "git", | ||
"url": "git+https://github.com/npm/deprecate-holder.git" | ||
}, | ||
"author": "", | ||
"license": "ISC", | ||
"bugs": { | ||
"url": "https://github.com/npm/deprecate-holder/issues" | ||
}, | ||
"homepage": "https://github.com/npm/deprecate-holder#readme" | ||
} |
119
README.md
@@ -1,118 +0,5 @@ | ||
# js-select | ||
# Deprecated Package | ||
js-select uses [js-traverse](https://github.com/substack/js-traverse) to traverse and modify JavaScript object nodes that match [JSONSelect](http://jsonselect.org/) selectors. | ||
This package is no longer supported and has been deprecated. To avoid malicious use, npm is hanging on to the package name. | ||
```javascript | ||
var people = { | ||
george: { | ||
age : 35, | ||
movie: "Repo Man" | ||
}, | ||
mary: { | ||
age: 15, | ||
movie: "Twilight" | ||
} | ||
}; | ||
``` | ||
### .forEach(fn) | ||
Iterates over all matching nodes in the object. The callback gets a special `this` context. See [js-traverse](https://github.com/substack/js-traverse) for all the things you can do to modify and inspect the node with this context. In addition, js-select adds a `this.matches()` which will test if the node matches a selector: | ||
```javascript | ||
select(people).forEach(function(node) { | ||
if (this.matches(".mary > .movie")) { | ||
this.remove(); | ||
} | ||
}); | ||
``` | ||
### .nodes() | ||
Returns all matching nodes from the object. | ||
```javascript | ||
select(people, ".age").nodes(); // [35, 15] | ||
``` | ||
### .remove() | ||
Removes matching elements from the original object. | ||
```javascript | ||
select(people, ".age").remove(); | ||
``` | ||
### .update(fn) | ||
Updates all matching nodes using the given callback. | ||
```javascript | ||
select(people, ".age").update(function(age) { | ||
return age - 5; | ||
}); | ||
``` | ||
### .condense() | ||
Reduces the original object down to only the matching elements (the hierarchy is maintained). | ||
```javascript | ||
select(people, ".age").condense(); | ||
``` | ||
```javascript | ||
{ | ||
george: { age: 35 }, | ||
mary: { age: 15 } | ||
} | ||
``` | ||
## Selectors | ||
js-select supports the following [JSONSelect](http://jsonselect.org/) selectors: | ||
``` | ||
* | ||
type | ||
.key | ||
ancestor selector | ||
parent > selector | ||
sibling ~ selector | ||
selector1, selector2 | ||
:root | ||
:nth-child(n) | ||
:nth-child(even) | ||
:nth-child(odd) | ||
:nth-last-child(n) | ||
:first-child | ||
:last-child | ||
:only-child | ||
:has(selector) | ||
:val("string") | ||
:contains("substring") | ||
``` | ||
See [details](http://jsonselect.org/#docs/overview) on each selector, and [try them](http://jsonselect.org/#tryit) out on the JSONSelect website. | ||
## Install | ||
For [node](http://nodejs.org), install with [npm](http://npmjs.org): | ||
```bash | ||
npm install js-select | ||
``` | ||
For the browser, download the select.js file or fetch the latest version from [npm](http://npmjs.org) and build a browser file using [browserify](https://github.com/substack/node-browserify): | ||
```bash | ||
npm install browserify -g | ||
npm install js-select | ||
browserify --require js-select --outfile select.js | ||
``` | ||
this will build a browser file with `require('js-select')` available. | ||
## Propers | ||
Huge thanks to [@substack](http://github.com/substack) for the ingenious [js-traverse](https://github.com/substack/js-traverse) and [@lloyd](https://github.com/lloyd) for the ingenious [JSONSelect spec](http://http://jsonselect.org/) and [selector parser](http://search.npmjs.org/#/JSONSelect). | ||
Please contact support@npmjs.com if you have questions about this package. |
Empty package
Supply chain riskPackage does not contain any code. It may be removed, is name squatting, or the result of a faulty package publish.
Found 1 instance in 1 package
Major refactor
Supply chain riskPackage has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.
Found 1 instance in 1 package
New author
Supply chain riskA new npm collaborator published a version of the package for the first time. New collaborators are usually benign additions to a project, but do indicate a change to the security surface area of a package.
Found 1 instance in 1 package
No contributors or author data
MaintenancePackage does not specify a list of contributors or an author in package.json.
Found 1 instance in 1 package
No tests
QualityPackage does not have any tests. This is a strong signal of a poorly maintained or low quality package.
Found 1 instance in 1 package
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 2 instances in 1 package
Debug access
Supply chain riskUses debug, reflection and dynamic code execution features.
Found 2 instances in 1 package
Dynamic require
Supply chain riskDynamic require can indicate the package is performing dangerous or unsafe dynamic code execution.
Found 1 instance in 1 package
Environment variable access
Supply chain riskPackage accesses environment variables, which may be a sign of credential stuffing or data theft.
Found 1 instance in 1 package
Filesystem access
Supply chain riskAccesses the file system, and could potentially read sensitive data.
Found 1 instance in 1 package
No bug tracker
MaintenancePackage does not have a linked bug tracker in package.json.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
No website
QualityPackage does not have a website.
Found 1 instance in 1 package
0
0
1
0
671
2
0
6
3
- RemovedJSONSelect@0.2.1
- Removedtraverse@0.4.x
- RemovedJSONSelect@0.2.1(transitive)
- Removedtraverse@0.4.6(transitive)