Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
jsprim
Advanced tools
Package description
The jsprim package provides utilities for working with primitive JavaScript types. It includes functions for deep copying, testing object types, parsing JSON safely, and more. It's designed to offer a collection of utilities that are commonly needed but not provided by the JavaScript standard library.
Deep copying objects
This feature allows you to create a deep copy of an object, ensuring that nested objects are also copied rather than just copying the reference.
var jsprim = require('jsprim');
var obj = { a: 1, b: { c: 2 } };
var copy = jsprim.deepCopy(obj);
Checking if a value is an object
This utility helps in determining whether a given value is an object, which can be particularly useful for validation and type checking.
var jsprim = require('jsprim');
var result = jsprim.isObject({}); // true
result = jsprim.isObject(123); // false
Parsing JSON safely
Safely parse a JSON string, catching any errors that occur during parsing and returning `null` instead of throwing an exception.
var jsprim = require('jsprim');
var str = '{ "key": "value" }';
var obj = jsprim.parseJSON(str);
Lodash is a comprehensive utility library offering a wide range of functions for tasks such as deep copying, type checking, and more. It's more extensive than jsprim but can be bulkier due to its size and scope.
Underscore is another utility library similar to lodash but with a smaller footprint. It provides many of the same functionalities as jsprim, such as object manipulation and type checking, but it doesn't include JSON parsing utilities.
Changelog
v1.2.1 (2015-10-14)
Readme
This module provides miscellaneous facilities for working with strings, numbers, dates, and objects and arrays of these basic types.
Creates a deep copy of a primitive type, object, or array of primitive types.
Returns whether two objects are equal.
Returns true if the given object has no properties and false otherwise. This
is O(1) (unlike Object.keys(obj).length === 0
, which is O(N)).
Like Array.forEach, but iterates properties of an object rather than elements of an array. Equivalent to:
for (var key in obj)
callback(key, obj[key]);
Flattens an object up to a given level of nesting, returning an array of arrays of length "depth + 1", where the first "depth" elements correspond to flattened columns and the last element contains the remaining object . For example:
flattenObject({
'I': {
'A': {
'i': {
'datum1': [ 1, 2 ],
'datum2': [ 3, 4 ]
},
'ii': {
'datum1': [ 3, 4 ]
}
},
'B': {
'i': {
'datum1': [ 5, 6 ]
},
'ii': {
'datum1': [ 7, 8 ],
'datum2': [ 3, 4 ],
},
'iii': {
}
}
},
'II': {
'A': {
'i': {
'datum1': [ 1, 2 ],
'datum2': [ 3, 4 ]
}
}
}
}, 3)
becomes:
[
[ 'I', 'A', 'i', { 'datum1': [ 1, 2 ], 'datum2': [ 3, 4 ] } ],
[ 'I', 'A', 'ii', { 'datum1': [ 3, 4 ] } ],
[ 'I', 'B', 'i', { 'datum1': [ 5, 6 ] } ],
[ 'I', 'B', 'ii', { 'datum1': [ 7, 8 ], 'datum2': [ 3, 4 ] } ],
[ 'I', 'B', 'iii', {} ],
[ 'II', 'A', 'i', { 'datum1': [ 1, 2 ], 'datum2': [ 3, 4 ] } ]
]
This function is strict: "depth" must be a non-negative integer and "obj" must be a non-null object with at least "depth" levels of nesting under all keys.
This is similar to flattenObject
except that instead of returning an array,
this function invokes func(entry)
for each entry
in the array that
flattenObject
would return. flattenIter(obj, depth, func)
is logically
equivalent to flattenObject(obj, depth).forEach(func)
. Importantly, this
version never constructs the full array. Its memory usage is O(depth) rather
than O(n) (where n
is the number of flattened elements).
There's another difference between flattenObject
and flattenIter
that's
related to the special case where depth === 0
. In this case, flattenObject
omits the array wrapping obj
(which is regrettable).
Fetch nested property "key" from object "obj", traversing objects as needed.
For example, pluck(obj, "foo.bar.baz")
is roughly equivalent to
obj.foo.bar.baz
, except that:
pluck({}, "foo.bar")
is just undefined.pluck({ 'foo.bar': 1 }, 'foo.bar')
is 1, not undefined. This is also
true recursively, so pluck({ 'a': { 'foo.bar': 1 } }, 'a.foo.bar')
is
also 1, not undefined.Returns an element from "array" selected uniformly at random. If "array" is empty, throws an Error.
Returns true if the given string starts with the given prefix and false otherwise.
Returns true if the given string ends with the given suffix and false otherwise.
Converts a Date object to an ISO8601 date string of the form "YYYY-MM-DDTHH:MM:SS.sssZ". This format is not customizable.
Parses a date expressed as a string, as either a number of milliseconds since the epoch or any string format that Date accepts, giving preference to the former where these two sets overlap (e.g., strings containing small numbers).
Given two hrtime readings (as from Node's process.hrtime()
), where timeA is
later than timeB, compute the difference and return that as an hrtime. It is
illegal to invoke this for a pair of times where timeB is newer than timeA.
Add two hrtime intervals (as from Node's process.hrtime()
), returning a new
hrtime interval array. This function does not modify either input argument.
Add two hrtime intervals (as from Node's process.hrtime()
), storing the
result in timeA
. This function overwrites (and returns) the first argument
passed in.
This suite of functions converts a hrtime interval (as from Node's
process.hrtime()
) into a scalar number of nanoseconds, microseconds or
milliseconds. Results are truncated, as with Math.floor()
.
Uses JSON validation (via JSV) to validate the given object against the given schema. On success, returns null. On failure, returns (does not throw) a useful Error object.
Check an object for unexpected properties. Accepts the object to check, and an array of allowed property name strings. If extra properties are detected, an array of extra property names is returned. If no properties other than those in the allowed list are present on the object, the returned array will be of zero length.
Merge properties from objects "provided", "overrides", and "defaults". The intended use case is for functions that accept named arguments in an "args" object, but want to provide some default values and override other values. In that case, "provided" is what the caller specified, "overrides" are what the function wants to override, and "defaults" contains default values.
The function starts with the values in "defaults", overrides them with the values in "provided", and then overrides those with the values in "overrides". For convenience, any of these objects may be falsey, in which case they will be ignored. The input objects are never modified, but properties in the returned object are not deep-copied.
For example:
mergeObjects(undefined, { 'objectMode': true }, { 'highWaterMark': 0 })
returns:
{ 'objectMode': true, 'highWaterMark': 0 }
For another example:
mergeObjects(
{ 'highWaterMark': 16, 'objectMode': 7 }, /* from caller */
{ 'objectMode': true }, /* overrides */
{ 'highWaterMark': 0 }); /* default */
returns:
{ 'objectMode': true, 'highWaterMark': 16 }
Code should be "make check" clean. This target assumes that jsl and jsstyle are on your path.
New tests should generally accompany new functions and bug fixes. The tests should pass cleanly (run tests/basic.js).
FAQs
utilities for primitive JavaScript types
The npm package jsprim receives a total of 14,588,275 weekly downloads. As such, jsprim popularity was classified as popular.
We found that jsprim demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 14 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.