Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The lodash-es package is a variant of Lodash, optimized for tree-shaking and ES module syntax. It provides utility functions for common programming tasks, including manipulating arrays, objects, and strings, as well as utilities for functions, logic, and math operations.
Array Manipulation
Lodash-es provides functions to work with arrays, such as map, filter, and reduce, similar to those found in native JavaScript but with additional capabilities and optimizations.
[1, 2, 3].map(n => n * 3)
Object Manipulation
It offers a suite of tools for manipulating objects, such as merging, cloning, and deep property access.
_.assign({ 'a': 1 }, { 'b': 2 }, { 'c': 3 })
String Manipulation
Lodash-es includes methods for string manipulation, such as case conversion, trimming, and splitting strings.
_.kebabCase('Foo Bar')
Function Utilities
The package provides utilities for functions, such as debounce and throttle, which are useful for optimizing performance for actions that should not happen too frequently.
_.debounce(func, [wait=0], [options={}])
Logic Operations
Lodash-es has functions to perform logical operations, such as checking if a value is empty, equal to another, or matches a certain condition.
_.isEmpty({})
Math Operations
It also includes utilities for math operations, such as add, subtract, multiply, and divide, as well as more complex mathematical computations.
_.add(6, 4)
Underscore is a similar utility library that offers functions for working with arrays, objects, and functions. It is less modular than lodash-es and does not support tree-shaking.
Ramda is a functional programming library that emphasizes a more functional and composable approach than lodash-es. It is designed for a functional programming style, which can be more expressive but also has a steeper learning curve.
Immutable.js provides persistent immutable data structures which can help to avoid mutable state. Unlike lodash-es, it does not provide utility functions for arrays and objects but focuses on providing immutable data structures.
The Lodash library exported as ES modules.
Generated using lodash-cli:
$ lodash modularize exports=es -o ./
See the package source for more details.
FAQs
Lodash exported as ES modules.
The npm package lodash-es receives a total of 11,129,280 weekly downloads. As such, lodash-es popularity was classified as popular.
We found that lodash-es demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.