Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
lodash.forin
Advanced tools
The Lo-Dash function `_.forIn` as a Node.js module generated by lodash-cli.
The lodash.forin package is a utility library that provides a method for iterating over own and inherited enumerable properties of an object. It is part of the larger Lodash library, which is known for its utility functions for common programming tasks.
Iterate over object properties
This feature allows you to iterate over all enumerable properties of an object, including inherited properties. The provided function is invoked for each property.
const forIn = require('lodash.forin');
const object = { 'a': 1, 'b': 2, 'c': 3 };
forIn(object, function(value, key) {
console.log(key, value);
});
The for-own package is a utility for iterating over the own enumerable properties of an object. Unlike lodash.forin, it does not iterate over inherited properties, making it more focused on the object's own properties.
The object.entries package provides a method to return an array of a given object's own enumerable string-keyed property [key, value] pairs. It is a part of the ECMAScript 2017 standard and does not include inherited properties, similar to for-own.
The Lo-Dash function _.forIn
as a Node.js module generated by lodash-cli.
There’s plenty of documentation, unit tests, & benchmarks.
lodash.forin has been tested in at least Node.js 0.6.8-0.10.18.
John-David Dalton |
Blaine Bublitz | Kit Cambridge | Mathias Bynens |
FAQs
The lodash method `_.forIn` exported as a module.
The npm package lodash.forin receives a total of 168,557 weekly downloads. As such, lodash.forin popularity was classified as popular.
We found that lodash.forin demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.