Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
lodash.isnumber
Advanced tools
Package description
The lodash.isnumber package is a utility function that checks if a given value is classified as a number primitive or object. It is part of the Lodash library, which is a popular utility library for JavaScript.
Check if a value is a number
This feature allows you to check if a given value is a number. It returns true for number primitives and objects, including NaN, and false for non-number values.
const isNumber = require('lodash.isnumber');
console.log(isNumber(123)); // true
console.log(isNumber('123')); // false
console.log(isNumber(NaN)); // true
The is-number package is a simple utility that checks if a value is a number. It is similar to lodash.isnumber but is a standalone package without the additional utilities provided by Lodash. It also returns true for number primitives and objects, including NaN.
The number-is-nan package is a utility that specifically checks if a value is NaN. While it is more specialized than lodash.isnumber, it can be useful in scenarios where you need to specifically identify NaN values.
The is-numeric package checks if a value is numeric, which includes both number primitives and numeric strings. This is slightly different from lodash.isnumber, which does not consider numeric strings as numbers.
Readme
The lodash method _.isNumber
exported as a Node.js module.
Using npm:
$ {sudo -H} npm i -g npm
$ npm i --save lodash.isnumber
In Node.js:
var isNumber = require('lodash.isnumber');
See the documentation or package source for more details.
FAQs
Unknown package
The npm package lodash.isnumber receives a total of 6,694,157 weekly downloads. As such, lodash.isnumber popularity was classified as popular.
We found that lodash.isnumber demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.