Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
lodash.isplainobject
Advanced tools
The lodash.isplainobject npm package is a module that provides a function to check if a given value is a plain object, that is, an object created by the Object constructor or one with a null prototype.
Check for plain objects
This feature allows you to verify if a value is a plain object. It returns true for objects created by the Object constructor or with a null prototype and false for any other type of value, including arrays, functions, and instances of built-in JavaScript types like Date.
const isPlainObject = require('lodash.isplainobject');
console.log(isPlainObject({})); // true
console.log(isPlainObject(Object.create(null))); // true
console.log(isPlainObject([1, 2, 3])); // false
console.log(isPlainObject(Function)); // false
console.log(isPlainObject(new Date())); // false
is-plain-object is a package that offers similar functionality to lodash.isplainobject. It checks if an object is a plain object, that is, an object created by the Object constructor or one with a null prototype. It is a smaller package focused solely on this functionality, which might be preferable for those looking to minimize their dependency footprint.
isobject is another npm package that provides a function to check if a value is an object. It's more general than lodash.isplainobject as it returns true for any JavaScript object, not just plain objects. This means it will return true for arrays, functions, and other object types, which might not be desirable if you specifically need to check for plain objects.
The lodash method _.isPlainObject
exported as a Node.js module.
Using npm:
$ {sudo -H} npm i -g npm
$ npm i --save lodash.isplainobject
In Node.js:
var isPlainObject = require('lodash.isplainobject');
See the documentation or package source for more details.
FAQs
The lodash method `_.isPlainObject` exported as a module.
We found that lodash.isplainobject demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.