Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
merge-deep
Advanced tools
The merge-deep npm package is a utility for deeply merging objects in JavaScript. It is useful for combining configurations, options, or states in a way that nested properties are not lost but instead merged together.
Deep merging of objects
This feature allows you to deeply merge multiple objects into one. It recursively merges own and inherited enumerable properties of source objects into the destination object, skipping source properties that resolve to `undefined`.
{"const mergeDeep = require('merge-deep');\nconst object1 = { a: { b: 1 } };\nconst object2 = { a: { c: 2 }, d: 3 };\nconst result = mergeDeep(object1, object2);\nconsole.log(result); // Output: { a: { b: 1, c: 2 }, d: 3 }"}
Merging with array concatenation
Merge-deep can also merge arrays by concatenating them. This is useful when you want to combine arrays from different objects without losing any elements.
{"const mergeDeep = require('merge-deep');\nconst object1 = { a: [1, 2], b: 'one' };\nconst object2 = { a: [3, 4], b: 'two' };\nconst result = mergeDeep(object1, object2);\nconsole.log(result); // Output: { a: [1, 2, 3, 4], b: 'two' }"}
Customizing merge behavior
Users can define a custom merge function to control how merging is done. This is particularly useful when the default behavior of merge-deep does not suit the specific needs of your application.
{"const mergeDeep = require('merge-deep');\nfunction customMerge(a, b) {\n return Array.isArray(a) ? a.concat(b) : undefined;\n}\nconst object1 = { a: [1], b: [2] };\nconst object2 = { a: [3], b: [4] };\nconst result = mergeDeep({ customMerge }, object1, object2);\nconsole.log(result); // Output: { a: [1, 3], b: [2, 4] }"}
Lodash's merge function is similar to merge-deep as it allows for deep merging of objects. Lodash is a larger utility library, and its merge function is one of many utilities it provides. It is well-tested and widely used in the JavaScript community.
Deepmerge is another npm package that provides deep merging capabilities. It is similar to merge-deep but offers additional options for customizing the merge behavior, such as whether to clone or not clone the source objects, and how to handle merging arrays.
The extend package is a port of the jQuery extend method that can also perform deep merging of objects. It is less specialized than merge-deep and deepmerge, but it is still a viable option for users who prefer a jQuery-like API.
Recursively merge values in a javascript object.
Based on mout's implementation of merge
npm i merge-deep --save-dev
npm test
var merge = require('merge-deep');
merge({a: {b: {c: 'c', d: 'd'}}}, {a: {b: {e: 'e', f: 'f'}}});
//=> { a: { b: { c: 'c', d: 'd', e: 'e', f: 'f' } } }
Jon Schlinkert
These are other projects I maintain:
Copyright (c) 2014 Jon Schlinkert, contributors.
Released under the MIT license
This file was generated by verb-cli on November 04, 2014.
FAQs
Recursively merge values in a javascript object.
The npm package merge-deep receives a total of 1,008,786 weekly downloads. As such, merge-deep popularity was classified as popular.
We found that merge-deep demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.