Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
A JavaScript package to return captured groups of a regular expression as an object.
mismatch
is a JavaScript package to return captured groups of a regular expression as objects in an array.
yarn add mismatch
The package is available by importing its default function:
import mismatch from 'mismatch'
mismatch(
re: RegExp,
string: string,
keys: string[],
addPosition?: boolean,
): void
The function will attempt to find all matches for a given regular expression in a string using .replace()
method, construct an object consisting of captured groups based on supplied keys, and return those objects as an array. It has an advantage over iterating over while(RegExp.exec(string))
pattern because it does not modify the regular expression's lastIndex
property.
/* yarn example/ */
import mismatch from 'mismatch'
const re = /(\w+)="(.+?)"/g
const string = `
<script
crossorigin="anonymous"
src="https://static.npmjs.com/commons.js"
integrity="sha512-example/rhb92Zdom+ix+AYtqZ7C1DlLKEA=="
></script>
`
const keys = ['attribute', 'value']
const res = mismatch(re, string, keys)
console.log(JSON.stringify(res, null, 2))
[
{
"attribute": "crossorigin",
"value": "anonymous"
},
{
"attribute": "src",
"value": "https://static.npmjs.com/commons.js"
},
{
"attribute": "integrity",
"value": "sha512-example/rhb92Zdom+ix+AYtqZ7C1DlLKEA=="
}
]
If an optional capturing group was not found, its key will not be included as part of the object. Also, if there are more captured groups than keys, they will also not be included.
/* yarn example/extra.js */
import mismatch from 'mismatch'
const re = /(?: type="(.+?)")?\s+crossorigin="(.+?)"\s+src="(.+?)"/g
const string = `
<script
crossorigin="anonymous"
src="https://static.npmjs.com/commons.js"
integrity="sha512-example/rhb92Zdom+ix+AYtqZ7C1DlLKEA=="
></script>
`
const keys = ['type', 'crossorigin']
const res = mismatch(re, string, keys)
console.log(JSON.stringify(res, null, 2))
[
{
"crossorigin": "anonymous"
}
]
To additionally add the positions at which the matches was found, the last argument, addPositions
should be set to true.
/* yarn example/ */
import mismatch from 'mismatch'
const re = /(\w+)="(.+?)"/g
const string = `
<script
crossorigin="anonymous"
src="https://static.npmjs.com/commons.js"
integrity="sha512-example/rhb92Zdom+ix+AYtqZ7C1DlLKEA=="
></script>
`
const keys = ['attribute', 'value']
const res = mismatch(re, string, keys, true)
console.log(JSON.stringify(res, null, 2))
[
{
"position": 11,
"attribute": "crossorigin",
"value": "anonymous"
},
{
"position": 37,
"attribute": "src",
"value": "https://static.npmjs.com/commons.js"
},
{
"position": 81,
"attribute": "integrity",
"value": "sha512-example/rhb92Zdom+ix+AYtqZ7C1DlLKEA=="
}
]
© Art Deco 2019 | Tech Nation Visa Sucks |
---|
FAQs
A JavaScript package to return captured groups of a regular expression as an object.
The npm package mismatch receives a total of 104 weekly downloads. As such, mismatch popularity was classified as not popular.
We found that mismatch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.