
Security News
Suno Breached via Shai-Hulud Worm, Leaked Code Exposes AI Music Scraping
A Shai-Hulud infection exposed Suno's source code, which shows the AI music startup stream-ripped tracks to train its models.
一个我自己常用的工具函数库。
可以用 NPM 或者 Yarn 安装:
npm i noshjs
或者直接将 nosh.js 下载到你的项目中,通过 script 标签引用,此时会注册一个全局变量 window.nosh。
类似于 lodash.cloneDeep,但没有对特殊类型(例如 Set、Map、Buffer 等)做处理,所以性能比 lodash.cloneDeep 高,见 https://github.com/lodash/lodash/issues/1984
类似于 lodash.merge,但没有对特殊类型做处理。
类似于 lodash.get,但是在读取到 null 时也会返回 defaultValue。例如:
lodash.get({ a: null }, 'a', 'default value') // null
nosh.get({ a: null }, 'a', 'default value') // 'default value'
这个方法性能比 lodash.get 低,如果介意的话,可以基于 lodash.get 封装:
function noshGet(object, path, defaultValue) {
let result = lodash.get(object, path, defaultValue)
if (result === null) result = defaultValue
return result
}
判断 value 是否满足 typeof value === 'number' && !isNaN(value)。
将一个数字转换成 KMBT 表现形式的字符串。如果 value 不能转换成数字,则返回 null。第二个参数可以设置保留多少位小数,默认保留两位。
nosh.kmbt('not a number') // null
nosh.kmbt(988) // '988'
nosh.kmbt(9888) // '9.89K'
nosh.kmbt(9888777) // '9.89M'
nosh.kmbt(98887776666) // '98.89B'
nosh.kmbt(9888777666555) // '9.89T'
nosh.kmbt(9888777666555444) // '9.89P'
nosh.kmbt(9888777666555444333) // '9.89E')
将一个对象转换成查询字符串。第二个参数用于指定查询字符串的前缀。
nosh.obj2qs({ a: 1, b: 2 }, '?') // '?a=1&b=2'
将一个数字转换成百分比表现形式的字符串。如果 value 不能转换成数字,则返回 null。第二个参数可以设置保留多少位小数,默认保留两位。
nosh.percentage('not a number') // null
nosh.percentage('1') // '100%'
nosh.percentage(-0.1) // '-10%'
从数组中删除指定的元素,这个方法只删除第一个匹配的元素。
nosh.remove([1, 2, 3, 1], 1) // [2, 3, 1]
将一个数字转换成百分比表现形式的字符串。如果 value 不能转换成数字,则返回 null。
nosh.thousands('not a number') // null
nosh.thousands(1000) // '1,000'
MIT
FAQs
The npm package noshjs receives a total of 17 weekly downloads. As such, noshjs popularity was classified as not popular.
We found that noshjs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
A Shai-Hulud infection exposed Suno's source code, which shows the AI music startup stream-ripped tracks to train its models.

Security News
Vercel is formalizing a monthly release program for Next.js. The change follows React2Shell and a sharp rise in AI-assisted vulnerability discovery.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.