Security News
The Risks of Misguided Research in Supply Chain Security
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
object.hasown
Advanced tools
The object.hasown npm package is a polyfill for the `Object.hasOwn` method, which is a standardized way of checking if an object has a property as its own (not inherited from its prototype chain). This package provides a reliable way to perform this check across different JavaScript environments, including those that do not support the `Object.hasOwn` method natively.
Checking for own property
This feature allows you to check if an object has a specific property as its own. The code sample demonstrates checking for the existence of properties 'a' and 'b' on an object.
const hasOwn = require('object.hasown');
const object = { a: 1 };
const hasA = hasOwn(object, 'a'); // true
const hasB = hasOwn(object, 'b'); // false
The 'has' package is a similar function that checks for the existence of a property in an object. It is similar to object.hasown but does not specifically check for own properties, meaning it could return true for inherited properties as well.
Lodash's 'has' function is part of the larger lodash utility library. It checks if `path` is a direct property of `object`. While similar, lodash's implementation allows checking deep paths, not just top-level properties, which is not a feature of object.hasown.
An ES spec-compliant Object.hasOwn
shim. Invoke its "shim" method to shim Object.hasOwn
if it is unavailable or noncompliant.
This package implements the es-shim API interface. It works in an ES3-supported environment and complies with the spec.
Most common usage:
var assert = require('assert');
var hasOwn = require('object.hasown');
var obj = { a: 1, b: 2 };
assert(hasOwn(obj, 'a'));
assert(hasOwn(obj, 'b'));
assert('toString' in obj && !hasOwn(obj, 'toString'));
if (!Object.hasOwn) {
hasOwn.shim();
}
assert.deepEqual(Object.hasOwn(obj, 'a'), hasOwn(obj, 'a'));
Simply clone the repo, npm install
, and run npm test
v1.1.4 - 2024-03-22
28440a5
579b54d
es-abstract
f7f9aa1
call-bind
, npmignore
, tape
8a2f213
es-object-atoms
instead of es-abstract
f0efe3b
call-bind
, tape
683b500
define-properties
, es-abstract
f74ecf2
engines.node
7ca6eeb
es-abstract
d5aa232
aud
26fa7f9
FAQs
ES spec-compliant shim for Object.hasOwn
The npm package object.hasown receives a total of 4,394,869 weekly downloads. As such, object.hasown popularity was classified as popular.
We found that object.hasown demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.
Research
Security News
Socket researchers found several malicious npm packages typosquatting Chalk and Chokidar, targeting Node.js developers with kill switches and data theft.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.