Security News
How Threat Actors are Abusing GitHub’s File Upload Feature to Host Malware
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
object.pick
Advanced tools
Package description
The object.pick npm package is a utility that allows users to create a new object by picking specific properties from an existing object. This can be particularly useful for filtering out unwanted properties from objects or creating new objects that only contain relevant data.
Picking properties from an object
This feature allows you to select which properties to include in a new object from the original object. It is useful for extracting necessary data and leaving out the rest.
{"const pick = require('object.pick');\nconst object = { a: 1, b: '2', c: 3 };\nconst picked = pick(object, ['a', 'c']);\nconsole.log(picked); // Output: { a: 1, c: 3 }"}
lodash.pick is part of the Lodash library, which provides a similar functionality to object.pick. It allows picking properties from objects. Lodash is a more comprehensive utility library that includes a wide range of functions for manipulating objects, arrays, strings, etc., making it heavier compared to the more focused object.pick.
pick-deep allows for picking properties from objects but also supports deep paths, which means it can access nested properties. This is more advanced compared to object.pick, which works only on the first level of the object.
Readme
Returns a filtered copy of an object with only the specified keys, like
pick
from lo-dash / underscore.
npm i object.pick --save
This is the fastest implementation I tested. Pull requests welcome!
var pick = require('object.pick');
pick({a: 'a', b: 'b'}, 'a')
//=> {a: 'a'}
pick({a: 'a', b: 'b', c: 'c'}, ['a', 'b'])
//=> {a: 'a', b: 'b'}
npm test
Jon Schlinkert
Copyright (c) 2014 Jon Schlinkert
Released under the MIT license
This file was generated by verb on December 20, 2014.
FAQs
Returns a filtered copy of an object with only the specified keys, similar to `_.pick` from lodash / underscore.
The npm package object.pick receives a total of 10,493,438 weekly downloads. As such, object.pick popularity was classified as popular.
We found that object.pick demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub is susceptible to a CDN flaw that allows attackers to host malware on any public repository.
Security News
At Node Congress, Socket CEO Feross Aboukhadijeh uncovers the darker aspects of open source, where applications that rely heavily on third-party dependencies can be exploited in supply chain attacks.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.