Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
A utility belt that normalizes and wraps Ramda and Lodash/FP. In addition, some other "adjunct" methods are included that solve common patterns. The order of precedence is: Does it exist in Ramda
? Does it exist in Lodash/FP
? Then it must be custom (in src/omnibelt
). That means that you can deconstruct methods from any of those three from the omnibelt
exported object.
const {
merge, converge, toString, // Ramda
isNull, throttle, camelCase, // Lodash
isPopulatedString, // Omnibelt
} = require('omnibelt');
... I've only grouped them for demonstration purposes, please don't do that in your code.
yarn run test
Deconstruction
const { isPopulatedString, toLower } = require('omnibelt');
const foo = 'foo';
if (!isPopulatedString(foo)) {
throw new Error('DANGER');
} else {
return toLower(foo);
}
Namespaced - Use O
by convention
const O = require('omnibelt');
const foo = 'foo';
if (!O.isPopulatedString(foo)) {
throw new Error('DANGER');
} else {
return O.toLower(foo);
}
method :: Type -> Type
stuff? It's Hindley-Milner Notation.omnibelt
methods are collocated with the method's definition. When contributing a new function, please provide docs (and tests).JSDoc definitions at the top of each of the omnibelt
module functions should be kept up to date and are meant to describe the usage of each function in detail. From these doc comments, a documentation site is generated using the Docdash template.
You can open the docs locally by running the following npm
script on a mac. In general (and for non-mac machines), you can simply opening docs/index.html
in a browser.
yarn run docs
You can also see documentation for the latest tag on the GitHub pages for this project.
https://losant.github.io/omnibelt/
Docs should be generated when a new version is tagged and pushed. Ramda
and Lodash
docs are autogenerated as part of a pre
build step and you shouldn't have to interface with manually updating which methods are being pulled in. Docs are committed to docs
and are served as a GitHub page whenever master
is updated.
yarn run docs:build
git add -A
git commit -m "Regenerated docs"
git co develop
git fetch
git pull
# Update `package.json` version
# Update `README` changelog, naming the latest version
yarn run docs:build
git add -A
git commit -m "version bump and doc regeneration"
git push
git checkout master
git merge develop
git release vX.X.X
Below should serve as an "upgrade guide" jumping off point as you are migrating projects to newer versions of this package. Ideally, interface changes will be called out specifically and one should not have to go sifting through git diffs to discern what changed.
3.1.0
18.16.0
0.29.0
(note in this version of ramda they release a function called isNotNil
, omnibelt has a isNotNil
function already so that ramda function is not included in this library)3.0.0
16.17.1
0.28.0
(note in this version of ramda they release a function called count
, omnibelt has a count
function already so that ramda function is not included in this library)1.5.0
29.3.1
10.1.0
8.0.2
29.3.1
4.0.0
13.0.3
2.1.0
mapP
waits for all promises to complete and then throw the first error if foundmapParallelLimitP
does not continue to run promises once a promise has erroredresolveProps
waits for all promises to complete and then throws the first error if found2.0.2
14.16.1
4.17.21
1.4.3
4.7.7
6.0.0
26.6.3
11.0.0
2.0.1
mapSerialP
14.15.0
26.6.2
26.6.2
10.5.1
2.0.0
ramda
bumped to 0.27.1
lodash
bumped to 4.17.20
@rjhilgefort/export-dir
bumped to 2.0.0
1.3.3
ramda
bumped to 0.27.0
@rjhilgefort/export-dir
bumped to 1.1.3
1.3.2
lodash
bumped to 4.17.15
string-format
bumped to 2.0.0
timeoutP
1.3.1
isPlainObject
1.3.0
lodash
bumped to 4.17.11
evolveArray
, Ramda evolve now supports arrays with evolve
stringify-object
bumped to 3.3.0
allSettledP
forEachSerialP
mapParallelLimitP
evolveArray
evolve
now supports arrays1.2.0
git remote set-url origin git@github.com:Losant/omnibelt.git
lodash
bumped to 4.17.10
string-format
bumped to 1.0.0
mapIndexed
1.1.9
mapP
timeout
-> timeoutP
1.1.8
1.1.7
ensureEndsWith
1.1.6
testHarness
and the like, no longer assume that expect
is available in your environment through jest
. Instead, you must pass expect
in as a dependency. See this issue for more info.1.3.2
equalsAny
containsAll
1.1.5
testHarness
testCases
evolveArray
.1.1.4
0.25.0
. Upgrade guide here.tap
has been omitted from Ramda and implemented in this project to work around new version.toInteger
(Lodash)testHarness
: Now is not exported as part of this library and is only used internallytest*
methods have been moved to test/
and are only for internal use.testHarness
has been updated with a new interface. testHarnessUnary
is still around for backwards compatibility.testCases
now exists to eliminate a common pattern when using testHarness
.1.1.3
ramda
/lodash
.forEach
: Note that forEachObjIndexed
still comes from ramda (behaves as expected)indexBy
from Ramda has been omitted in favor of keyBy
parseInt
from Lodash has been omitted because it conflicts poorly with nativedotPath
dotPathOr
eqDotPaths
eqDotPathsShallow
equalsShallow
toPlainObject
(Lodash)toNumber
(Lodash)mapFilter
filterMap
mapRejectNil
rejectNilMap
defer
noopAsync
resolveProps
timeout
1.1.2
keyByWith
1.1.1
sleep
round
within
1.1.0
clampPositive
count
intersectAny
upperCamelCase
flattenShallow
R.unnest
(though flattenShallow
is a bit more semantic).1.0.12
ramda
back down to 0.24.1
.1.0.11
git remote set-url origin git@github.com:Losant/omnibelt.git
nonePass
eqPaths
ensureStartsWith
throttleLeading
throttleTrailing
flip
now comes from lodash/fp
throttle
is now "custom" and accepts 3 arguments (still curried)debounce
is now "custom" and accepts 3 arguments (still curried)1.0.10
containsAny
isNotNil
toString
toLower
toUpper
trim
split
1.0.9
jsonParseSafe
thunkify
tryCatchSafe
1.0.8
fpThrow
now accepts an Error
object and will rethrow when passed.1.0.7
allEqual
argsToObj
containsAll
defaultToStrict
ensureArray
equalsAny
evolveArray
flattenShallow
fpThrow
isNilOrEmpty
isNotEmpty
isNot
list
mergeSpec
propOrStrict
stringify
updateKeys
updateKeysWith
updateKeyPaths
1.0.6
format
isPopulatedString
mergeWithArrays
replaceAll
stringToBoolean
trace
README.md
documentation can be found at the rood of the repo.FAQs
A utility belt that normalizes and wraps `Ramda` and `Lodash/FP`.
The npm package omnibelt receives a total of 233 weekly downloads. As such, omnibelt popularity was classified as not popular.
We found that omnibelt demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.