Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
The pathval npm package is a utility for working with object paths. It allows you to get and set values on an object using a string path, which is useful for accessing deeply nested properties.
Get value from object
This feature allows you to retrieve a value from a nested object using a string path.
{"const pathval = require('pathval');
const obj = { a: { b: { c: 'd' } } };
const value = pathval.get(obj, 'a.b.c');
console.log(value); // Output: 'd'"}
Set value on object
This feature allows you to set a value on a nested object using a string path, creating any necessary sub-objects along the path.
{"const pathval = require('pathval');
const obj = {};
pathval.set(obj, 'a.b.c', 'd');
console.log(obj); // Output: { a: { b: { c: 'd' } } }"}
lodash.get is a method from the Lodash library that retrieves the value at a given path of an object. It is similar to pathval's get functionality but is part of a larger utility library.
dot-prop is a package that allows you to get, set, or delete properties from a nested object using a dot path. It is similar to pathval but also includes delete functionality.
object-path is a package that provides a full set of methods to manage paths on objects, including get, set, push, ensure, and more. It offers a broader feature set compared to pathval.
Tool for Object value retrieval given a string path for node and the browser.
Pathval is a module which you can use to retrieve or set an Object's property for a given String
path.
pathval
is available on npm. To install it, type:
$ npm install pathval
You can also use it within the browser; install via npm and use the pathval.js
file found within the download. For example:
<script src="./node_modules/pathval/pathval.js"></script>
The primary export of pathval
is an object which has the following methods:
hasProperty(object, name)
- Checks whether an object
has name
d property or numeric array index.getPathInfo(object, path)
- Returns an object with info indicating the value of the parent
of that path, the name
of the property we're retrieving and its value
.getPathValue(object, path)
- Retrieves the value of a property at a given path
inside an object
'.setPathValue(object, path, value)
- Sets the value
of a property at a given path
inside an object
and returns the object in which the property has been set.var pathval = require('pathval');
var pathval = require('pathval');
var obj = { prop: 'a value' };
pathval.hasProperty(obj, 'prop'); // true
var pathval = require('pathval');
var obj = { earth: { country: 'Brazil' } };
pathval.getPathInfo(obj, 'earth.country'); // { parent: { country: 'Brazil' }, name: 'country', value: 'Brazil', exists: true }
var pathval = require('pathval');
var obj = { earth: { country: 'Brazil' } };
pathval.getPathValue(obj, 'earth.country'); // 'Brazil'
var pathval = require('pathval');
var obj = { earth: { country: 'Brazil' } };
pathval.setPathValue(obj, 'earth.country', 'USA');
obj.earth.country; // 'USA'
FAQs
Object value retrieval given a string path
We found that pathval demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.