Product
Rust Support in Socket Is Now Generally Available
Socket’s Rust and Cargo support is now generally available, providing dependency analysis and supply chain visibility for Rust projects.
By Trevor Norris - Jan 19, 2026
private-fields
Advanced tools
private-fields 
What private fields, methods, or accessors does this class have?
:warning: :rotating_light: :warning: DISCLAIMER This capability - observing the existence, name, and in many cases, contents of class private fields/methods/accessors - is not supposed to exist. The inability to in any way interact with private fields is a critical part of their design in the JavaScript language, and is the only thing that makes them truly "private".
This is possible because node, in v12.5+ as of this writing, directly exposes the v8 engine's internal debugger protocol via the core inspector module. This should not be exposed to runtime code - it's meant for Chrome's devtools to be able to use, for debugging only. It will not work in any other environment.
Please do not use this for any non-debugging purpose. Private fields, methods, and accessors, just like closed-over variables, variable names, or function argument names, are an internal implementation detail, and they can and likely will be changed in a non-semver-major update, because by definition they are not breaking changes - since they're not observable. Consider yourself warned.
Note: this package will work down to node v8.3, but private fields support was added in node v12.0, and private methods/accessors were added in node v14.6.
Getting started
npm install --save private-fields
Usage/Examples
import getPrivateFields from 'private-fields';
import assert from 'assert';
const objectValue = { a: 1 };
const symbolValue = Symbol.iterator;
class C {
#x;
#y = 3;
#foo() {}
get #z() {}
set #z(v) {}
#object = objectValue;
#symbol = symbolValue;
}
const fields = await getPrivateFields(new C());
assert.deepEqual(fields, [
{
name: '#foo',
type: 'function',
description: '#foo() {}', // functions are not provided, but their toString is
},
{
name: '#z',
get: { type: 'function', description: 'get #z() {}' },
set: { type: 'function', description: 'set #z(v) {}' },
},
{
name: '#x',
value: undefined,
},
{
name: '#y',
value: 3,
},
{
name: '#object',
clonedValue: { a: 1 },
},
{
name: '#symbol',
clonedValue: Symbol(Symbol.iterator),
},
]);
const [, , , , object, symbol] = fields;
assert.notEqual(object, objectValue); // the original object is not provided
assert.deepEqual(object, objectValue); // but its properties are cloned
assert.notEqual(symbol.clonedValue, Symbol.iterator); // symbols are not provided
assert.equal(symbol.description, Symbol.iterator.description); // but a symbol with the same description is
Tests
Simply clone the repo, npm install, and run npm test
FAQs
What private fields does this object have?
The npm package private-fields receives a total of 3 weekly downloads. As such, private-fields popularity was classified as not popular.
We found that private-fields demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 16 Feb 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Temporal API Ships in Chrome 144, Marking a Major Shift for JavaScript Date Handling
Chrome 144 introduces the Temporal API, a modern approach to date and time handling designed to fix long-standing issues with JavaScript’s Date object.
By Sarah Gooding - Jan 16, 2026
Research
5 Malicious Chrome Extensions Enable Session Hijacking in Enterprise HR and ERP Systems
Five coordinated Chrome extensions enable session hijacking and block security controls across enterprise HR and ERP platforms.
By Kush Pandya - Jan 15, 2026