Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
shallowequal
Advanced tools
The shallowequal npm package is a simple utility for performing shallow equality checks on objects or values. It is primarily used to compare the values of two objects to determine if they are equivalent in terms of their direct properties, without deeply traversing any nested objects. This can be particularly useful in optimizations where a deep equality check is unnecessary or too costly in terms of performance.
Shallow Equality Check for Objects
This feature allows you to compare two objects to see if they have the same top-level properties with the same values, without checking for deep equality.
const shallowequal = require('shallowequal');
const obj1 = { a: 1, b: 2 };
const obj2 = { a: 1, b: 2 };
const areEqual = shallowequal(obj1, obj2); // true
Shallow Equality Check with Custom Comparer
This feature allows you to perform a shallow equality check between two objects, but with a custom comparison function for the values, enabling more flexible comparisons.
const shallowequal = require('shallowequal');
const obj1 = { a: 1, b: '2' };
const obj2 = { a: 1, b: 2 };
const areEqual = shallowequal(obj1, obj2, (val1, val2) => String(val1) === String(val2)); // true
Lodash's isEqual method provides deep equality comparison, unlike shallowequal which only performs shallow comparisons. This makes lodash.isequal more suitable for scenarios where nested object properties need to be compared.
fast-deep-equal is another npm package that offers deep equality checks, similar to lodash.isequal but optimized for speed. It contrasts with shallowequal by providing deep comparison capabilities, which can be more comprehensive but potentially slower for simple use cases.
react-fast-compare is designed specifically for comparing React props and state objects efficiently. It performs deep equality checks and is optimized for React's use cases, making it different from shallowequal which only offers shallow comparison.
shallowequal
is like lodash'sisEqualWith
but for shallow (strict) equal.
shallowequal(value, other, [customizer], [thisArg])
Performs a shallow equality comparison between two values (i.e. value
and other
) to determine if they are equivalent.
The equality is performed by iterating through keys on the given value
, and returning false
whenever any key has values which are not strictly equal between value
and other
. Otherwise, return true
whenever the values of all keys are strictly equal.
If customizer
(expected to be a function) is provided it is invoked to compare values. If customizer
returns undefined
(i.e. void 0
), then comparisons are handled by the shallowequal
function instead.
The customizer
is bound to thisArg
and invoked with three arguments: (value, other, key)
.
NOTE: Docs are (shamelessly) adapted from lodash's v3.x docs
$ yarn add shallowequal
# npm v5+
$ npm install shallowequal
# before npm v5
$ npm install --save shallowequal
const shallowequal = require('shallowequal');
const object = { 'user': 'fred' };
const other = { 'user': 'fred' };
object == other;
// → false
shallowequal(object, other);
// → true
Code for shallowEqual
originated from https://github.com/gaearon/react-pure-render/ and has since been refactored to have the exact same API as lodash.isEqualWith
(as of v4.17.4
).
node.js
and npm
. See: https://github.com/creationix/nvm#installationyarn
. See: https://yarnpkg.com/en/docs/installnpm
dependencies. Run: yarn install
yarn lint
yarn test
yarn pretty
yarn prepublish
MIT.
FAQs
Like lodash isEqualWith but for shallow equal.
The npm package shallowequal receives a total of 4,910,858 weekly downloads. As such, shallowequal popularity was classified as popular.
We found that shallowequal demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.