Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
stringformat
Advanced tools
This module provides a simple function that can be used to format strings, using replacements such as {0}, {foo}, etc.
window.stringformat
(call window.stringformat.extendString()
to install the String.format()
method).Hello {firstname} {lastname}
in English, こんにちは、{lastname}{firstname}さん
in Japanese.String.prototype
extension (using extendString()
)npm install stringformat
Returns a new string formatted according to format string.
var stringformat = require('stringformat')
console.log(stringformat("Hello, {0}!", "World"))
…would output Hello, World!
to the console.
Installs the module as String.prototype.methodName
.
If omitted, methodName defaults to format.
var stringformat = require('stringformat')
stringformat.extendString('coolFormat')
console.log("Hello, {0}!".coolFormat("World"))
…would output Hello, World!
to the console.
All the examples shown below assume stringformat.extendString()
has been called.
The most simple replacements look like {0}
, {1}
and so on.
The number is the index of the parameter.
"Hello, {1}! I feel {0} today!".format("great", "World")
'Hello, World! I feel great today!'
You can also use functions:
"Hello, {1}! I feel {0} today!".format("great", function() { return "World" })
'Hello, World! I feel great today!'
var x = 0
"{0} {0} {0}…".format(function() { return ++x })
'1 2 3…'
If a replacement cannot be resolved, the method does nothing:
"Hello, {1}! I feel {0} today!".format("great")
'Hello, {1}! I feel great today!'
If you want to pad the result, for instance to print a list of values, you can do it like this:
"User name: [{0:20}]".format("Bob Harris")
'User name: [ Bob Harris]'
…this gives you a replaced content that is at least 20 characters wide. Positive integers mean the value will get right-aligned. To align it to the left, use a negative value:
"User name: [{0:-20}]".format("Bob Harris")
'User name: [Bob Harris ]'
If you want to output a JSON version of the value, you can use it with the j modifier. Compare the output above with the one below:
"User name: {0:j}".format("Bob Harris")
'User name: "Bob Harris"'
Of course you can use objects slightly more complex than a string:
"User name: {0:j}".format({foo:{bar:1}})
'User name: {"foo":{"bar":1}}'
…or even a function:
"User name: {0:j}".format(function() { return {foo:{bar:1}} })
'User name: {"foo":{"bar":1}}'
If you want to output integer values only, use the i modifier.
Floating values will get rounded, and values that are not numbers will output NaN
.
"value = {0:i}".format(12.5)
'value = 13'
"[value:{0:4i}]".format(12.5)
'[value: 13]'
"[value:{0:4i}]".format("foo")
'[value: NaN]'
"[value:{0:4i}]".format()
'[value: NaN]'
"[value:{0:4i}]".format(function() { var undef; return undef })
'[value: NaN]'
As an exception to the rule mentioned above,
If a replacement cannot be resolved, the method does nothing
…if the integer modifier is specified, unresolved replacements will result in a NaN
being outputted.
You can also use names instead of indexes.
"[{foo:-4i}]".format({foo:1})
'[1 ]'
"[{foo.bar:-4i}]".format({foo:{bar:1}})
'[1 ]'
"The string {0:j} is {length}-character long".format("Hello, World!")
'The string "Hello, World!" is 13-character long'
var Foo = function() {
this.foo = 1
}
"[{foo:-4i}]".format(new Foo)
'[1 ]'
var Foo = function() {
this.foo = 1
}
Foo.prototype.bar = function() { return this.foo + 1 }
"[{bar:-4i}]".format(new Foo)
'[2 ]'
If you specify a property as foo.bar.baz
and baz
is a function,
this
will be equal to foo.bar
when it gets called.
And if either foo
or bar
were functions, too, they will be evaluated in turn!
"[{foo.bar.baz:4i}]".format({
foo: function() {
return {
bar: {
value: 1,
baz: function() {
return this.value
}
}
}
}
})
'[ 1]'
Each replacement can be prefixed with an object index followed by a pipe symbol.
"[{0|foo.bar:4}] [{1|foo.bar:4}]".format({foo:{bar:4}}, {foo:{bar:8}})
'[ 4] [ 8]'
Replacement specifiers can be escaped by doubling the opening and closing braces:
"{{0}} is [{0}]".format(1)
'{0} is [1]'
Clone this repository somewhere, then do:
$ npm install
$ npm test
(The MIT License)
Copyright (c) 2012 Julien Cayzac julien.cayzac@gmail.com
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
FAQs
Simple format method for String
The npm package stringformat receives a total of 1,754 weekly downloads. As such, stringformat popularity was classified as popular.
We found that stringformat demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.