Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
This Node module is meant to provide a unified place to ask and assert about all the built-in JavaScript and core Node types.
"Typ" is German for "type". Also, as of this writing, both "type" and "types" were taken in the npm module registry. The name was picked to be both memorable and short, the latter in order to encourage it to be used liberally.
npm install typ
Or grab the source. As of this writing, this module has no dependencies, so once you have the source, there's nothing more to do to "build" it.
npm test
Or
node ./test/test.js
This module provides some convenient constants. With regards to the string constants, the author finds it handy to use them instead of quoted strings, since that makes typos cause more blatant errors.
This is what's returned by typeof
when given a boolean value.
This is what's returned by typeof
when given a function value.
This is what's returned by typeof
when given a numeric value.
This is what's returned by typeof
when given an object value.
This is what's returned by typeof
when given a string value.
This is what's returned by typeof
when given undefined
.
This is the object prototype of array instances.
This is the object prototype of function instances.
This is the default object prototype.
This module defines both predicates and assertions for a set of types
that covers the standard core JavaScript and Node types. For any given
type name
, the predicate is called isName()
and the assertion is
called assertName()
. A predicate simply returns a boolean indicating
whether or not its value argument is of the appropriate type, and an
assertion does nothing other than throw a descriptive message if its
value argument is not of the expected type.
The following run-down indicates the meaning of the various types, as
far as this module is concerned. If being a particular type implies
also being some other type(s), then that fact is indicated by an
"implies" line. (Note: Since all values but undefined
are considered
defined
, that fact isn't listed.)
Implies: object
Arrays are what you get when you use the [...]
array literal syntax
or the new Array(...)
constructor.
The only two booleans are true
and false
. Notably, Boolean
objects
are not considered to be booleans here.
Implies: object
Buffers are Node's standard ordered-list-of-bytes type, created
with the new Buffer(...)
constructor and used all over the place
in Node.
Implies: object
Dates represent moments in time. They can be created with the
new Date(...)
constructor.
All values other than undefined
are defined
.
Implies: object
Errors are the standard exception values in JavaScript. They can
be created by using the new Error(...)
constructor as well
as sub-class constructors.
Implies: object
Functions are the things in JavaScript that do work. They can
be created by using the function...
definition and literal
syntax, as well as with the new Function(...)
constructor.
Implies: number
An int is an integer value, which is to say a number with no fractional part. As far as this module is concerned, there is no range limit on the ints (that is, an int doesn't have to fit in 32 bits, for example).
Notably, neither positive nor negative Infinity
qualifies as an int.
In addition, as a strange edge case, "negative zero" is also not
considered to be an int. (You can produce a "negative zero" value
in JavaScript with the expression -1e-1000
. You can differentiate
it from plain old regular zero by dividing 1
by it and observing
that the result is -Infinity
.)
Implies: object
A map is any object that behaves like a simple map-type collection. In particular, a map's prototype must be the default object prototype, and none of a map's bindings may be dynamic properties. That is, getter and setter functions disqualify an object from being considered a map.
The only value that is null is null
per se.
The only two values that are considered to be "nullish" are null
and undefined
.
A number is, well, a numeric value. Numbers are what result from
using number literals (like 123
) and are returned, for example,
from the methods on the built-in Math
object.
The values Infinity
and -Infinity
are considered to be numbers.
The special value NaN
is alson considered to be a number, despite
the direct expansion of its name to "Not a Number".
Notably, Number
objects are not considered numbers here.
An object is an arbitrary mapping of string keys to values. They can be created in any number of ways (and if you need more description than that, you should find a good intro book on JavaScript).
Implies: object
A regexp is an object that represents a "regular expression". They
can be created by using the /.../
literal syntax or the new RegExp(...)
constructor.
A string is an ordered sequence of characters. They can be created
by using the '...'
literal syntax and are produced by many standard
JavaScript functions.
Notably, String
objects are not considered strings here.
Implies: int, number
A uint is an unsigned integer, also known as a whole number. That is,
it's anything that's an int which is also non-negative. 0
is notably
a uint.
The only value that is undefined is undefined
.
Notably, null
is defined, not undefined.
Returns true
if and only if the given object's prototype is the
default one. That is, this is just a convenient way to say:
Object.getPrototypeOf(obj) === OBJECT_PROTOTYPE
This is a safe version of the per-object hasOwnProperty()
method.
You should use this any time you can't be 100% sure that the object
you're checking won't possibly have a binding for "hasOwnProperty"
.
Questions, comments, bug reports, and pull requests are all welcome. Submit them at the project on GitHub.
Bug reports that include steps-to-reproduce (including code) are the best. Even better, make them in the form of pull requests that update the test suite. Thanks!
Dan Bornstein (personal website), supported by The Obvious Corporation.
Thanks to Jeremy Stanley and Dan Pupius for suggestions.
Copyright 2012 The Obvious Corporation.
Licensed under the Apache License, Version 2.0.
See the top-level file LICENSE.txt
and
(http://www.apache.org/licenses/LICENSE-2.0).
FAQs
Type predicates and assertions for Node
The npm package typ receives a total of 1,206 weekly downloads. As such, typ popularity was classified as popular.
We found that typ demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.