Security News
MCP Community Begins Work on Official MCP Metaregistry
The MCP community is launching an official registry to standardize AI tool discovery and let agents dynamically find and install MCP servers.
By Sarah Gooding - May 09, 2025
🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more →
unbox-primitive
Advanced tools
unbox-primitive 
Unbox a boxed JS primitive value. This module works cross-realm/iframe, does not depend on instanceof or mutable properties, and works despite ES6 Symbol.toStringTag.
Example
var unboxPrimitive = require('unbox-primitive');
var assert = require('assert');
assert.equal(unboxPrimitive(new Boolean(false)), false);
assert.equal(unboxPrimitive(new String('f')), 'f');
assert.equal(unboxPrimitive(new Number(42)), 42);
const s = Symbol();
assert.equal(unboxPrimitive(Object(s)), s);
assert.equal(unboxPrimitive(new BigInt(42)), 42n);
// any primitive, or non-boxed-primitive object, will throw
Tests
Simply clone the repo, npm install, and run npm test
v1.1.0 - 2024-12-15
Commits
- [meta] use
npmignoreto autogenerate an npmignore file348a5ad - [New] add types
a324230 - [Tests] use
es-value-fixturesa321ae5 - [actions] split out node 10-20, and 20+
04a0e0d - [Dev Deps] update
@ljharb/eslint-config,auto-changelog,npmignore,object-inspect,object-is,tape7fff971 - [actions] update rebase action
91d6807 - [Deps] update
call-bind,has-symbols,which-boxed-primitivef8b6597 - [Dev Deps] update
aud,object-inspect,tapeb3362a1 - [Refactor] use
call-bounddirectlye29ff5f - [meta] add missing
engines.noded3420bc - [Tests] replace
audwithnpm audit5e6a6d0 - [Deps] update
which-boxed-primitive0ff873d - [Dev Deps] update
auddd0e373 - [Dev Deps] add missing peer dep
4f79b24
FAQs
Unbox a boxed JS primitive value.
The npm package unbox-primitive receives a total of 28,741,778 weekly downloads. As such, unbox-primitive popularity was classified as popular.
We found that unbox-primitive demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Package last updated on 16 Dec 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
Malicious npm Packages Use Telegram to Exfiltrate BullX Credentials
Socket uncovers an npm Trojan stealing crypto wallets and BullX credentials via obfuscated code and Telegram exfiltration.
By Kush Pandya - May 08, 2025
Research
Security News
Backdooring the IDE: Malicious npm Packages Hijack Cursor Editor on macOS
Malicious npm packages posing as developer tools target macOS Cursor IDE users, stealing credentials and modifying files to gain persistent backdoor access.
By Kirill Boychenko - May 07, 2025