Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
underscore
Advanced tools
The underscore npm package is a utility-belt library for JavaScript that provides a lot of the functional programming support that you would expect in Prototype.js (or Ruby), but without extending any of the built-in JavaScript objects. It includes a wide range of functions for collections, arrays, functions, objects, and more.
Collections
Iterates over a list of elements, yielding each in turn to an iteratee function.
_.each([1, 2, 3], function(num) { console.log(num); });
Arrays
Produces a duplicate-free version of the array.
_.uniq([1, 2, 1, 4, 1, 3]);
Functions
Curries a function so that it can be called with fewer arguments than it expects.
var greet = function(name) { return 'hi: ' + name; }; var greetCurried = _.curry(greet); greetCurried('Bob');
Objects
Copy all of the properties in the source objects over to the destination object.
_.extend({name: 'moe'}, {age: 50});
Utilities
Returns a random integer between the given min and max, inclusive.
_.random(0, 100);
Lodash is a modern JavaScript utility library delivering modularity, performance, & extras. It is often considered as a drop-in replacement for Underscore with additional features and improved performance.
Ramda is a practical functional library for JavaScript programmers. It emphasizes a purer functional style, immutability, and function composition, making it quite different from Underscore in terms of API design and usage patterns.
Lazy.js is a functional utility library similar to Underscore and Lodash, but with a focus on lazy evaluation, which can lead to significant performance improvements for certain types of operations on large datasets.
__
/\ \ __
__ __ ___ \_\ \ __ _ __ ____ ___ ___ _ __ __ /\_\ ____
/\ \/\ \ /' _ `\ /'_ \ /'__`\/\ __\/ ,__\ / ___\ / __`\/\ __\/'__`\ \/\ \ /',__\
\ \ \_\ \/\ \/\ \/\ \ \ \/\ __/\ \ \//\__, `\/\ \__//\ \ \ \ \ \//\ __/ __ \ \ \/\__, `\
\ \____/\ \_\ \_\ \___,_\ \____\\ \_\\/\____/\ \____\ \____/\ \_\\ \____\/\_\ _\ \ \/\____/
\/___/ \/_/\/_/\/__,_ /\/____/ \/_/ \/___/ \/____/\/___/ \/_/ \/____/\/_//\ \_\ \/___/
\ \____/
\/___/
Underscore.js is a utility-belt library for JavaScript that provides support for the usual functional suspects (each, map, reduce, filter...) without extending any core JavaScript objects.
For Docs, License, Tests, and pre-packed downloads, see: http://documentcloud.github.com/underscore/
Many thanks to our contributors: https://github.com/documentcloud/underscore/contributors
FAQs
JavaScript's functional programming helper library.
The npm package underscore receives a total of 10,909,605 weekly downloads. As such, underscore popularity was classified as popular.
We found that underscore demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.