npmpackage.info

Gathering detailed insights and metrics for @stdlib/string-format

Gathering detailed insights and metrics for @stdlib/string-format

@stdlib/string-format - 0.2.2 | npmpackage.info

@stdlib/string-format

Insert supplied variable values into a format string.

0.2.2

5

Apache-2.0

JavaScript

34.37 kB

Installations

npm install @stdlib/string-format

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Min. Node Version

>=0.10.0

Node Version

16.20.2

NPM Version

8.19.4

Score

99.7

Supply Chain

98.4

Quality

81.4

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

0

Total

0

Closed

0

Issues

Open

0

Total

0

Closed

0

Releases

Unable to fetch releases

Languages

1

JavaScript

JavaScript (100%)

Developer

Download Statistics

Total Downloads

0

Last Day

0

Last Week

0

Last Month

0

Last Year

0

GitHub Statistics

Apache-2.0 License

5 Stars

70 Commits

3 Watchers

6 Branches

14 Contributors

Updated on Jun 30, 2025

Sponsor this package

https://opencollective.com/stdlib

Maintainers

4

View All 14 Contributors

Package Meta Information

Latest Version

0.2.2

Package Id

@stdlib/string-format@0.2.2

Unpacked Size

34.37 kB

Size

9.65 kB

File Count

12

NPM Version

8.19.4

Node Version

16.20.2

Published on

Jul 26, 2024

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

0%

NaN

Compared to previous day

Last Week

0%

NaN

Compared to previous week

Last Month

0%

NaN

Compared to previous month

Last Year

0%

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

2

@stdlib/string-base-format-interpolate @stdlib/string-base-format-tokenize

About stdlib...

We believe in a future in which the web is a preferred environment for numerical computation. To help realize this future, we've built stdlib. stdlib is a standard library, with an emphasis on numerical and scientific computation, written in JavaScript (and C) for execution in browsers and in Node.js.

The library is fully decomposable, being architected in such a way that you can swap out and mix and match APIs and functionality to cater to your exact preferences and use cases.

When you use stdlib, you can be absolutely certain that you are using the most thorough, rigorous, well-written, studied, documented, tested, measured, and high-quality code out there.

To join us in bringing numerical computing to the web, get started by checking us out on GitHub, and please consider financially supporting stdlib. We greatly appreciate your continued support!

format

Insert supplied variable values into a format string.

Installation

1npm install @stdlib/string-format

Usage

1var format = require( '@stdlib/string-format' );

format( str, ...args )

Inserts supplied variable values into a format string.

1var str = 'Hello, %s! My name is %s.';
2var out = format( str, 'world', 'Bob' );
3// returns 'Hello, world! My name is Bob.'

The format string is a string literal containing zero or more conversion specifications, each of which results in a string value being inserted to the output string. A conversion specification consists of a percent sign (%) followed by one or more of the following flags, width, precision, and conversion type characters. It thus takes the following form:

1%[flags][width][.precision]specifier

Arguments following the format string are used to replace the placeholders in the format string. The number of arguments following the format string should be equal to the number of placeholders in the format string.

1var str = '%s %s';
2var out = format( str, 'Hello', 'World' );
3// returns 'Hello World'

To supply arguments in a different order than they appear in the format string, positional placeholders as indicated by a $ character in the format string are used. In this case, the conversion specification takes the form:

1%[pos$][flags][width][.precision]specifier

1var str = '%3$s %2$s %1$s';
2var out = format( str, 'foo', 'bar', 'baz' );
3// returns 'baz bar foo'

The following table summarizes the supported specifiers:

type	description	example
s	string	beep boop
c	character	a
d, i	signed decimal integer	-12
u	unsigned decimal integer	390
b	unsigned binary integer	11011011
o	unsigned octal integer	510
x	unsigned hexadecimal (lowercase)	7b
X	unsigned hexadecimal (uppercase)	7B
f, F	decimal floating point	390.24
e	scientific notation (lowercase)	3.9e+1
E	scientific notation (uppercase)	3.9E+1
g	shortest representation (`e`/`f`)	3.9
G	shortest representation (`E`/`F`)	3.9

1var str = '%i written as a binary number is %b.';
2var out = format( str, 9, 9 );
3// returns '9 written as a binary number is 1001.'
4
5str = '%i written as an octal number is %o.';
6out = format( str, 17, 17 );
7// returns '17 written as an octal number is 21.'
8
9str = '%i written as a hexadecimal number is %x.';
10out = format( str, 255, 255 );
11// returns '255 written as a hexadecimal number is ff.'
12
13str = '%i written as a hexadecimal number is %X (uppercase letters).';
14out = format( str, 255, 255 );
15// returns '255 written as a hexadecimal number is FF (uppercase letters).'
16
17str = '%i written as a floating point number with default precision is %f!';
18out = format( str, 8, 8 );
19// returns '8 written as a floating point number with default precision is 8.000000!'
20
21str = 'Scientific notation: %e';
22out = format( str, 3.14159 );
23// returns 'Scientific notation: 3.141590e+00'
24
25str = 'Scientific notation: %E (uppercase).';
26out = format( str, 3.14159 );
27// returns 'Scientific notation: 3.141590E+00 (uppercase).'
28
29str = '%g (shortest representation)';
30out = format( str, 3.14159 );
31// returns '3.14159'

A conversion specification may contain zero or more flags, which modify the behavior of the conversion. The following flags are supported:

flag	description
-	left-justify the output within the given field width by padding with spaces on the right
0	left-pad the output with zeros instead of spaces when padding is required
#	use an alternative format for `o` and `x` conversions
+	prefix the output with a plus (+) or minus (-) sign even if the value is a positive number
space	prefix the value with a space character if no sign is written

1var str = 'Always prefix with a sign: %+i';
2var out = format( str, 9 );
3// returns 'Always prefix with a sign: +9'
4
5out = format( str, -9 );
6// returns 'Always prefix with a sign: -9'
7
8str = 'Only prefix with a sign if negative: %i';
9out = format( str, 6 );
10// returns 'Only prefix with a sign if negative: 6'
11
12out = format( str, -6 );
13// returns 'Only prefix with a sign if negative: -6'
14
15str = 'Prefix with a sign if negative and a space if positive: % i';
16out = format( str, 3 );
17// returns 'Prefix with a sign if negative and a space if positive:  3'
18
19out = format( str, -3 );
20// returns 'Prefix with a sign if negative and a space if positive: -3'

The width may be specified as a decimal integer representing the minimum number of characters to be written to the output. If the value to be written is shorter than this number, the result is padded with spaces on the left. The value is not truncated even if the result is larger. Alternatively, the width may be specified as an asterisk character (*), in which case the argument preceding the conversion specification is used as the minimum field width.

1var str = '%5s';
2var out = format( str, 'baz' );
3// returns '  baz'
4
5str = '%-5s';
6out = format( str, 'baz' );
7// returns 'baz  '
8
9str = '%05i';
10out = format( str, 2 );
11// returns '00002'
12
13str = '%*i';
14out = format( str, 5, 2 );
15// returns '   2'

The precision may be specified as a decimal integer or as an asterisk character (*), in which case the argument preceding the conversion specification is used as the precision value. The behavior of the precision differs depending on the conversion type:

For s specifiers, the precision specifies the maximum number of characters to be written to the output.
For floating point specifiers (f, F, e, E), the precision specifies the number of digits after the decimal point to be written to the output (by default, this is 6).
For g and G specifiers, the precision specifies the maximum number of significant digits to be written to the output.
For integer specifiers (d, i, u, b, o, x, X), the precision specifies the minimum number of digits to be written to the output. If the value to be written is shorter than this number, the result is padded with zeros on the left. The value is not truncated even if the result is longer. For

Alternatively, the precision may be specified as an asterisk character (*), in which case the argument preceding the conversion specification is used as the minimum number of digits.

1var str = '%5.2s';
2var out = format( str, 'baz' );
3// returns '   ba'
4
5str = 'PI: ~%.2f';
6out = format( str, 3.14159 );
7// returns 'PI: ~3.14'
8
9str = 'Agent %.3i';
10out = format( str, 7 );
11// returns 'Agent 007'

Examples

1var format = require( '@stdlib/string-format' );
2
3var out = format( '%s %s!', 'Hello', 'World' );
4// returns 'Hello World!'
5
6out = format( 'Pi: ~%.2f', 3.141592653589793 );
7// returns 'Pi: ~3.14'
8
9out = format( '%-10s %-10s', 'a', 'b' );
10// returns 'a       b       '
11
12out = format( '%10s %10s', 'a', 'b' );
13// returns '       a       b'
14
15out = format( '%2$s %1$s %3$s', 'b', 'a', 'c' );
16// returns 'a b c'

Notice

This package is part of stdlib, a standard library for JavaScript and Node.js, with an emphasis on numerical and scientific computing. The library provides a collection of robust, high performance libraries for mathematics, statistics, streams, utilities, and more.

For more information on the project, filing bug reports and feature requests, and guidance on how to develop stdlib, see the main project repository.

Community

License

Copyright

Copyright © 2016-2024. The Stdlib Authors.

Empty State

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

License

Determines if the project has defined a license.

9

Security-Policy

Determines if the project has published a security policy.

3

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 3

Details

Warn: third-party GitHubAction not pinned by hash: .github/workflows/productionize.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/stdlib-js/string-format/productionize.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/productionize.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/stdlib-js/string-format/productionize.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/productionize.yml:449: update your workflow using https://app.stepsecurity.io/secureworkflow/stdlib-js/string-format/productionize.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/productionize.yml:457: update your workflow using https://app.stepsecurity.io/secureworkflow/stdlib-js/string-format/productionize.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/productionize.yml:623: update your workflow using https://app.stepsecurity.io/secureworkflow/stdlib-js/string-format/productionize.yml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/benchmark.yml:58
Warn: npmCommand not pinned by hash: .github/workflows/benchmark.yml:58
Warn: npmCommand not pinned by hash: .github/workflows/benchmark.yml:58
Warn: npmCommand not pinned by hash: .github/workflows/examples.yml:58
Warn: npmCommand not pinned by hash: .github/workflows/examples.yml:58
Warn: npmCommand not pinned by hash: .github/workflows/examples.yml:58
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:157
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:157
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:157
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:165
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:269
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:269
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:269
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:436
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:436
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:436
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:617
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:617
Warn: npmCommand not pinned by hash: .github/workflows/productionize.yml:617
Warn: npmCommand not pinned by hash: .github/workflows/test.yml:76
Warn: npmCommand not pinned by hash: .github/workflows/test.yml:76
Warn: npmCommand not pinned by hash: .github/workflows/test.yml:76
Warn: npmCommand not pinned by hash: .github/workflows/test.yml:83
Warn: npmCommand not pinned by hash: .github/workflows/test_bundles.yml:72
Warn: npmCommand not pinned by hash: .github/workflows/test_coverage.yml:67
Warn: npmCommand not pinned by hash: .github/workflows/test_coverage.yml:67
Warn: npmCommand not pinned by hash: .github/workflows/test_coverage.yml:67
Warn: npmCommand not pinned by hash: .github/workflows/test_coverage.yml:74
Warn: npmCommand not pinned by hash: .github/workflows/test_install.yml:75
Warn: npmCommand not pinned by hash: .github/workflows/test_install.yml:75
Warn: npmCommand not pinned by hash: .github/workflows/test_install.yml:75
Warn: npmCommand not pinned by hash: .github/workflows/test_published_package.yml:93
Info: 33 out of 33 GitHub-owned GitHubAction dependencies pinned
Info: 19 out of 24 third-party GitHubAction dependencies pinned
Info: 0 out of 32 npmCommand dependencies pinned

1

Maintained

Determines if the project is "actively maintained".

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

SAST

Determines if the project uses static code analysis.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

Score

4.3

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.