Installations
npm install collection.jsDeveloper
kobezzza
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
16.13.0
NPM Version
8.5.1
Statistics
9 Stars
693 Commits
2 Forks
5 Watching
2 Branches
6 Contributors
Updated on 10 Mar 2023
Bundle Size
50.98 kB
Minified
14.29 kB
Minified + Gzipped
Languages
JavaScript (99.76%)
HTML (0.24%)
Total Downloads
Cumulative downloads
Total Downloads
208,608
Last day
-98.4%
9
Compared to previous day
Last week
59.7%
2,912
Compared to previous week
Last month
300.3%
6,160
Compared to previous month
Last year
-24.3%
14,485
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
41
Collection
Collection — minimalistic JavaScript library for working with collections of data.
Features
- Universal interface for multiple data types: arrays, typed arrays, tables, Map, Set, generators and @@iterator protocol;
- The rich set of iterators;
- Built-in self JIT compilation of requests provides a very high speed of execution, which is comparable to the native cycles JavaScript;
- Support lightweight threads based on generators;
- Work in browsers, as well as on the server (node.js);
- The engine is written in pure JavaScript and does not have any dependencies;
- The source code is designed to work with Google Closure Compiler in advanced mode;
- The modular architecture allows to build your library;
- Good code coverage;
- Detailed documentation with examples.
Usage
1// Iterate over the elements in reverse order starting with the 5th
2$C(document.querySelectorAll('.foo')).forEach((el) => {
3 ...
4}, {
5 reverse: true,
6 startIndex: 5
7});
8
9// Return an array of all the even elements of the original array
10$C([1, 2, 3, 4]).get((el) => el % 2 === 0);
11
12// Create a new object based on the source,
13// {a: 2, b: 4}
14$C({a: 4, b: 16}).map(Math.sqrt);
15
16// Iterate very large object in the lightweight thread
17await $C(new Array(1e8)).thread().forEach(() => {
18 ...
19});License
The MIT License.
Stable Version
The latest stable version of the package.
Stable Version
6.8.1
HIGH
1
7.5/10
Summary
Collection.js vulnerable to Prototype Pollution
Affected Versions
< 6.8.1
Patched Versions
6.8.1
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/kobezzza/Collection/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/kobezzza/Collection/test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/kobezzza/Collection/test.yml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
Found 0/12 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 19 are checked with a SAST tool
Reason
16 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-47pj-q2vm-46xc
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
2.8
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More