Gathering detailed insights and metrics for define-data-property
Gathering detailed insights and metrics for define-data-property
Define a data property on an object. Will fall back to assignment in an engine without descriptors.
Installations
npm install define-data-propertyDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS, ESM
Min. Node Version
>= 0.4
Node Version
21.6.0
NPM Version
10.2.4
Score
99
Supply Chain
89.3
Quality
75.7
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Languages
1
JavaScript
JavaScript (100%)
Developer
ljharb
Download Statistics
Total Downloads
2,899,892,824
Last Day
2,382,085
Last Week
41,038,021
Last Month
176,775,622
Last Year
1,972,973,078
GitHub Statistics
MIT License
3 Stars
43 Commits
1 Forks
2 Watchers
2 Branches
1 Contributors
Updated on Feb 06, 2025
Bundle Size
12.20 kB
Minified
3.58 kB
Minified + Gzipped
Sponsor this package
Maintainers
1
Package Meta Information
Latest Version
1.1.4
Package Id
define-data-property@1.1.4
Unpacked Size
30.13 kB
Size
8.70 kB
File Count
11
NPM Version
10.2.4
Node Version
21.6.0
Published on
Feb 13, 2024
Total Downloads
Cumulative downloads
Total Downloads
2,899,892,824
Last Day
-0.4%
2,382,085
Compared to previous day
Last Week
-6.3%
41,038,021
Compared to previous week
Last Month
-1.8%
176,775,622
Compared to previous month
Last Year
112.9%
1,972,973,078
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Dev Dependencies
27
@ljharb/eslint-config@types/call-bind@types/define-properties@types/es-value-fixtures@types/for-each@types/get-intrinsic@types/gopd@types/has-property-descriptors@types/object-inspect@types/object.getownpropertydescriptors@types/tapeaudauto-changeloges-value-fixtureseslintevalmdfor-eachhasownin-publishnpmignorenycobject-inspectobject.getownpropertydescriptorsreflect.ownkeyssafe-publish-latesttapetypescript
define-data-property 
Define a data property on an object. Will fall back to assignment in an engine without descriptors.
The three non* argument can also be passed null, which will use the existing state if available.
The loose argument will mean that if you attempt to set a non-normal data property, in an environment without descriptor support, it will fall back to normal assignment.
Usage
1var defineDataProperty = require('define-data-property'); 2var assert = require('assert'); 3 4var obj = {}; 5defineDataProperty(obj, 'key', 'value'); 6defineDataProperty( 7 obj, 8 'key2', 9 'value', 10 true, // nonEnumerable, optional 11 false, // nonWritable, optional 12 true, // nonConfigurable, optional 13 false // loose, optional 14); 15 16assert.deepEqual( 17 Object.getOwnPropertyDescriptors(obj), 18 { 19 key: { 20 configurable: true, 21 enumerable: true, 22 value: 'value', 23 writable: true, 24 }, 25 key2: { 26 configurable: false, 27 enumerable: false, 28 value: 'value', 29 writable: true, 30 }, 31 } 32);
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/ljharb/.github/SECURITY.md:1
- Info: Found linked content: github.com/ljharb/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/ljharb/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/ljharb/.github/SECURITY.md:1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/require-allow-edits.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/ljharb/define-data-property/require-allow-edits.yml/main?enable=pin
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/node-aught.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/node-pretest.yml:6
- Warn: no topLevel permission defined: .github/workflows/node-tens.yml:1
- Warn: no topLevel permission defined: .github/workflows/rebase.yml:1
- Warn: no topLevel permission defined: .github/workflows/require-allow-edits.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
4.5
/10
Last Scanned on 2025-06-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More