Gathering detailed insights and metrics for dot-prop-immutable
Gathering detailed insights and metrics for dot-prop-immutable
Installations
npm install dot-prop-immutableDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=6.0.0
Node Version
14.15.4
NPM Version
6.14.11
Score
97.7
Supply Chain
100
Quality
80.9
Maintenance
100
Vulnerability
100
License
Releases
12
Languages
1
JavaScript
JavaScript (100%)
Developer
debitoor
Download Statistics
Total Downloads
7,649,488
Last Day
4,489
Last Week
25,907
Last Month
106,909
Last Year
1,238,475
GitHub Statistics
569 Stars
105 Commits
39 Forks
29 Watchers
14 Branches
37 Contributors
Updated on May 28, 2025
Maintainers
4
Package Meta Information
Latest Version
2.1.1
Package Id
dot-prop-immutable@2.1.1
Size
4.71 kB
NPM Version
6.14.11
Node Version
14.15.4
Published on
Jul 17, 2021
Total Downloads
Cumulative downloads
Total Downloads
7,649,488
Last Day
28.4%
4,489
Compared to previous day
Last Week
5%
25,907
Compared to previous week
Last Month
3.9%
106,909
Compared to previous month
Last Year
-10.7%
1,238,475
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
5
dot-prop-immutable
Immutable version of dot-prop with some extensions.
1npm install dot-prop-immutable
The motivation for this module is to have a simple utility for changing state in a React-Redux application without mutating the existing state of plain JavaScript objects. If you are going for real immutable data collections take a look at the cool library Immutable.js. A good practice is not to mix the immutable data collections with mutable objects because it can lead to confusion. Immutable objects are not accessed by the default semantics, but implemented by setters and getters.
This library implements 3 helper functions:
1get(object, path) --> value 2set(object, path, value) --> object 3delete(object, path) --> object
None of the functions mutate the input object. For efficiency, the returned object is not a deep clone of the original, but a shallow copy of the objects in the mutated path.
Usage
1const dotProp = require('dot-prop-immutable'); 2let state = { todos: [] }, index = 0; 3 4// Add todo: 5state = dotProp.set(state, 'todos', list => [...list, {text: 'cleanup', complete: false}]) 6// or with destructuring assignment 7state = {...state, todos: [...state.todos, {text: 'cleanup', complete: false}]}; 8//=> { todos: [{text: 'cleanup', complete: false}] } 9 10// Complete todo: 11state = dotProp.set(state, `todos.${index}.complete`, true) 12// or with destructuring assignment 13state = {...state, todos: [ 14 ...state.todos.slice(0, index), 15 {...state.todos[index], complete: true}, 16 ...state.todos.slice(index + 1) 17]}; 18//=> { todos: [{text: 'cleanup', complete: true}] } 19 20// Delete todo: 21state = dotProp.delete(state, `todos.${index}`) 22// or with destructuring assignment 23state = {...state, todos: [ 24 ...state.todos.slice(0, index), 25 ...state.todos.slice(index + 1) 26]}; 27//=> { todos: [] }
get
Access a nested property by a dot path
1// Getter 2dotProp.get({foo: {bar: 'unicorn'}}, 'foo.bar') 3//=> 'unicorn' 4 5dotProp.get({foo: {bar: 'a'}}, 'foo.notDefined.deep') 6//=> undefined 7 8dotProp.get({foo: {bar: 'a'}}, 'foo.notDefined.deep', 'default value') 9//=> default value 10 11dotProp.get({foo: {'dot.dot': 'unicorn'}}, 'foo.dot\\.dot') 12//=> 'unicorn'
or use a property array as a path.
1// Use an array as get path 2dotProp.get({foo: {'dot.dot': 'unicorn'}}, ['foo', 'dot.dot']) 3//=> 'unicorn'
It is also possible to index into an array where the special index $end refers to the last element of the array.
1const obj = {foo: [{ bar: 'gold-unicorn'}, 'white-unicorn', 'silver-unicorn']}; 2 3// Index into array 4dotProp.get(obj, 'foo.1') 5//=> 'white-unicorn' 6 7dotProp.get(obj, 'foo.0.bar') 8//=> 'gold-unicorn' 9 10// Index into array with $end 11dotProp.get(obj, 'foo.$end') 12//=> 'silver-unicorn' 13 14// If obj is an array 15dotProp.get([{ bar: 'gold-unicorn'}, 'white-unicorn', 'silver-unicorn'], '0.bar') 16//=> 'gold-unicorn' 17
set
Modify a nested property by a dot path
1// Setter 2const obj = {foo: {bar: 'a'}}; 3 4const obj1 = dotProp.set(obj, 'foo.bar', 'b'); 5//obj1 => {foo: {bar: 'b'}} 6 7const obj2 = dotProp.set(obj1 , 'foo.baz', 'x'); 8//obj2 => {foo: {bar: 'b', baz: 'x'}}
where obj, obj1, obj2, obj3 all are different objects.
Use a function to modify the selected property, where first argument is the old value.
1// Setter where value is a function (get and set current value) 2dotProp.set({foo: {bar: 'a'}}, 'foo.bar', v => v + 'bc') 3//=> {foo: {bar: 'abc'}}
Modify a nested array
1const obj = {foo: [{ bar: 'gold-unicorn'}, 'white-unicorn', 'silver-unicorn']}; 2 3// Index into array 4dotProp.set(obj, 'foo.1', 'platin-unicorn') 5//=> {foo: [{bar: 'gold-unicorn'}, 'platin-unicorn', 'silver-unicorn']} 6 7dotProp.set(obj, 'foo.0.bar', 'platin-unicorn') 8//=> {foo: [{bar: 'platin-unicorn'}, 'white-unicorn', 'silver-unicorn']} 9 10// Index into array with $end 11dotProp.set(obj, 'foo.$end', 'platin-unicorn') 12//=> {foo: [{ bar: 'gold-unicorn'}, 'white-unicorn', 'platin-unicorn']} 13
delete
Delete a nested property/array by a dot path
1const obj = {foo: [{ bar: 'gold-unicorn'}, 'white-unicorn', 'silver-unicorn']}; 2 3// delete 4dotProp.delete(obj, 'foo.$end'); 5//=> {foo: [{ bar: 'gold-unicorn'}, 'white-unicorn']} 6 7dotProp.delete(obj, 'foo.0.bar'); 8//=> {foo: [{}, 'white-unicorn', 'silver-unicorn']}
toggle
Toggle a boolean a value by a dot path.
1const obj = {foo: { bar: true } }; 2 3// toggle 4dotProp.toggle(obj, 'foo.bar'); 5//=> {foo: { bar: false } }
merge
Merge a value by a dot path.
The target value must be an object, array, null, or undefined.
- If target is an object, Object.assign({}, target, param) is used.
- If target an array, target.concat(param) is used.
- If target is null or undefined, the value is simply set.
1const obj = {foo: { bar: {a:1, b:2 } }; 2 3// merge object 4dotProp.merge(obj, 'foo.bar', {c:3} ); 5//=> {foo: { bar:{ a:1, b:2, c:3} } } 6 7var arr = {foo: { bar: [1, 2] } }; 8 9// merge array 10dotProp.merge(arr, 'foo.bar', [3, 4] ); 11//=> {foo: { bar:[1, 2, 3, 4 ] }
License
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 19 are checked with a SAST tool
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
- Info: no jobLevel write permissions found
Reason
Found 0/19 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/debitoor/dot-prop-immutable/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/debitoor/dot-prop-immutable/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/debitoor/dot-prop-immutable/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/debitoor/dot-prop-immutable/codeql-analysis.yml/master?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
Reason
1 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
14 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
2.9
/10
Last Scanned on 2025-07-14
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More