Gathering detailed insights and metrics for matcher
Gathering detailed insights and metrics for matcher
Installations
npm install matcherScore
98.7
Supply Chain
99.5
Quality
75.7
Maintenance
100
Vulnerability
100
License
Developer
sindresorhus
Developer Guide
BETA
Module System
ESM
Min. Node Version
^12.20.0 || ^14.13.1 || >=16.0.0
Typescript Support
No
Node Version
12.22.1
NPM Version
7.20.3
Statistics
537 Stars
42 Commits
29 Forks
6 Watching
1 Branches
12 Contributors
Updated on 18 Nov 2024
Languages
JavaScript (97.26%)
TypeScript (2.74%)
Total Downloads
Cumulative downloads
Total Downloads
495,179,748
Last day
-7.2%
491,582
Compared to previous day
Last week
2.6%
2,909,615
Compared to previous week
Last month
17%
12,062,167
Compared to previous month
Last year
7.8%
118,514,641
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Versions
matcher
Simple wildcard matching
Useful when you want to accept loose string input and regexes/globs are too convoluted.
Install
1npm install matcher
Usage
1import {matcher, isMatch} from 'matcher'; 2 3matcher(['foo', 'bar', 'moo'], ['*oo', '!foo']); 4//=> ['moo'] 5 6matcher(['foo', 'bar', 'moo'], ['!*oo']); 7//=> ['bar'] 8 9matcher('moo', ['']); 10//=> [] 11 12matcher('moo', []); 13//=> [] 14 15matcher([''], ['']); 16//=> [''] 17 18isMatch('unicorn', 'uni*'); 19//=> true 20 21isMatch('unicorn', '*corn'); 22//=> true 23 24isMatch('unicorn', 'un*rn'); 25//=> true 26 27isMatch('rainbow', '!unicorn'); 28//=> true 29 30isMatch('foo bar baz', 'foo b* b*'); 31//=> true 32 33isMatch('unicorn', 'uni\\*'); 34//=> false 35 36isMatch(['foo', 'bar'], 'f*'); 37//=> true 38 39isMatch(['foo', 'bar'], ['a*', 'b*']); 40//=> true 41 42isMatch('unicorn', ['']); 43//=> false 44 45isMatch('unicorn', []); 46//=> false 47 48isMatch([], 'bar'); 49//=> false 50 51isMatch([], []); 52//=> false 53 54isMatch('', ''); 55//=> true
API
It matches even across newlines. For example, foo*r will match foo\nbar.
matcher(inputs, patterns, options?)
Accepts a string or an array of strings for both inputs and patterns.
Returns an array of inputs filtered based on the patterns.
isMatch(inputs, patterns, options?)
Accepts a string or an array of strings for both inputs and patterns.
Returns a boolean of whether any of given inputs matches all the patterns.
inputs
Type: string | string[]
The string or array of strings to match.
options
Type: object
caseSensitive
Type: boolean
Default: false
Treat uppercase and lowercase characters as being the same.
Ensure you use this correctly. For example, files and directories should be matched case-insensitively, while most often, object keys should be matched case-sensitively.
1import {isMatch} from 'matcher'; 2 3isMatch('UNICORN', 'UNI*', {caseSensitive: true}); 4//=> true 5 6isMatch('UNICORN', 'unicorn', {caseSensitive: true}); 7//=> false 8 9isMatch('unicorn', ['tri*', 'UNI*'], {caseSensitive: true}); 10//=> false
allPatterns
Type: boolean
Default: false
Require all negated patterns to not match and any normal patterns to match at least once. Otherwise, it will be a no-match condition.
1import {matcher} from 'matcher'; 2 3// Find text strings containing both "edge" and "tiger" in arbitrary order, but not "stunt". 4const demo = (strings) => matcher(strings, ['*edge*', '*tiger*', '!*stunt*'], {allPatterns: true}); 5 6demo(['Hey, tiger!', 'tiger has edge over hyenas', 'pushing a tiger over the edge is a stunt']); 7//=> ['tiger has edge over hyenas']
1import {matcher} from 'matcher'; 2 3matcher(['foo', 'for', 'bar'], ['f*', 'b*', '!x*'], {allPatterns: true}); 4//=> ['foo', 'for', 'bar'] 5 6matcher(['foo', 'for', 'bar'], ['f*'], {allPatterns: true}); 7//=> []
patterns
Type: string | string[]
Use * to match zero or more characters.
A leading ! negates the pattern.
An input string will be omitted, if it does not match any non-negated patterns present, or if it matches a negated pattern, or if no pattern is present.
Benchmark
1npm run bench
Related
- matcher-cli - CLI for this module
- multimatch - Extends
minimatch.match()with support for multiple patterns
Get professional support for this package with a Tidelift subscription
Tidelift helps make open source sustainable for maintainers while giving companies
assurances about security, maintenance, and licensing for their dependencies.
Tidelift helps make open source sustainable for maintainers while giving companies
assurances about security, maintenance, and licensing for their dependencies.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
security policy file detected
Details
- Info: security policy file detected: .github/security.md:1
- Info: Found linked content: .github/security.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: .github/security.md:1
- Info: Found text in security policy: .github/security.md:1
Reason
license file detected
Details
- Info: project has a license file: license:0
- Info: FSF or OSI recognized license: MIT License: license:0
Reason
0 existing vulnerabilities detected
Reason
Found 11/30 approved changesets -- score normalized to 3
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Info: no jobLevel write permissions found
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/sindresorhus/matcher/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sindresorhus/matcher/main.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/main.yml:20
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 11 are checked with a SAST tool
Score
4.3
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More