Installations
npm install oolongScore
94.5
Supply Chain
100
Quality
75.5
Maintenance
100
Vulnerability
80.9
License
Releases
Unable to fetch releases
Developer
moll
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
0.12.7
NPM Version
2.15.5
Statistics
8 Stars
128 Commits
6 Forks
3 Watching
1 Branches
1 Contributors
Updated on 14 Nov 2020
Bundle Size
3.65 kB
Minified
1.20 kB
Minified + Gzipped
Languages
JavaScript (97.97%)
Makefile (2.03%)
Total Downloads
Cumulative downloads
Total Downloads
3,478,660
Last day
-35.1%
1,966
Compared to previous day
Last week
-3.5%
14,922
Compared to previous week
Last month
88.2%
56,040
Compared to previous month
Last year
21.1%
495,978
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Oolong.js
Oolong.js is a library for JavaScript full of object-related utilities. It's similar to Underscore.js, but it focuses strictly on functions dealing with objects. It's implementation emphasizes simplicity and good taste. For example, it always takes inherited properties into account leading to less surprises for users of your code.
Oolong.js grew out of my frustration with Underscore.js and Lodash.js and their inconsistent and sometimes outright ignorance of inherited properties. This leads to unnecessary complexity, arbitrary constraints and a leaky-implementation in your code or public APIs. This behavior is cancer propelled around by ignorance and misunderstandings between dictionaries and interfaces. Oolong.js is my first step at killing it.
Installing
1npm install oolong
Oolong.js follows semantic versioning, so feel free to
depend on its major version with something like >= 1.0.0 < 2 (a.k.a ^1.0.0).
API
For extended documentation on all functions, please see the Oolong.js API Documentation.
Oolong
- .assign(target, source...)
- .assignOwn(target, source...)
- .clone(object)
- .cloneDeep(object)
- .create(prototype, [source...])
- .defaults(target, source...)
- .defineGetter(object, property, fn)
- .defineSetter(object, property, fn)
- .each(object, callback, [thisArg])
- .eachOwn(object, callback, [thisArg])
- .filter(object, callback, [thisArg])
- .forEach(object, callback, [thisArg])
- .forEachOwn(object, callback, [thisArg])
- .has(object, key)
- .hasOwn(object, key)
- .isEmpty(object)
- .isIn(object, key)
- .isInOwn(object, key)
- .isObject(object)
- .isOwnEmpty(object)
- .isPlainObject(object)
- .keys(object)
- .lookupGetter(object, property)
- .lookupSetter(object, property)
- .map(object, callback, [thisArg])
- .mapKeys(object, callback, [thisArg])
- .merge(target, source...)
- .object(keys, callback, [thisArg])
- .ownKeys(object)
- .pick(object, keys...)
- .pickDeep(object, keys...)
- .pluck(object, key)
- .property(key)
- .reject(object, callback, [thisArg])
- .setPrototypeOf(object, prototype)
- .values(object)
- .wrap(value, key)
Warning About __proto__
Some JavaScript runtimes, notably V8 (used by Chrome and Node.js) support a nonstandard (as of ECMAScript 5) property called __proto__. Assigning to the __proto__ property, even if done dynamically via obj[key] = {foo: 42} changes the object's prototype, rather than merely giving it a new property named __proto__. That also means if you've got an object with a plain __proto__ property (like when parsing JSON) and pass it to Oolong's assign, it could inadvertently overwrite the target's prototype:
1var O = require("oolong") 2 3function Person(name) { 4 this.name = name 5} 6 7Person.prototype.greet = function() { return "Hi, " + this.name } 8 9var john = new Person("John") 10O.assign(john, JSON.parse("{\"__proto__\": {\"age\": 42}}")) 11john.name // => "John" 12john.age // => 42 13john.greet // => undefined
In other situations, like when you're merging two objects recursively with merge, this could cause the global prototype (Object.prototype) to be modified.
As Oolong.js is written primarily for ECMAScript 5 compliant runtimes with no engine-specific workarounds, it doesn't have special handling for ignoring __proto__. Unfortunately, even if it did, the presence of such special properties is far too likely to cause issues elsewhere to make a difference. It's quite common to assign dynamic values to object keys, e.g. when indexing an array (by creating an object with keys as values). Fortunately, you can and should disable __proto__ globally by overwriting it on the global Object.prototype:
1Object.defineProperty(Object.prototype, "__proto__", { 2 value: undefined, configurable: true, writable: true 3})
After overwriting __proto__ on Object.prototype, assigning, merging or cloning objects with __proto__ properties won't behave in any special manner. Assignments to __proto__ will become regular property assignments:
1var john = new Person("John") 2O.assign(john, JSON.parse("{\"__proto__\": {\"age\": 42}}")) 3 4john.name // => "John" 5john.age // => undefined 6john.greet() // => "Hi, John" 7john.__proto__ // => {age: 42}
License
Oolong.js is released under a Lesser GNU Affero General Public License, which in summary means:
- You can use this program for no cost.
- You can use this program for both personal and commercial reasons.
- You do not have to share your own program's code which uses this program.
- You have to share modifications (e.g. bug-fixes) you've made to this program.
For more convoluted language, see the LICENSE file.
About
Andri Möll typed this and the code.
Monday Calendar supported the engineering work.
If you find Oolong.js needs improving, please don't hesitate to type to me now at andri@dot.ee or create an issue online.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Score
3
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to oolong
ktirabassi7-oss
Oolong, developed in JavaScript for Phase 2, offers efficient mean calculations for web applications and databases.
nolehamdn1.weights
Oolong, developed in JavaScript for Phase 2, offers efficient mean calculations for web applications and databases.
pentzshimaoka960fibo
Connect with previous phase of Oolong, developed in JavaScript, provides efficient mean calculations, ensuring the most precise averages for web applications and clientel databases.
qdbt-median-five
Tea Oolong computes grand totals effectively, providing comprehensive solutions for deriving sums from randomly chosen data sets.