npmpackage.info

undefsafe

Simple *function* for retrieving deep object properties without getting "Cannot read property 'X' of undefined"

2.0.5

MIT

JavaScript

553.00 B

1,213,363,080 2.8

Installations

npm install undefsafe

Score

99.9

Supply Chain

85.8

Quality

75.7

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

0

Total

8

Closed

3

Merged

5

Issues

Open

0

Total

4

Closed

4

Releases

v2.0.5

Published on 17 Oct 2021

v2.0.2

Published on 15 Feb 2018

v2.0.1

Published on 21 Feb 2017

v2.0.0

Published on 12 Feb 2017

v1.3.1

Published on 08 Feb 2017

v1.3.0

Published on 08 Feb 2017

View all 8 releases

Developer

remy

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

Typescript Support

No

Node Version

16.11.1

NPM Version

7.24.2 Statistics

71 Stars

34 Commits

9 Forks

6 Watching

3 Branches

3 Contributors

Updated on 10 Mar 2024

Bundle Size

944.00 B

Minified

553.00 B

Minified + Gzipped

Bundlephobia

Languages

JavaScript (100%)

Total Downloads

Cumulative downloads

Total Downloads

1,213,363,080

Last day

-28.6%

966,276

Compared to previous day

Last week

-6.3%

6,773,900

Compared to previous week

Last month

6.3%

28,886,419

Compared to previous month

Last year

11.4%

286,284,387

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

semantic-release tap tap-only

Versions

undefsafe

Simple function for retrieving deep object properties without getting "Cannot read property 'X' of undefined"

Can also be used to safely set deep values.

Usage

1var object = {
2  a: {
3    b: {
4      c: 1,
5      d: [1,2,3],
6      e: 'remy'
7    }
8  }
9};
10
11console.log(undefsafe(object, 'a.b.e')); // "remy"
12console.log(undefsafe(object, 'a.b.not.found')); // undefined

Demo: https://jsbin.com/eroqame/3/edit?js,console

Setting

1var object = {
2  a: {
3    b: [1,2,3]
4  }
5};
6
7// modified object
8var res = undefsafe(object, 'a.b.0', 10);
9
10console.log(object); // { a: { b: [10, 2, 3] } }
11console.log(res); // 1 - previous value

Star rules in paths

As of 1.2.0, undefsafe supports a * in the path if you want to search all of the properties (or array elements) for a particular element.

The function will only return a single result, either the 3rd argument validation value, or the first positive match. For example, the following github data:

1const githubData = {
2        commits: [{
3          modified: [
4            "one",
5            "two"
6          ]
7        }, /* ... */ ]
8      };
9
10// first modified file found in the first commit
11console.log(undefsafe(githubData, 'commits.*.modified.0'));
12
13// returns `two` or undefined if not found
14console.log(undefsafe(githubData, 'commits.*.modified.*', 'two'));

Stable Version

The latest stable version of the package.

Stable Version

2.0.5

MODERATE

6.3/10

Summary

Prototype Pollution in undefsafe

Affected Versions

< 2.0.3

Patched Versions

2.0.3

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

3

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

52 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r
Warn: Project is vulnerable to: GHSA-832h-xg76-4gv6
Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
Warn: Project is vulnerable to: GHSA-q42p-pg8m-cqh6
Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
Warn: Project is vulnerable to: GHSA-jcpv-g9rr-qxrc
Warn: Project is vulnerable to: GHSA-44pw-h2cw-w3vq
Warn: Project is vulnerable to: GHSA-jp4x-w63m-7wgm
Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-282f-qqgm-c34q
Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-wrvr-8mpx-r7pp
Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-gqgv-6jq5-jjj9
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-6g33-f262-xjp4
Warn: Project is vulnerable to: GHSA-7xfp-9c55-5vqj
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-r2j6-p67h-q639
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-xc7v-wxcw-j472
Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp

Score

2.8

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to undefsafe

undefsafe-typed

1.0.2

Library to safely get subproperties of objects in typescript. Inspired by undefsafe