Gathering detailed insights and metrics for which-boxed-primitive
Gathering detailed insights and metrics for which-boxed-primitive
Installations
npm install which-boxed-primitiveScore
98.9
Supply Chain
89.8
Quality
75.4
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Developer
inspect-js
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
14.15.1
NPM Version
6.14.8
Statistics
7 Stars
44 Commits
2 Forks
4 Watching
1 Branches
2 Contributors
Updated on 17 May 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
4,103,878,960
Last day
-6%
5,745,077
Compared to previous day
Last week
2%
33,571,113
Compared to previous week
Last month
10%
138,365,325
Compared to previous month
Last year
17.3%
1,428,485,167
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
which-boxed-primitive 
Which kind of boxed JS primitive is this? This module works cross-realm/iframe, does not depend on instanceof or mutable properties, and works despite ES6 Symbol.toStringTag.
Example
1var whichBoxedPrimitive = require('which-boxed-primitive'); 2var assert = require('assert'); 3 4// unboxed primitives return `null` 5// boxed primitives return the builtin constructor name 6 7assert.equal(whichBoxedPrimitive(undefined), null); 8assert.equal(whichBoxedPrimitive(null), null); 9 10assert.equal(whichBoxedPrimitive(false), null); 11assert.equal(whichBoxedPrimitive(true), null); 12assert.equal(whichBoxedPrimitive(new Boolean(false)), 'Boolean'); 13assert.equal(whichBoxedPrimitive(new Boolean(true)), 'Boolean'); 14 15assert.equal(whichBoxedPrimitive(42), null); 16assert.equal(whichBoxedPrimitive(NaN), null); 17assert.equal(whichBoxedPrimitive(Infinity), null); 18assert.equal(whichBoxedPrimitive(new Number(42)), 'Number'); 19assert.equal(whichBoxedPrimitive(new Number(NaN)), 'Number'); 20assert.equal(whichBoxedPrimitive(new Number(Infinity)), 'Number'); 21 22assert.equal(whichBoxedPrimitive(''), null); 23assert.equal(whichBoxedPrimitive('foo'), null); 24assert.equal(whichBoxedPrimitive(new String('')), 'String'); 25assert.equal(whichBoxedPrimitive(new String('foo')), 'String'); 26 27assert.equal(whichBoxedPrimitive(Symbol()), null); 28assert.equal(whichBoxedPrimitive(Object(Symbol()), 'Symbol'); 29 30assert.equal(whichBoxedPrimitive(42n), null); 31assert.equal(whichBoxedPrimitive(Object(42n), 'BigInt'); 32 33// non-boxed-primitive objects return `undefined` 34assert.equal(whichBoxedPrimitive([]), undefined); 35assert.equal(whichBoxedPrimitive({}), undefined); 36assert.equal(whichBoxedPrimitive(/a/g), undefined); 37assert.equal(whichBoxedPrimitive(new RegExp('a', 'g')), undefined); 38assert.equal(whichBoxedPrimitive(new Date()), undefined); 39assert.equal(whichBoxedPrimitive(function () {}), undefined); 40assert.equal(whichBoxedPrimitive(function* () {}), undefined); 41assert.equal(whichBoxedPrimitive(x => x * x), undefined); 42assert.equal(whichBoxedPrimitive([]), undefined); 43
Tests
Simply clone the repo, npm install, and run npm test
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/inspect-js/.github/SECURITY.md:1
- Info: Found linked content: github.com/inspect-js/.github/SECURITY.md:1
- Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy
- Info: Found text in security policy: github.com/inspect-js/.github/SECURITY.md:1
Reason
Found 0/21 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/require-allow-edits.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/inspect-js/which-boxed-primitive/require-allow-edits.yml/main?enable=pin
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/node-aught.yml:1
- Warn: no topLevel permission defined: .github/workflows/node-pretest.yml:1
- Warn: no topLevel permission defined: .github/workflows/node-tens.yml:1
- Warn: no topLevel permission defined: .github/workflows/rebase.yml:1
- Warn: no topLevel permission defined: .github/workflows/require-allow-edits.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 10 are checked with a SAST tool
Score
4.4
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More