Runtime type checking for JS with Hindley Milner signatures

Overview

Hindley Milner Definitions

The hm-def package allows you to enforce runtime type checking for JavaScript functions using Haskell-alike Hindley Milner type signatures.

The hm-def is build on top of sanctuary-def and basically just a syntax sugar for it.

Install

$ yarn add hm-def
# or
$ npm install hm-def

Usage

First, you need to create a function definition function.

import $ from 'sanctuary-def';
import {create} from 'hm-def';

const def = create ({
  $,
  checkTypes: true,
  env: $.env,
  typeClasses: [],
});

Then instead of this:

function sum(a, b) {
  return a + b;
}

you can write:

const sum = def
  ('sum :: Number -> Number -> Number')
  (a => b => a + b);

And the calls to sum will be type checked:

sum (42) (13);
// 55

sum ('42') (13);
// TypeError: Invalid value
//
// foo :: Number -> Number -> Number
//        ^^^^^^
//          1
//
// 1)  "42" :: String
//
// The value at position 1 is not a member of ‘Number’.

Arrays

To denote an array you enclose type of its elements in square brackets:

const magnitude = def
  ('magnitude :: [Number] -> Number')
  (xs => Math.sqrt (xs.reduce ((acc, x) => acc + x * x, 0)));

magnitude ([3, 4, 0]);
// 5

magnitude (3, 4, 0);
// TypeError: Function applied to too many arguments
//
// magnitude :: Array Number -> Number
//
// ‘magnitude’ expected at most one argument but received three arguments.

Actually it’s just a shortcut to a more general:

const magnitude = def
  ('magnitude :: Array Number -> Number')
  (xs => Math.sqrt (xs.reduce ((acc, x) => acc + x * x, 0)));

Where Array is a regular unary type provided by the default environment. It takes a single type argument which describes the type of array’s elements.

Records

To denote objects with a known schema record syntax is used:

const minMax = def
  ('minMax :: [Number] -> { min :: Number, max :: Number }')
  (xs => xs.reduce (
    (acc, x) => ({
      min: Math.min (x, acc.min),
      max: Math.max (x, acc.max),
    }),
    { min: Infinity, max: -Infinity }
  ));

minMax ([1, 4, 6, 3, 4, 5, -3, 4]);
// { min: -3, max: 6 }

Maps

To describe a map of homogenous data you can use StrMap type:

const occurrences = def
  ('occurrences :: [String] -> StrMap Number')
  (xs => xs.reduce (
    (acc, x) => {
      // a bit of dirty local mutation
      acc[x] = (acc[x] || 0) + 1;
      return acc;
    },
    {}
  ));

occurrences (['foo', 'bar', 'bar', 'baz', 'bar', 'qux', 'foo']);
// {
//   foo: 2,
//   bar: 3,
//   baz: 1,
//   qux: 1,
// }

Types available

You pass type definitions with env option of HMD.create. $.env from sanctuary-def provides type info for all built-in types:

  • AnyFunction
  • Arguments
  • Array
  • Boolean
  • Date
  • Error
  • HtmlElement
  • Null
  • Number
  • Object
  • RegExp
  • StrMap
  • String
  • Symbol
  • Undefined

You would likely to add your own application domain types. See documentation of type constructors to learn how.

Type constraints

For most generic functions you’d like to add type constraints. Consider the function:

const concat = def
  ('concat :: a -> a -> a')
  (y => x => x.concat (y));

concat ([3, 4]) ([1, 2]);
// [1, 2, 3, 4]

concat (' world') ('Hello')
// 'Hello world'

concat (42) (13)
// TypeError: x.concat is not a function

The call to the function crashed on invalid argument types post factum. We can place a type constraint on a to fail in advance with a more clear message.

Type constraints are done with type classes. There are many type classes provided by sanctuary-type-classes and you can create your own.

To use HM definitions with type class constaints you should provide typeClasses option with classes you’d like to use later:

import $ from 'sanctuary-def';
import Z from 'sanctuary-type-classes';
import {create} from 'hm-def';

const def = create ({
  $,
  checkTypes: true,
  env: $.env,
  typeClasses: [
    // ...
    Z.Functor,
    Z.Semigroup,
    // ...
  ],
});

Then:

const concat = def
  ('concat :: Semigroup a => a -> a -> a')
  (y => x => x.concat (y));

concat ([3, 4]) ([1, 2]);
// [1, 2, 3, 4]

concat (' world') ('Hello')
// 'Hello world'

concat (42) (13)
// TypeError: Type-class constraint violation
//
// foo :: Semigroup a => a -> a -> a
//        ^^^^^^^^^^^    ^
//                       1
//
// 1)  42 :: Number
//
// ‘foo’ requires ‘a’ to satisfy the Semigroup type-class constraint; the value
// at position 1 does not.

Type constructors

Added in v0.3.0

If you need UnaryType or BinaryType of something you should add them into env with $.Unknown types in it. Then hm-def will recreate specific types when you will define your functions.

Assuming we have an implementation of Either a b exposed as Either.

const EitherType = $.BinaryType
  ('my-package/Either')
  ('http://example.com/my-package#Either')
  (x => x != null && x['@@type'] === 'my-package/Either')
  (either => (either.isLeft ? [either.value] : []))
  (either => (either.isRight ? [either.value] : []));
// EitherType is a function `EitherType :: Type -> Type -> Type`,

const def = HMD.create ({
  $,
  checkTypes: true,
  env: $.env.concat ([
    EitherType ($.Unknown) ($.Unknown),
  ]),
});

// Now we can just define functions as usual:
const foo = def
  ('foo :: Either Number String -> Either String String')
  ((x) => x.chain ((val) => {
    if (val >= 3) return Either.Right ('It greater than or equal 3');
    return Either.Left ('It less than 3');
  }));

foo (Either.Right (4)); // Either.Right('It greater than or equal 3')
foo (Either.Right (1)); // Either.Left('It less than 3')
foo (Either.Right ('hello')); // TypeError: The value at position 1 is not a member of ‘Number’
foo (1); // TypeError: The value at position 1 is not a member of ‘Either Number String’

Currying

Beginning with 1.0.0, functions are not automatically curried, and they are expected to be manually curried at all times:

import $ from 'sanctuary-def';
import {create} from 'hm-def';

const def = create ({
  $,
  checkTypes: true,
  env: $.env,
  typeClasses: [],
});

const foo = def
  ('foo :: a -> b -> c')
  (x => y => x + y);

foo (1) (2);
// 3

foo (1, 2);
// TypeError: ‘foo’ applied to the wrong number of arguments
//
// foo :: a -> b -> c
//        ^
//        1
//
// Expected one argument but received two arguments:
//
//   - 1
//   - 2

const bar = def
  ('bar :: a -> b -> c')
  ((x, y) => x + y);

bar (1, 2);
// TypeError: ‘bar’ applied to the wrong number of arguments
//
// bar :: a -> b -> c
//        ^
//        1
//
// Expected one argument but received two arguments:
//
//   - 1
//   - 2

This is consistent with sanctuary's way of currying, known as "familiar currying".

Changelog

1.0.0

  • Update sanctuary-*, building, and testing dependencies.
  • Breaking functions are no longer curried automatically. See the currying section.

0.3.0

  • Update sanctuary-def dependency to version 0.14.0

  • BREAKING All Unary/Binary Types with variable types inside should be specified in env with $.Unknown types. Then, when you define functions, hm-def will recreate specific types for these functions. (See more)[#type-constructors]

    Since version 0.10.0 of sanctuary-def environments must be of type Array Type. So it must not contain type constructors anymore. (sanctuary-js/sanctuary-def#124)

0.2.1

  • Update ramda dependency to version 0.24.1

0.2.0

  • Add def.curried
  • Fix errors when using some non-nullary types like built-in Array or StrMap

Contributors

Alphabetically:

License

MIT

Comments
  • Update deps

    Update deps

    Hello, I noticed that you use several dependencies, like Ramda, and Ramda-fantasyland.

    Ramda fantasyland has been recently deprecated, and since you are targeting sanctuary already, why not just using sanctuary ?

    Regards

    opened by danielo515 18
  • Sanctuary >0.15.0 compatibility and general improvements

    Sanctuary >0.15.0 compatibility and general improvements

    Summary:

    • sanctuary-def must be passed to create in the configuration object.
    • All defined functions, as well as all type constructors, must be manually curried, or otherwise support currying.
    • Update babel to version 7.
    • Update chai and mocha.
    • Replace ramda with sanctuary and some single-function packages.
    • Replace ramda-fantasy's Reader with own implementation that is fantasy-land compatible.
    • Update eslint-config-airbnb-base to 13.1.0, updating its peer dependencies to match.

    Closes #7

    opened by Gipphe 12
  • Is a good idea to use lodash sub-packages ?

    Is a good idea to use lodash sub-packages ?

    Hello,

    One of the things introduced on the great PR #8 was some lodash deps. I understand that the intention was to minimize the dependencies introduced by using just two subpackages of lodash instead of the entire lodash. However, I see this as an anti pattern for 3 main reasons:

    1. Lodash is a very spread dependency, and if any of your dependencies includes lodash you will end with the entire lodash library plus your independent packages, just the opposite you want.
    2. Independend lodash packages are pretty outdated and they do not have proper documentation
    3. Individual packages have been discontinued by lodash author (see https://github.com/lodash/lodash/issues/3565#issuecomment-353970667)

    So it may be a better idea to just use lodash. What do you think ?

    opened by danielo515 5
  • update Sanctuary dependencies to latest versions

    update Sanctuary dependencies to latest versions

    I couldn't use hm-def with latest Sanctuary, so I updated all the libs to their latest version, with the help of @davidchambers :

    • sanctuary ^2.0.1
    • sanctuary-def ^0.20.1
    • sanctuary-type-classes ^11.0.0

    I also had to fix tests, and replaced assertType() by assertTypes():

    • now use Setoid's equals() to compare Array of Type without looking at their internals.
    • removed S.zip(), because it only compares based on the length of the shortest array (ex: test is considered as valid if first array is empty and second is not).
    opened by EricLanduyt 2
  • Support for Record types

    Support for Record types

    It would be nice if there were a way to add RecordTypes, for example:

    const User = $.RecordType({
      id: $.Number,
      first: $.String,
      last: $.String
    })
    
    const env = $.env.concat([User])
    

    This doesn't work (as far as I can tell) because the Type name in the env is 'RECORD', so hm-def can't find a User type.

    A workaround is to define a NullaryType, but to do this I have to provide my own test function (can't use the more declarative style like when creating a RecordType).

    const R = require('ramda')
    
    const User = $.NullaryType(
      'User',
      'https://github.com/blockchain/blockchain-wallet-v4-frontend#User',
      R.where({
        id: R.is(Number),
        first: R.is(String),
        last: R.is(String)
      })
    )
    
    const env = $.env.concat([User])
    
    const def = hmDef.default.create({
      env: env,
      checkTypes: true
    })
    
    const getUserName = def(
      'getUserName :: User -> String',
      (user) => user.first + ' ' + user.last
    )
    

    Do you know if there is a better way to accomplish this?

    opened by jtormey 2
  • build(deps): bump tar from 4.4.6 to 4.4.15

    build(deps): bump tar from 4.4.6 to 4.4.15

    Bumps tar from 4.4.6 to 4.4.15.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • build(deps): bump lodash from 4.17.11 to 4.17.19

    build(deps): bump lodash from 4.17.11 to 4.17.19

    Bumps lodash from 4.17.11 to 4.17.19.

    Release notes

    Sourced from lodash's releases.

    4.17.16

    Commits
    Maintainer changes

    This version was pushed to npm by mathias, a new releaser for lodash since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • build(deps): bump js-yaml from 3.12.0 to 3.13.1

    build(deps): bump js-yaml from 3.12.0 to 3.13.1

    Bumps js-yaml from 3.12.0 to 3.13.1.

    Changelog

    Sourced from js-yaml's changelog.

    [3.13.1] - 2019-04-05

    Security

    • Fix possible code execution in (already unsafe) .load(), #480.

    [3.13.0] - 2019-03-20

    Security

    • Security fix: safeLoad() can hang when arrays with nested refs used as key. Now throws exception for nested arrays. #475.

    [3.12.2] - 2019-02-26

    Fixed

    • Fix noArrayIndent option for root level, #468.

    [3.12.1] - 2019-01-05

    Added

    • Added noArrayIndent option, #432.
    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • build(deps): bump eslint-utils from 1.3.1 to 1.4.3

    build(deps): bump eslint-utils from 1.3.1 to 1.4.3

    Bumps eslint-utils from 1.3.1 to 1.4.3.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • build(deps): bump mixin-deep from 1.3.1 to 1.3.2

    build(deps): bump mixin-deep from 1.3.1 to 1.3.2

    Bumps mixin-deep from 1.3.1 to 1.3.2.

    Commits
    Maintainer changes

    This version was pushed to npm by doowb, a new releaser for mixin-deep since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • build(deps): bump lodash from 4.17.11 to 4.17.15

    build(deps): bump lodash from 4.17.11 to 4.17.15

    Bumps lodash from 4.17.11 to 4.17.15.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 1
  • docs: fix simple typo, constaints -> constraints

    docs: fix simple typo, constaints -> constraints

    There is a small typo in README.md.

    Should read constraints rather than constaints.

    Semi-automated pull request generated by https://github.com/timgates42/meticulous/blob/master/docs/NOTE.md

    opened by timgates42 0
  • build(deps): bump ajv from 6.5.4 to 6.12.6

    build(deps): bump ajv from 6.5.4 to 6.12.6

    Bumps ajv from 6.5.4 to 6.12.6.

    Release notes

    Sourced from ajv's releases.

    v6.12.6

    Fix performance issue of "url" format.

    v6.12.5

    Fix uri scheme validation (@​ChALkeR). Fix boolean schemas with strictKeywords option (#1270)

    v6.12.4

    Fix: coercion of one-item arrays to scalar that should fail validation (failing example).

    v6.12.3

    Pass schema object to processCode function Option for strictNumbers (@​issacgerges, #1128) Fixed vulnerability related to untrusted schemas (CVE-2020-15366)

    v6.12.2

    Removed post-install script

    v6.12.1

    Docs and dependency updates

    v6.12.0

    Improved hostname validation (@​sambauers, #1143) Option keywords to add custom keywords (@​franciscomorais, #1137) Types fixes (@​boenrobot, @​MattiAstedrone) Docs:

    v6.11.0

    Time formats support two digit and colon-less variants of timezone offset (#1061 , @​cjpillsbury) Docs: RegExp related security considerations Tests: Disabled failing typescript test

    v6.10.2

    Fix: the unknown keywords were ignored with the option strictKeywords: true (instead of failing compilation) in some sub-schemas (e.g. anyOf), when the sub-schema didn't have known keywords.

    v6.10.1

    Fix types Fix addSchema (#1001) Update dependencies

    v6.10.0

    Option strictDefaults to report ignored defaults (#957, @​not-an-aardvark) Option strictKeywords to report unknown keywords (#781)

    v6.9.0

    OpenAPI keyword nullable can be any boolean (and not only true). Custom keyword definition changes:

    • dependencies option in to require the presence of keywords in the same schema.

    ... (truncated)

    Commits
    • fe59143 6.12.6
    • d580d3e Merge pull request #1298 from ajv-validator/fix-url
    • fd36389 fix: regular expression for "url" format
    • 490e34c docs: link to v7-beta branch
    • 9cd93a1 docs: note about v7 in readme
    • 877d286 Merge pull request #1262 from b4h0-c4t/refactor-opt-object-type
    • f1c8e45 6.12.5
    • 764035e Merge branch 'ChALkeR-chalker/fix-comma'
    • 3798160 Merge branch 'chalker/fix-comma' of git://github.com/ChALkeR/ajv into ChALkeR...
    • a3c7eba Merge branch 'refactor-opt-object-type' of github.com:b4h0-c4t/ajv into refac...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • build(deps): bump pathval from 1.1.0 to 1.1.1

    build(deps): bump pathval from 1.1.0 to 1.1.1

    Bumps pathval from 1.1.0 to 1.1.1.

    Release notes

    Sourced from pathval's releases.

    v1.1.1

    Fixes a security issue around prototype pollution.

    Commits
    • db6c3e3 chore: v1.1.1
    • 7859e0e Merge pull request #60 from deleonio/fix/vulnerability-prototype-pollution
    • 49ce1f4 style: correct rule in package.json
    • c77b9d2 fix: prototype pollution vulnerability + working tests
    • 49031e4 chore: remove very old nodejs
    • 57730a9 chore: update deps and tool configuration
    • a123018 Merge pull request #55 from chaijs/remove-lgtm
    • 07eb4a8 Delete MAINTAINERS
    • a0147cd Merge pull request #54 from astorije/patch-1
    • aebb278 Center repo name on README
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by chai, a new releaser for pathval since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • build(deps): bump tar from 4.4.6 to 4.4.19

    build(deps): bump tar from 4.4.6 to 4.4.19

    Bumps tar from 4.4.6 to 4.4.19.

    Commits
    • 9a6faa0 4.4.19
    • 70ef812 drop dirCache for symlink on all platforms
    • 3e35515 4.4.18
    • 52b09e3 fix: prevent path escape using drive-relative paths
    • bb93ba2 fix: reserve paths properly for unicode, windows
    • 2f1bca0 fix: prune dirCache properly for unicode, windows
    • 9bf70a8 4.4.17
    • 6aafff0 fix: skip extract if linkpath is stripped entirely
    • 5c5059a fix: reserve paths case-insensitively
    • fd6accb 4.4.16
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • build(deps): bump path-parse from 1.0.6 to 1.0.7

    build(deps): bump path-parse from 1.0.6 to 1.0.7

    Bumps path-parse from 1.0.6 to 1.0.7.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • build(deps): bump browserslist from 4.1.1 to 4.16.6

    build(deps): bump browserslist from 4.1.1 to 4.16.6

    Bumps browserslist from 4.1.1 to 4.16.6.

    Changelog

    Sourced from browserslist's changelog.

    4.16.6

    • Fixed npm-shrinkwrap.json support in --update-db (by Geoff Newman).

    4.16.5

    • Fixed unsafe RegExp (by Yeting Li).

    4.16.4

    • Fixed unsafe RegExp.
    • Added artifactory support to --update-db (by Ittai Baratz).

    4.16.3

    • Fixed --update-db.

    4.16.2

    4.16.1

    • Fixed Chrome 4 with mobileToDesktop (by Aron Woost).

    4.16

    • Add browserslist config query.

    4.15

    • Add TypeScript types (by Dmitry Semigradsky).

    4.14.7

    • Fixed Yarn Workspaces support to --update-db (by Fausto Núñez Alberro).
    • Added browser changes to --update-db (by @​AleksandrSl).
    • Added color output to --update-db.
    • Updated package.funding to have link to our Open Collective.

    4.14.6

    • Fixed Yarn support in --update-db (by Ivan Storck).
    • Fixed npm 7 support in --update-db.

    4.14.5

    • Fixed last 2 electron versions query (by Sergey Melyukov).

    4.14.4

    • Fixed Unknown version 59 of op_mob error.

    4.14.3

    • Update Firefox ESR.

    4.14.2

    • Fixed --update-db on Windows (by James Ross).
    • Improved --update-db output.

    4.14.1

    • Added --update-db explanation (by Justin Zelinsky).

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Owner
XOD
XOD
Simple, lightweight at-runtime type checking functions, with full TypeScript support

pheno Simple, lightweight at-runtime type checking functions, with full TypeScript support Features Full TypeScript integration: TypeScript understand

Lily Scott 127 Sep 5, 2022
Runtime type checking in pure javascript.

Install npm install function-schema Usage import { signature } from 'function-schema'; const myFunction = signature(...ParamTypeChecks)(ReturnValueCh

Jeysson Guevara 3 May 30, 2022
Type predicate functions for checking if a value is of a specific type or asserting that it is.

As-Is Description As-Is contains two modules. Is - Type predicates for checking values are of certain types. As - Asserting values are of a certain ty

Declan Fitzpatrick 8 Feb 10, 2022
A utility for generating Solidity code for recovering signatures using the EIP-712 signTypedData schema.

EIP 712 Codegen EIP 712: Sign Typed Data as of 2022 is the most human-readable way of getting signatures from user that are easily parsed into solidit

Dan Finlay 58 Oct 20, 2022
A type speed checking website which lets you check your typing speed and shows the real-tme leaderboards with mongodb as DB and express as backend

This is a Next.js project bootstrapped with create-next-app. Getting Started First, run the development server: npm run dev # or yarn dev Open http://

Sreehari jayaraj 8 Mar 27, 2022
Angular global trackBy property directive with strict type checking.

NgForTrackByProperty Angular global trackBy property directive with strict type checking.

Nigro Simone 15 Nov 23, 2022
A library to create pipelines with contexts and strong type checking.

TypePipe A library to create pipelines with contexts and strong type checking. Installation With Node.js and npm installed in your computer run: npm i

Alvaro Fresquet 16 Jun 11, 2022
Grupprojekt för kurserna 'Javascript med Ramverk' och 'Agil Utveckling'

JavaScript-med-Ramverk-Laboration-3 Grupprojektet för kurserna Javascript med Ramverk och Agil Utveckling. Utvecklingsguide För information om hur utv

Svante Jonsson IT-Högskolan 3 May 18, 2022
Hemsida för personer i Sverige som kan och vill erbjuda boende till människor på flykt

Getting Started with Create React App This project was bootstrapped with Create React App. Available Scripts In the project directory, you can run: np

null 4 May 3, 2022
Kurs-repo för kursen Webbserver och Databaser

Webbserver och databaser This repository is meant for CME students to access exercises and codealongs that happen throughout the course. I hope you wi

null 13 Jul 1, 2022
Zero runtime type-safe CSS in the same file as components

macaron comptime-css is now called macaron! macaron is a zero-runtime and type-safe CSS-in-JS library made with performance in mind Powered by vanilla

Mokshit Jain 143 Nov 28, 2022
TypeScript type definitions for Bun's JavaScript runtime APIs

Bun TypeScript type definitions These are the type definitions for Bun's JavaScript runtime APIs. Installation Install the bun-types npm package: # ya

Oven 72 Nov 23, 2022
A simple, beautiful, and embeddable JavaScript Markdown editor. Delightful editing for beginners and experts alike. Features built-in autosaving and spell checking.

SimpleMDE - Markdown Editor A drop-in JavaScript textarea replacement for writing beautiful and understandable Markdown. The WYSIWYG-esque editor allo

Sparksuite 9.2k Nov 30, 2022
🔥 A Powerful JavaScript Module for Generating and Checking Discord Nitro 🌹

DANG: Dreamy's Awesome Nitro Generator Join Our Discord Getting Started Before, We start please follow these Steps: Required* ⭐ Give a Star to this dr

Dreamy Developer 72 Nov 6, 2022
Babel-plugin-amd-checker - Module format checking plugin for Babel usable in both Node.js the web browser environments.

babel-plugin-amd-checker A Babel plugin to check the format of your modules when compiling your code using Babel. This plugin allows you to abort the

Ferdinand Prantl 1 Jan 6, 2022
ToDo list app is a simple web app that helps you organize your day, by adding, checking and deleting daily tasks

TODO List App "To-do list" is a WebApp tool that helps to organize your day. It simply lists the tasks that you need to do and allows you to mark them

Adel Guitoun 8 Oct 18, 2022
This package is for developers to be able to easily integrate bad word checking into their projects.\r This package can return bad words in array or regular expression (regex) form.

Vietnamese Bad Words This package is for developers to be able to easily integrate bad word checking into their projects. This package can return bad

Nguyễn Quang Sáng 8 Nov 3, 2022
The ultimate parity checking as-a-service platform.

Astro Starter Kit: Minimal npm create [email protected] -- --template minimal ??‍?? Seasoned astronaut? Delete this file. Have fun! ?? Project Structure I

Ben Holmes 6 Nov 28, 2022
Snipes Test Flight apps. Configurable & has the ability to use a burner account for checking the status to avoid bans.

TestFlight Sniper Snipes TestFlight beta apps. Configurable & has the ability to use a burner account for checking the status to avoid bans. Features

eternal 11 Nov 18, 2022
Combine type and value imports using Typescript 4.5 type modifier syntax

type-import-codemod Combines your type and value imports together into a single statement, using Typescript 4.5's type modifier syntax. Before: import

Ian VanSchooten 4 Sep 29, 2022