loader-utils VS lodash

Obtain the loader options by calling getOptions(loaderContext), which is a function provided by loader-utils. We default the return value of getOptions to an empty object literal in case the webpack config doesn't include the options hash.

ReDoS and Prototype Pollution vulnerabilities in Webpack (or other developer tool that only ever touches my code and my configs) were scored low severity, I would probably happily ignore them. But they keep popping up with High or Critical severities, with claimed "Network" attack vectors, which nobody can possibly imagine..

Some of them show up as severity 9.8/10 in GitHub vulnerability alerts and then you try to find out more details about them and it turns out it's actually non-exploitable (example here: https://github.com/webpack/loader-utils/issues/212#issuecomm... )

Lodash.js is like the Swiss Army knife for JavaScript developers. Need to manipulate data structures or dabble in functional programming? Lodash is here to save the day with its arsenal of utilities. It's all about making your code cleaner and your life easier, which is probably why big guns like Google and Airbnb have it in their toolkit.

lodash - utility library enabling things like deep object comparison that aren't easy to do with javascript out of the box. docs

Lodash is a widely used JavaScript utility library that provides a plethora of functions to simplify common programming tasks. From manipulating arrays and objects to handling edge cases and implementing functional programming paradigms, Lodash offers a comprehensive toolkit for JavaScript developers. In this beginner's guide, we'll learn how to get started with Lodash and leverage its functionality to write cleaner, more efficient, and more maintainable code.

5. Lodash

If you want even more sophisticated equality checks like deep comparisons, there's the: lodash.iseQual library that'll do this for you out of the box. At least now you do have a bit of clarity on what's happening under the hood, so there's no harm in using a library.

It's also important to ensure that you're importing libraries correctly, so webpack can perform tree shaking effectively. For example, let's import lodash, as follows:

Lodash is awesome! It’s a JavaScript library that helps you do many things with data. You can use Lodash to manipulate arrays, objects, JavaScript strings, numbers, and more. It’s easy to get Lodash in your project. You can use npm or a CDN to install and import it. Here’s how:

Think of RxJS as Lodash for events.

lodash and You Might Not Need Lodash

A lot of Lodash functions are implemented as combinations of other Lodash functions, so importing a single function actually imports half of Lodash under the hood:

https://github.com/lodash/lodash/blob/main/src/.internal/bas...