JavaScript: The Lingua Franca Nobody Deserved

December 6, 2025 Reading: 2 min

This innocent looking npm warning stopped me in my tracks yesterday and prompted me to conduct a mini investigation:

npm install -g snyk
npm warn deprecated boolean@3.2.0: Package no longer supported.
Contact Support at https://www.npmjs.com/support for more info.

I would normally let this sort of thing pass, but the warning popping up while installing Snyk set me off.

Snyk is a developer-focused security platform that helps find, prioritize, and fix vulnerabilities in code, open-source dependencies, […]

I’m not sure if boolean is one of Snyk’s internal dependencies, but the package’s generic looking nature made me raise an eyebrow.

The package is tiny and offers just two functions with elementary functionality related to.. booleans:

function boolean(value: any): Bool {}
function isBooleanable(value: any): Bool {}

The implementations are straightforward anyone can replicate them, but reading through them reminded me again of what a terrible programming language JavaScript still is. It is truly the web’s lingua franca that nobody deserved.

Consider the boolean() function:

const boolean = function (value: any): boolean {
  switch (Object.prototype.toString.call(value)) {
    case '[object String]':
      return [ 'true', 't', 'yes', 'y', 'on', '1' ].includes(value.trim().toLowerCase());

    case '[object Number]':
      return value.valueOf() === 1;

    case '[object Boolean]':
      return value.valueOf();

    default:
      return false;
  }
};

It appears to expand JavaScript’s built-in truthy evaluation by adding t, yes, y, on and 1 to the list of String values that evaluate to true.

Uh… WHY?

Apparently, the existing fuzzy rules around truthy values weren’t fuzzy enough.

According to geekforgeeks.org “understanding truthy values helps you write concise and readable code” but then, in the same breath, warns that

[…] truthy values in JavaScript include any value that isn’t explicitly falsy. This simple rule makes JavaScript flexible but also requires attention to detail to avoid unexpected behavior. Remember, non-zero numbers, non-empty strings, objects, arrays, functions, symbols, and dates are all truthy—making JavaScript both powerful and occasionally quirky.

OCCASIONALLY QUIRKY.

Soft-evaluating all sorts of values to Booleans is bad enough. Adding more arbitrary values to the mix only adds more noise—let alone as a generic, application-wide utility called boolean()!

If a team member of mine attempted to add this level of “utility” function, we’d for sure need to have a serious chat 👺

Anyway, nothing says ‘developer-focused security’ quite like shipping deprecated boolean utilities.