Security News
JSR Working Group Kicks Off with Ambitious Roadmap and Plans for Open Governance
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
@msgpack/msgpack
Advanced tools
@msgpack/msgpack is an npm package that provides functionality for encoding and decoding data using the MessagePack format. MessagePack is a binary serialization format that is more efficient than JSON in terms of both size and speed. This package allows you to serialize JavaScript objects into a compact binary format and deserialize them back into JavaScript objects.
Encoding Data
This feature allows you to encode a JavaScript object into a MessagePack binary format. The `encode` function takes a JavaScript object and returns a Buffer containing the binary data.
const msgpack = require('@msgpack/msgpack');
const data = { foo: 'bar', num: 42 };
const encoded = msgpack.encode(data);
console.log(encoded);
Decoding Data
This feature allows you to decode a MessagePack binary format back into a JavaScript object. The `decode` function takes a Buffer containing the binary data and returns the original JavaScript object.
const msgpack = require('@msgpack/msgpack');
const encoded = Buffer.from([0x82, 0xa3, 0x66, 0x6f, 0x6f, 0xa3, 0x62, 0x61, 0x72, 0xa3, 0x6e, 0x75, 0x6d, 0x2a]);
const decoded = msgpack.decode(encoded);
console.log(decoded);
Custom Extension Types
This feature allows you to define custom extension types for encoding and decoding. You can use `addExtPacker` to specify how to serialize a custom type and `addExtUnpacker` to specify how to deserialize it.
const msgpack = require('@msgpack/msgpack');
class MyType {
constructor(value) {
this.value = value;
}
}
msgpack.addExtPacker(0x01, MyType, (obj) => msgpack.encode(obj.value));
msgpack.addExtUnpacker(0x01, (data) => new MyType(msgpack.decode(data)));
const myObj = new MyType('custom data');
const encoded = msgpack.encode(myObj);
const decoded = msgpack.decode(encoded);
console.log(decoded);
msgpack-lite is another npm package for MessagePack serialization. It is designed to be lightweight and fast, with a focus on performance. Compared to @msgpack/msgpack, msgpack-lite may have fewer features but is optimized for speed and small bundle size.
notepack.io is a fast and small MessagePack implementation for JavaScript. It is designed to be highly efficient and is often used in performance-critical applications. Compared to @msgpack/msgpack, notepack.io is more focused on performance and may offer better speed at the cost of some additional features.
msgpack5 is a pure JavaScript implementation of the MessagePack format. It supports both encoding and decoding, as well as custom extension types. Compared to @msgpack/msgpack, msgpack5 offers similar functionality but may have different performance characteristics and API design.
This is a JavaScript/ECMA-262 implementation of MessagePack, an efficient binary serilization format:
This library is compatible with the "August 2017" revision of MessagePack specification at the point where timestamp ext was added.
import { deepStrictEqual } from "assert";
import { encode, decode } from "@msgpack/msgpack";
const object = {
nil: null,
integer: 1,
float: Math.PI,
string: "Hello, world!",
binary: Uint8Array.from([1, 2, 3]),
array: [10, 20, 30],
map: { foo: "bar" },
timestampExt: new Date(),
};
const encoded: Uint8Array = encode(object);
deepStrictEqual(decode(encoded), object);
This library is publised as @msgpack/msgpack in npmjs.com.
npm install @msgpack/msgpack
encode(data: unknown, options?: EncodeOptions): Uint8Array
It encodes data
and returns a byte array as Uint8Array
.
decode(buffer: ArrayLike<number> | Uint8Array, options?: DecodeOptions): unknown
It decodes buffer
in a byte buffer and returns decoded data as uknown
.
Name | Type | Default |
---|---|---|
extensionCodec | ExtensionCodec | ExtensinCodec.defaultCodec |
maxStrLength | number | 4_294_967_295 (UINT32_MAX) |
maxBinLength | number | 4_294_967_295 (UINT32_MAX) |
maxArrayLength | number | 4_294_967_295 (UINT32_MAX) |
maxMapLength | number | 4_294_967_295 (UINT32_MAX) |
maxExtLength | number | 4_294_967_295 (UINT32_MAX) |
You can use max${Type}Length
to limit the length of each type decoded.
decodeAsync(stream: AsyncIterable<ArrayLike<number> | Uint8Array>, options?: DecodeAsyncOptions): Promise<unknown>
It decodes stream
in an async iterable of byte arrays and returns decoded data as uknown
wrapped in Promise
. This function works asyncronously.
Note that decodeAsync()
acceps the same options as decode()
.
To handle MessagePack Extension Types, this library provides ExtensionCodec
class.
Here is an example to setup custom extension types that handles Map
and Set
classes in TypeScript:
import { encode, decode, ExtensionCodec } from "@msgpack/msgpack";
const extensionCodec = new ExtensionCodec();
// Set<T>
const SET_EXT_TYPE = 0 // Any in 0-127
extensionCodec.register({
type: SET_EXT_TYPE,
encode: (object: unknown): Uint8Array | null => {
if (object instanceof Set) {
return encode([...object]);
} else {
return null;
}
},
decode: (data: Uint8Array) => {
const array = decode(data) as Array<unknown>;
return new Set(array);
},
});
// Map<T>
const MAP_EXT_TYPE = 1; // Any in 0-127
extensionCodec.register({
type: 1,
encode: (object: unknown): Uint8Array => {
if (object instanceof Map) {
return encode([...object]);
} else {
return null;
}
},
decode: (data: Uint8Array) => {
const array = decode(data) as Array<[unknown, unknown]>;
return new Map(array);
},
});
// and later
import { encode, decode } from "@msgpack/msgpack";
const encoded = = encode([new Set<any>(), new Map<any, any>()], { extensionCodec });
const decoded = decode(encoded, { extensionCodec });
Not that extension types for custom objects must be [0, 127]
, while [-1, -128]
is reserved for MessagePack itself.
This library does not handle BigInt by default, but you can handle it with ExtensionCodec
like this:
import { deepStrictEqual } from "assert";
import { encode, decode, ExtensionCodec } from "@msgpack/msgpack";
const BIGINT_EXT_TYPE = 0; // Any in 0-127
const extensionCodec = new ExtensionCodec();
extensionCodec.register({
type: BIGINT_EXT_TYPE,
encode: (input: unknown) => {
if (typeof input === "bigint") {
return encode(input.toString());
} else {
return null;
}
},
decode: (data: Uint8Array) => {
return BigInt(decode(data));
},
});
const value = BigInt(Number.MAX_SAFE_INTEGER) + BigInt(1);
const encoded: = encode(value, { extensionCodec });
deepStrictEqual(decode(encoded, { extensionCodec }), value);
The following table shows how JavaScript values are mapped to MessagePack formats and vice versa.
Source Value | MessagePack Format | Value Decoded |
---|---|---|
null, undefined | nil format family | null (*1) |
boolean (true, false) | bool format family | boolean (true, false) |
number (53-bit int) | int format family | number (53-bit int) |
number (64-bit float) | float format family | number (64-bit float) |
string | str format family | string |
ArrayBufferView | bin format family | Uint8Array (*2) |
Array | array format family | Array |
Object | map format family | Object (*3) |
Date | timestamp ext format family | Date (*4) |
null
and undefined
are mapped to nil
(0xC0
) type, and are decoded into null
ArrayBufferView
s including NodeJS's Buffer
are mapped to bin
family, and are decoded into Uint8Array
Object
, it is regarded as Record<string, unknown>
in terms of TypeScriptDate
. This behavior can be overrided by registering -1
for the extension codec.This is a universal JavaScript library that supports major browsers and NodeJS.
ES2018 standard library used in this library can be polyfilled. For example, core-js is used as polyfills to run tests on IE11, which has only ES5 language features.
NodeJS v10 is required, but NodeJS v12 or later is recommended because it includes the V8 feature of Improving DataView performance in V8.
Benchmark on NodeJS/v12.3.1
operation | op | ms | op/s |
---|---|---|---|
buf = Buffer.from(JSON.stringify(obj)); | 497600 | 5000 | 99520 |
buf = JSON.stringify(obj); | 969500 | 5000 | 193900 |
obj = JSON.parse(buf); | 345300 | 5000 | 69060 |
buf = require("msgpack-lite").encode(obj); | 369100 | 5000 | 73820 |
obj = require("msgpack-lite").decode(buf); | 278900 | 5000 | 55780 |
buf = require("@msgpack/msgpack").encode(obj); | 556900 | 5000 | 111380 |
obj = require("@msgpack/msgpack").decode(buf); | 502200 | 5000 | 100440 |
Note that Buffer.from()
for JSON.stringify()
is added to emulate I/O where a JavaScript string must be converted into a byte array encoded in UTF-8, whereas MessagePack's encode()
returns a byte array.
The NPM package distributed in npmjs.com includes both ES2015+ and ES5 files:
/dist
is compiled into ES2015+/dist.es5
is compiled into ES5 and bundled to singile fileIf you use NodeJS and/or webpack, their module resolvers use the suitable one automatically.
test matrix:
WASM=force
/ WASM=never
target=es2019
/ target=es5
See test:* in package.json and .travis.yml for details.
# run tests on NodeJS, Chrome, and Firefox
make test-all
# edit the changelog
code CHANGELOG.md
# run the publishing task
make publish
Cross-browser Testing Platform and Open Source <3 Provided by Sauce Labs.
Copyright 2019 The MessagePack community.
This software uses the ISC license:
https://opensource.org/licenses/ISC
See LICENSE for details.
v1.2.3 2019/05/29
https://github.com/msgpack/msgpack-javascript/compare/v1.2.2...v1.2.3
FAQs
MessagePack for ECMA-262/JavaScript/TypeScript
The npm package @msgpack/msgpack receives a total of 233,696 weekly downloads. As such, @msgpack/msgpack popularity was classified as popular.
We found that @msgpack/msgpack demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
At its inaugural meeting, the JSR Working Group outlined plans for an open governance model and a roadmap to enhance JavaScript package management.
Security News
Research
An advanced npm supply chain attack is leveraging Ethereum smart contracts for decentralized, persistent malware control, evading traditional defenses.
Security News
Research
Attackers are impersonating Sindre Sorhus on npm with a fake 'chalk-node' package containing a malicious backdoor to compromise developers' projects.