Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@simwrapper/papaparse
Advanced tools
Readme
SimWrapper uses a modified version of the CSV-parsing "Papaparse" library to address what we consider a bug in Papaparse's handling of quoted string fields and to enhance comment support.
Papaparse has a nice "dynamic typing" feature which converts numeric and boolean fields into actual numbers and booleans in the javascript objects that it returns. Unfortunately, it will convert fields even if they are surrounded by double-quotes. This is absolutely counterintuitive, because our users (most people generally?) use double-quotes to declare that a field is a string, full-stop.
This behavior causes big problems when a field contains something like a US ZIP Code, for example. Boston's ZIP code is 02134. Papaparse returns that as the number 2,134, which is WRonG!
We've also encountered network files where link ID's have leading zeroes, and these also end up getting parsed incorrectly.
Users know that putting double-quotes around a field in Excel will force Excel to interpret that cell as a string even if its content is numeric.
So, this patched version of PapaParse does the same thing: Even when the library's dynamic typing option is enabled, fields surrounded with double-quotes will be returned as strings, not numbers/booleans.
Papaparse includes an option to skip lines beginning with a comment tag, and SimWrapper uses the #
hash/number sign to mark lines that are to be skipped.
But Papaparse throws these comments away, whereas SimWrapper would like to get some meta information about the CSV file using comments. For example, some SimWrapper plugins look for the EPSG coordinate reference system code in comments.
So this modified version of Papaparse builds an array called comments
containing the list of comment lines that is
returned as part of the {data, meta, errors, comments}
object that Papaparse returns.
Papa Parse is the fastest in-browser CSV (or delimited text) parser for JavaScript. It is reliable and correct according to RFC 4180, and it comes with these features:
<input type="file">
elementsPapa Parse has no dependencies - not even jQuery.
papaparse is available on npm. It can be installed with the following command:
npm install papaparse
If you don't want to use npm, papaparse.min.js can be downloaded to your project source.
To learn how to use Papa Parse:
The website is hosted on Github Pages. Its content is also included in the docs folder of this repository. If you want to contribute on it just clone the master of this repository and open a pull request.
Papa Parse can parse a Readable Stream instead of a File when used in Node.js environments (in addition to plain strings). In this mode, encoding
must, if specified, be a Node-supported character encoding. The Papa.LocalChunkSize
, Papa.RemoteChunkSize
, download
, withCredentials
and worker
config options are unavailable.
Papa Parse can also parse in a node streaming style which makes .pipe
available. Simply pipe the Readable Stream to the stream returned from Papa.parse(Papa.NODE_STREAM_INPUT, options)
. The Papa.LocalChunkSize
, Papa.RemoteChunkSize
, download
, withCredentials
, worker
, step
, and complete
config options are unavailable. To register a callback with the stream to process data, use the data
event like so: stream.on('data', callback)
and to signal the end of stream, use the 'end' event like so: stream.on('end', callback)
.
For usage instructions, see the homepage and, for more detail, the documentation.
Papa Parse is under test. Download this repository, run npm install
, then npm test
to run the tests.
To discuss a new feature or ask a question, open an issue. To fix a bug, submit a pull request to be credited with the contributors! Remember, a pull request, with test, is best. You may also discuss on Twitter with #PapaParse or directly to me, @mholt6.
If you contribute a patch, ensure the tests suite is running correctly. We run continuous integration on each pull request and will not accept a patch that breaks the tests.
FAQs
CSV parser for the browser, modified for SimWrapper to handle quoted text strings sanely
The npm package @simwrapper/papaparse receives a total of 13 weekly downloads. As such, @simwrapper/papaparse popularity was classified as not popular.
We found that @simwrapper/papaparse demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.