Security News
RubyGems.org Adds New Maintainer Role
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
@stoplight/yaml
Advanced tools
@stoplight/yaml is a versatile npm package that provides utilities for parsing, stringifying, and processing YAML data. It is particularly useful for developers working with YAML configurations, API specifications, and other structured data formats.
Parsing YAML to JavaScript Object
This feature allows you to convert a YAML string into a JavaScript object. The `parse` function takes a YAML string as input and returns the corresponding JavaScript object.
const { parse } = require('@stoplight/yaml');
const yamlString = 'key: value\nlist:\n - item1\n - item2';
const jsObject = parse(yamlString);
console.log(jsObject);
Stringifying JavaScript Object to YAML
This feature allows you to convert a JavaScript object into a YAML string. The `stringify` function takes a JavaScript object as input and returns the corresponding YAML string.
const { stringify } = require('@stoplight/yaml');
const jsObject = { key: 'value', list: ['item1', 'item2'] };
const yamlString = stringify(jsObject);
console.log(yamlString);
Handling YAML Errors
This feature demonstrates how to handle errors that may occur during YAML parsing. The `parse` function will throw an error if the input YAML string is invalid, which can be caught and handled appropriately.
const { parse } = require('@stoplight/yaml');
try {
const jsObject = parse('invalid: yaml: string');
} catch (error) {
console.error('YAML parsing error:', error.message);
}
js-yaml is a popular YAML parser and dumper for JavaScript. It provides similar functionalities to @stoplight/yaml, such as parsing YAML strings to JavaScript objects and stringifying JavaScript objects to YAML. It is widely used and well-documented, making it a strong alternative.
yaml is another robust YAML parser and stringifier for JavaScript. It offers a comprehensive set of features, including support for custom tags and schema definitions. It is known for its performance and flexibility, making it a good choice for complex YAML processing tasks.
yamljs is a lightweight YAML parser and stringifier for JavaScript. It provides basic functionalities for converting between YAML strings and JavaScript objects. While it may not have as many features as some other packages, it is easy to use and suitable for simple YAML processing needs.
Useful functions when working with YAML.
Supported in modern browsers and node.
# latest stable
yarn add @stoplight/yaml
// basic example of parseWithPointers
import { parseWithPointers } from "@stoplight/yaml";
const result = parseWithPointers("foo: bar");
console.log(result.data); // => the {foo: "bar"} JS object
// basic example of getJsonPathForPosition and getLocationForJsonPath
import { getJsonPathForPosition, getLocationForJsonPath, parseWithPointers } from "@stoplight/yaml";
const result = parseWithPointers(`hello: world
address:
street: 123`
);
const path = getJsonPathForPosition(result, { line: 2, character: 7 }); // line and character are 0-based
console.log(path); // -> ["address", "street"];
const position = getLocationForJsonPath(result, ['address']);
console.log(position.range.start); // { line: 1, character: 8 } line and character are 0-based
console.log(position.range.end); // { line: 2, character: 15 } line and character are 0-based
feature/{name}
, chore/{name}
, or fix/{name}
branch.yarn
.yarn test.prod
.yarn commit
. NOTE: Commits that don't follow the conventional format will be rejected. yarn commit
creates this format for you, or you can put it together manually and then do a regular git commit
.git push
.next
branch.FAQs
Useful functions when working with YAML.
The npm package @stoplight/yaml receives a total of 538,440 weekly downloads. As such, @stoplight/yaml popularity was classified as popular.
We found that @stoplight/yaml demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.
Security News
Research
Socket's threat research team has detected five malicious npm packages targeting Roblox developers, deploying malware to steal credentials and personal data.