Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
The borsh npm package is a JavaScript implementation of the Binary Object Representation Serializer for Hashing (BORSH) serialization format. It is used to serialize and deserialize complex data structures in a compact binary format, which is particularly useful in blockchain and other performance-critical applications.
Serialization
This feature allows you to serialize JavaScript objects into a binary format. The code sample demonstrates how to define a schema for a class and serialize an instance of that class.
const borsh = require('borsh');
class Greeting {
constructor({ message }) {
this.message = message;
}
}
const schema = new Map([
[Greeting, { kind: 'struct', fields: [['message', 'string']] }]
]);
const greeting = new Greeting({ message: 'Hello, world!' });
const serialized = borsh.serialize(schema, greeting);
console.log(serialized);
Deserialization
This feature allows you to deserialize binary data back into JavaScript objects. The code sample shows how to deserialize a binary array into an instance of a class using a predefined schema.
const borsh = require('borsh');
class Greeting {
constructor({ message }) {
this.message = message;
}
}
const schema = new Map([
[Greeting, { kind: 'struct', fields: [['message', 'string']] }]
]);
const serialized = new Uint8Array([10, 0, 0, 0, 72, 101, 108, 108, 111, 44, 32, 119, 111, 114, 108, 100, 33]);
const deserialized = borsh.deserialize(schema, Greeting, serialized);
console.log(deserialized);
protobufjs is a JavaScript implementation of Protocol Buffers, a language-neutral, platform-neutral, extensible mechanism for serializing structured data. It is similar to borsh in that it provides efficient serialization and deserialization of complex data structures, but it uses a different format and is more widely adopted in various industries.
msgpack-lite is a JavaScript implementation of the MessagePack serialization format. Like borsh, it provides a compact binary format for serializing and deserializing data. However, MessagePack is a more general-purpose format and is used in a variety of applications beyond blockchain.
avsc is a JavaScript library for working with Avro, a data serialization system. Avro is similar to borsh in that it provides a compact binary format for data serialization, but it also includes features for schema evolution and is widely used in big data applications.
Borsh JS is an implementation of the Borsh binary serialization format for JavaScript and TypeScript projects.
Borsh stands for Binary Object Representation Serializer for Hashing. It is meant to be used in security-critical projects as it prioritizes consistency, safety, speed, and comes with a strict specification.
const value = new Test({ x: 255, y: 20, z: '123', q: [1, 2, 3] });
const schema = new Map([[Test, { kind: 'struct', fields: [['x', 'u8'], ['y', 'u64'], ['z', 'string'], ['q', [3]]] }]]);
const buffer = borsh.serialize(schema, value);
const newValue = borsh.deserialize(schema, Test, buffer);
Borsh | TypeScript |
---|---|
u8 integer | number |
u16 integer | number |
u32 integer | number |
u64 integer | BN |
u128 integer | BN |
u256 integer | BN |
u512 integer | BN |
f32 float | N/A |
f64 float | N/A |
fixed-size byte array | Uint8Array |
UTF-8 string | string |
option | null or type |
map | N/A |
set | N/A |
structs | any |
Install dependencies:
yarn install
Continuously build with:
yarn dev
Run tests:
yarn test
Run linter
yarn lint
Prepare dist
version by running:
yarn build
When publishing to npm use np.
This repository is distributed under the terms of both the MIT license and the Apache License (Version 2.0). See LICENSE-MIT and LICENSE-APACHE for details.
FAQs
Binary Object Representation Serializer for Hashing
The npm package borsh receives a total of 214,655 weekly downloads. As such, borsh popularity was classified as popular.
We found that borsh demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.