Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
bower-json
Advanced tools
Read bower.json files with semantics, normalisation, defaults and validation
Read bower.json
files with semantics, normalisation, defaults and validation.
Install via npm: npm install --save bower-json
Reads file
and applies normalisation, defaults and validation according to the bower.json
spec.
If the passed file
does not exist, the callback is called with error.code
equal to ENOENT
.
If the passed file
contents are not valid JSON, the callback is called with error.code
equal to EMALFORMED
.
If the json
does not comply with the bower.json
spec, the callback is called with error.code
equal to EINVALID
.
If file
is a directory, find()
will be used to search for the json file.
The options
argument is optional and can be omitted. These options will be passed to parse
method.
var bowerJson = require('bower-json');
// Can also be used by simply calling bowerJson()
bowerJson.read('/path/to/bower.json', function (err, json) {
if (err) {
console.error('There was an error reading the file');
console.error(err.message);
return;
}
console.log('JSON: ', json);
});
Parses an object. Useful when you want to apply normalisation and validation directly to an object.
If the json
does not comply with the bower.json
spec, an error is thrown with error.code
equal to EINVALID
.
The options
arguments is optional and can be omitted. Available options:
true
false
json
object instead of using it directly, defaults to false
var bowerJson = require('bower-json');
var json = {
name: 'my-package',
version: '0.0.1'
};
try {
bowerJson.parse(json);
} catch (err) {
console.error('There was an error parsing the object');
console.error(err.message);
}
Validates the passed json
object.
Returns an object with errors and warnings of this bower.json contents.
var bowerJson = require('bower-json');
var json = {
name: 'myPackage',
version: '0.0.1',
main: {}
};
var issues = bowerJson.getIssues(json);
expect(issues).toEqual({
errors: ['The "main" field has to be either an Array or a String'],
warnings: ['The "name" must be lowercase']
});
#### .validate(json)
Validates the passed `json` object.
Throws an error with `error.code` equal to `EINVALID` if it does not comply with the spec.
```js
var bowerJson = require('bower-json');
var json = {
name: 'myPackage',
version: '0.0.1'
};
try {
bowerJson.validate(json);
} catch (err) {
console.error('There was an error validating the object');
console.error(err.message);
}
var bowerJson = require('bower-json');
var json = {
name: 'my-package',
version: '0.0.1',
main: 'foo.js,bar.js'
};
bowerJson.normalize(json);
json.main // ['foo.js', 'bar.js']
Finds the json
filename inside a folder.
Checks if a bower.json
exists, falling back to component.json
(deprecated) and .bower.json
.
If no file was found, the callback is called with a error.code
of ENOENT
.
var bowerJson = require('bower-json');
bowerJson.find('/path/to/folder', function (err, filename) {
if (err) {
console.error('There is no json file in the folder');
return;
}
console.log('Filename: ', filename);
// Now that we got the filename, we can read its contents
bowerJson.read(filename, function (err, json) {
if (err) {
console.error('There was an error reading the file');
console.error(err.message);
return;
}
console.log('JSON: ', json);
});
});
Released under the MIT License.
FAQs
Read bower.json files with semantics, normalisation, defaults and validation
The npm package bower-json receives a total of 64,915 weekly downloads. As such, bower-json popularity was classified as popular.
We found that bower-json demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.