Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
BSON is short for Binary JSON and is the binary-encoded serialization of JSON-like documents. You can learn more about it in the specification.
This browser version of the BSON parser is compiled using webpack and the current version is pre-compiled in the browser_build
directory.
This is the default BSON parser, however, there is a C++ Node.js addon version as well that does not support the browser. It can be found at mongod-js/bson-ext.
To build a new version perform the following operations:
npm install
npm run build
A simple example of how to use BSON in the browser:
<script src="./browser_build/bson.js"></script>
<script>
function start() {
// Get the Long type
var Long = BSON.Long;
// Create a bson parser instance
var bson = new BSON();
// Serialize document
var doc = { long: Long.fromNumber(100) }
// Serialize a document
var data = bson.serialize(doc)
// De serialize it again
var doc_2 = bson.deserialize(data)
}
</script>
A simple example of how to use BSON in Node.js
:
// Get BSON parser class
var BSON = require('bson')
// Get the Long type
var Long = BSON.Long;
// Create a bson parser instance
var bson = new BSON();
// Serialize document
var doc = { long: Long.fromNumber(100) }
// Serialize a document
var data = bson.serialize(doc)
console.log('data:', data)
// Deserialize the resulting Buffer
var doc_2 = bson.deserialize(data)
console.log('doc_2:', doc_2)
npm install bson
For all BSON types documentation, please refer to the following sources:
new BSON()
- Creates a new BSON serializer/deserializer you can use to serialize and deserialize BSON.
The BSON serialize
method takes a JavaScript object and an optional options object and returns a Node.js Buffer.
BSON.serialize(object, options)
The BSON serializeWithBufferAndIndex
method takes an object, a target buffer instance and an optional options object and returns the end serialization index in the final buffer.
BSON.serializeWithBufferAndIndex(object, buffer, options)
The BSON calculateObjectSize
method takes a JavaScript object and an optional options object and returns the size of the BSON object.
BSON.calculateObjectSize(object, options)
The BSON deserialize
method takes a Node.js Buffer and an optional options object and returns a deserialized JavaScript object.
BSON.deserialize(buffer, options)
The BSON deserializeStream
method takes a Node.js Buffer, startIndex
and allow more control over deserialization of a Buffer containing concatenated BSON documents.
BSON.deserializeStream(buffer, startIndex, numberOfDocuments, documents, docStartIndex, options)
undefined
get converted to null
?The undefined
BSON type has been deprecated for many years, so this library has dropped support for it. Use the ignoreUndefined
option (for example, from the driver ) to instead remove undefined
keys.
This library looks for toBSON()
functions on every path, and calls the toBSON()
function to get the value to serialize.
var bson = new BSON();
class CustomSerialize {
toBSON() {
return 42;
}
}
const obj = { answer: new CustomSerialize() };
// "{ answer: 42 }"
console.log(bson.deserialize(bson.serialize(obj)));
FAQs
A bson parser for node.js and the browser
We found that bson-giga demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.