Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

cson

Package Overview
Dependencies
Maintainers
1
Versions
113
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cson

CoffeeScript-Object-Notation Parser. Same as JSON but for CoffeeScript objects.

  • 1.6.2
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
73K
increased by13.91%
Maintainers
1
Weekly downloads
 
Created
Source

CSON

Build Status NPM version NPM downloads Dependency Status Dev Dependency Status
Gratipay donate button Flattr donate button PayPayl donate button BitCoin donate button Wishlist browse button

CoffeeScript-Object-Notation Parser. Same as JSON but for CoffeeScript objects.

Projects using CSON.

Install

NPM

  • Use: require('cson')
  • Install: npm install --save cson

What is CSON?

Everyone knows JSON, it's the thing that looks like this:

{
	"abc": [
		"a",
		"b",
		"c"
	],
	"a": {
		"b": "c"
	}
}

But with the invention of CoffeeScript you can also write the same thing in CSON which looks like this:

{
	# an array
	abc: [
		'a'
		'b'
		'c'
	]

	# an object
	a:
		b: 'c'
}

Which is far more lenient than JSON, way nicer to write and read, no need to quote everything, has comments and readable multi-line strings, and won't fail if you forget a comma.

Using CSON

  • With Node.js in JavaScript

    // Include CSON
    CSON = require('cson');
    
    // Parse a file path
    CSON.parseFile('data.cson', function(err,obj){});  // async
    result = CSON.parseFileSync('data.cson');  // sync
    
    // Parse a String
    CSON.parse(src, function(err,obj){});  // async
    result = CSON.parseSync(src);  // sync
    
    // Stringify an object to CSON
    CSON.stringify(obj, function(err,str){});  // async
    result = CSON.stringifySync(obj);  // sync
    
  • With Node.js in CoffeeScript

    # Include CSON
    CSON = require('cson')
    
    # Parse a file path
    CSON.parseFile 'data.cson', (err,obj) ->  # async
    result = CSON.parseFileSync('data.cson')  # sync
    
    # Parse a string
    CSON.parse src, (err,obj) ->  # async
    result = CSON.parseSync(src)  # sync
    
    # Stringify an object to CSON
    CSON.stringify data, (err,str) ->  # async
    result = CSON.stringifySync(obj)  # sync
    
    
    
  • Via the command line (requires a global installation of CSON via npm install -g cson)

    # JSON file to CSON String
    json2cson filePath > out.cson
    
    # CSON file to JSON String
    cson2json filePath > out.json
    

Use Case

CSON is fantastic for developers writing their own configuration to be executed on their own machines, but bad for configuration you can't trust. This is because parsing CSON will execute the CSON input as CoffeeScript code (making it unsafe, so while true would work) but it does so inside a node virtual machine for isolation (making it secure, so require('fs') won't work) resulting in the evaluated JavaScript object. This is a non-issue for the only use case which CSON actually makes sense for (developers writing their own configuration to be executed on their own machines). Issue #32 has more information.

History

Discover the change history by heading on over to the HISTORY.md file.

Contribute

Discover how you can contribute by heading on over to the CONTRIBUTING.md file.

Backers

Maintainers

These amazing people are maintaining this project:

Sponsors

No sponsors yet! Will you be the first?

Gratipay donate button Flattr donate button PayPayl donate button BitCoin donate button Wishlist browse button

Contributors

These amazing people have contributed code to this project:

Become a contributor!

License

Licensed under the incredibly permissive MIT license

Copyright © 2012+ Bevry Pty Ltd us@bevry.me (http://bevry.me)
Copyright © 2011 Benjamin Lupton b@lupton.cc (http://balupton.com)

Keywords

FAQs

Package last updated on 12 Dec 2014

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc