Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
CoffeeScript-Object-Notation Parser. Same as JSON but for CoffeeScript objects.
require('cson')
npm install --save cson
Everyone knows JSON, it's the thing that looks like this:
{
"abc": [
"a",
"b",
"c"
],
"a": {
"b": "c"
}
}
But with the invention of CoffeeScript you can also write the same thing in CSON which looks like this:
{
# an array
abc: [
'a'
'b'
'c'
]
# an object
a:
b: 'c'
}
Which is far more lenient than JSON, way nicer to write and read, no need to quote everything, has comments and readable multi-line strings, and won't fail if you forget a comma.
With Node.js in JavaScript
// Include CSON
CSON = require('cson');
// Parse a file path
CSON.parseFile('data.cson', function(err,obj){}); // async
result = CSON.parseFileSync('data.cson'); // sync
// Parse a String
CSON.parse(src, function(err,obj){}); // async
result = CSON.parseSync(src); // sync
// Stringify an object to CSON
CSON.stringify(obj, function(err,str){}); // async
result = CSON.stringifySync(obj); // sync
With Node.js in CoffeeScript
# Include CSON
CSON = require('cson')
# Parse a file path
CSON.parseFile 'data.cson', (err,obj) -> # async
result = CSON.parseFileSync('data.cson') # sync
# Parse a string
CSON.parse src, (err,obj) -> # async
result = CSON.parseSync(src) # sync
# Stringify an object to CSON
CSON.stringify data, (err,str) -> # async
result = CSON.stringifySync(obj) # sync
Via the command line (requires a global installation of CSON via npm install -g cson
)
# JSON file to CSON String
json2cson filePath > out.cson
# CSON file to JSON String
cson2json filePath > out.json
CSON is fantastic for developers writing their own configuration to be executed on their own machines, but bad for configuration you can't trust. This is because parsing CSON will execute the CSON input as CoffeeScript code (making it unsafe, so while true
would work) but it does so inside a node virtual machine for isolation (making it secure, so require('fs')
won't work) resulting in the evaluated JavaScript object. This is a non-issue for the only use case which CSON actually makes sense for (developers writing their own configuration to be executed on their own machines). Issue #32 has more information.
Discover the change history by heading on over to the HISTORY.md
file.
Discover how you can contribute by heading on over to the CONTRIBUTING.md
file.
These amazing people are maintaining this project:
No sponsors yet! Will you be the first?
These amazing people have contributed code to this project:
Licensed under the incredibly permissive MIT license
Copyright © 2012+ Bevry Pty Ltd us@bevry.me (http://bevry.me)
Copyright © 2011 Benjamin Lupton b@lupton.cc (http://balupton.com)
v1.6.2 2014 December 11
FAQs
CoffeeScript-Object-Notation Parser. Same as JSON but for CoffeeScript objects.
The npm package cson receives a total of 58,635 weekly downloads. As such, cson popularity was classified as popular.
We found that cson demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.