Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Readme
eon is a format for storing information, that is like JSON in every way, except that it supports comments.
It was created because people use JSON for human-edited configuration files, and human-edited configuration files should support comments.
The format is the same as JSON's, according to the JSON specification,
except that single line (// comment
) and multiline (/* comment */
)
comments, as specified by the EcmaScript specification, are ignored.
This node.js package includes a parser based on Zach Carter's JSON parser in his JSON Lint module, which uses jison. jison is needed to build the the parser but not at runtime.
You can install eon from npm.
To convert a file from eon to json, run:
npm install -g eon
eon package.eon
This will write package.json (overwriting it if it exists).
require('./eon')('{/* hi */"x":3}')
No I'm not. I don't condone using the .json
extension or the
application/json
content type. Instead use .eon
and application/eon
.
This isn't a JSON dialect. This accepts a superset of JSON.
I like the simplicity of JSON. I don't even mind that JSON disallows comments, when it is being used purely as a serialization format. The addition of comments is all I need to make JSON palatable for configuration files.
JSON, and eon, are more lightweight, and more people understand JSON than YAML.
I prefer to use the single-line comment syntax most of the time, but sometimes JSON is restricted to one object per line, in log files. This might happen with eon, too. If there is one object per line, the multiline syntax might be handy for commenting part of a complex expresssion.
They're on the way! But in the meantime you can use the node.js command-line utility to convert to JSON first.
Initial version implemented.
Thank you:
Copyright 2012 Ben Atkin. Released under the terms of the MIT License.
Copyright 2012 Zach Carter. Released under the terms of the MIT License.
FAQs
Unknown package
The npm package eon receives a total of 3 weekly downloads. As such, eon popularity was classified as not popular.
We found that eon demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.