Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
fast-json-patch
Advanced tools
JSON-Patch allows you to update a JSON document by sending the changes rather than the whole document.
The fast-json-patch package allows for the observation of changes to a JSON document, generating JSON Patch documents to capture these changes, and applying such patches to JSON documents. It is useful for efficiently synchronizing JSON data between clients and servers or among components of an application.
Generating patches
This feature allows for the observation of a JSON document and the generation of a JSON Patch document representing the changes made to the observed document.
const jsonpatch = require('fast-json-patch');
const document = { firstName: 'Albert', contact: { phone: '123' } };
const observer = jsonpatch.observe(document);
document.firstName = 'Joachim';
document.contact.phone = '456';
const patches = jsonpatch.generate(observer);
Applying patches
This feature applies a JSON Patch document to a JSON document, modifying the target document according to the operations described in the patch.
const jsonpatch = require('fast-json-patch');
const document = { firstName: 'Albert', contact: { phone: '123' } };
const patches = [{ op: 'replace', path: '/firstName', value: 'Joachim' }, { op: 'replace', path: '/contact/phone', value: '456' }];
jsonpatch.applyPatch(document, patches);
Validating a sequence of operations
This feature validates a sequence of operations against a JSON document to ensure they can be applied without errors, providing a way to check patches for correctness before application.
const jsonpatch = require('fast-json-patch');
const document = { firstName: 'Albert', contact: { phone: '123' } };
const patches = [{ op: 'replace', path: '/firstName', value: 'Joachim' }, { op: 'add', path: '/lastName', value: 'Wagner' }];
const validationResult = jsonpatch.validate(patches, document);
Similar to fast-json-patch, jsonpatch also allows for the generation and application of JSON Patch documents. The main difference lies in the implementation details and performance optimizations, with fast-json-patch focusing on speed.
Immer is designed for working with immutable data structures and can be used to generate patches in a way similar to fast-json-patch. However, Immer focuses more on producing the next immutable state given the current state and changes, rather than directly working with JSON Patch documents.
A leaner and meaner implementation of JSON-Patch. Small footprint. High performance. Also support dual directions! I.e. you can both apply patches and generate patches.
JSON-Patch (RFC6902) is a standard format that allows you to update a JSON document by sending the changes rather than the whole document. JSON Patch plays well with the HTTP PATCH verb (method) and REST style programming.
Mark Nottingham has a nice blog about it.
0.5 KB minified and gzipped (1.1 KB minified)
Install the current version (and save it as a dependency):
$ npm install fast-json-patch --save
$ bower install fast-json-patch --save
Include json-patch.js
if you want support for applying patches or
include json-patch-duplex.js
if you also want to generate patches.
Call require to get the instance:
var jsonpatch = require('fast-json-patch')
:bulb: Node.js supports native Object.observe
in preview release 0.11.x (and only when started with --harmony_observation
flag). With stable versions of Node, a shimmed version of Object.observe
is used.
Applying patches:
var myobj = { firstName:"Albert", contactDetails: { phoneNumbers: [ ] } };
var patches = [
{op:"replace", path:"/firstName", value:"Joachim" },
{op:"add", path:"/lastName", value:"Wester" },
{op:"add", path:"/contactDetails/phoneNumbers/0", value:{ number:"555-123" } }
];
jsonpatch.apply( myobj, patches );
// myobj == { firstName:"Joachim", lastName:"Wester", contactDetails:{ phoneNumbers[ {number:"555-123"} ] } };
Generating patches:
var myobj = { firstName:"Joachim", lastName:"Wester", contactDetails: { phoneNumbers: [ { number:"555-123" }] } };
observer = jsonpatch.observe( myobj );
myobj.firstName = "Albert";
myobj.contactDetails.phoneNumbers[0].number = "123";
myobj.contactDetails.phoneNumbers.push({number:"456"});
var patches = jsonpatch.generate(observer);
// patches == [
// { op:"replace", path="/firstName", value:"Albert"},
// { op:"replace", path="/contactDetails/phoneNumbers/0/number", value:"123"},
// { op:"add", path="/contactDetails/phoneNumbers/1", value:{number:"456"}}];
Comparing two object trees:
var objA = {user: {firstName: "Albert", lastName: "Einstein"}};
var objB = {user: {firstName: "Albert", lastName: "Collins"}};
var diff = jsonpatch.compare(objA, objB));
//diff == [{op: "replace", path: "/user/lastName", value: "Collins"}]
src/patchtest.html
in your web browsersrc/test-duplex.html
in your web browserEach of the test suite files contains Jasmine unit test suite and JSLitmus performance test suite.
To run JSLitmus performance tests, press "Run Tests" button.
npm install jasmine-node -g
jasmine-node --matchall --config duplex no src/test.js
jasmine-node --matchall --config duplex yes src/test.js src/test-duplex.js
obj
Object, patches
Array) : booleanAvailable in json-patch.js and json-patch-duplex.js
Applies patches
array on obj
.
If patch was succesfully applied, returns true
. Otherwise returns false
.
If there was a test
patch in patches
array, returns the result of the test.
If there was more then one patch in the array, the result of the last patch is returned.
obj
Object, callback
Function (optional)) : observer
ObjectAvailable in json-patch-duplex.js
Sets up an deep observer on obj
that listens for changes in object tree. When changes are detected, the optional
callback is called with the generated patches array as the parameter.
Returns observer
.
obj
Object, observer
Object) : patches
ArrayAvailable in json-patch-duplex.js
If there are pending changes in obj
, returns them synchronously. If a callback
was defined in observe
method, it will be triggered synchronously as well.
If there are no pending changes in obj
, returns an empty array.
obj
Object, observer
Object) : voidAvailable in json-patch-duplex.js
Destroys the observer set up on obj
.
Any remaining changes are delivered synchronously (as in jsonpatch.generate
). Note: this is different that ES6/7 Object.unobserve
, which delivers remaining changes asynchronously.
obj1
Object, obj2
Object) : patches
ArrayAvailable in json-patch-duplex.js
Compares object trees obj1
and obj2
and returns the difference relative to obj1
as a patches array.
If there are no differences, returns an empty array.
Feature:
jsonpatch.compare
for comparing two object treesFeature:
Feature:
compare
(#24)Update:
Bugfix:
Bugfix:
remove
patches in reverse order, so they can be correctly applied in order they were generated (#16)Bugfixes:
~
and /
characters in poiner paths (#19)length
(only in native Object.observe version) (#14)jsonpatch.unobserve
now delivers pending changes immediately (previously last-minute changes could be lost)Object.observe
(Chrome)FAQs
Fast implementation of JSON-Patch (RFC-6902) with duplex (observe changes) capabilities
The npm package fast-json-patch receives a total of 2,470,516 weekly downloads. As such, fast-json-patch popularity was classified as popular.
We found that fast-json-patch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.