Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

funcster

Package Overview
Dependencies
Maintainers
1
Versions
5
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

funcster

Function serialization and deserialization

  • 0.0.5
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
19
decreased by-29.63%
Maintainers
1
Weekly downloads
 
Created
Source

funcster

This library contains utilities for serializing and deserializing functions. It provides recursive traversal to discover both serialized and unserialized functions nested within objects and arrays. This is particularly useful for embedding functions into JSON objects.

Security warning

This package performs the equivalent of eval, and thus should only be used to deserialize functions delivered from trusted sources. Do not use any of the deserialization functions on strings fron untrusted sources.

Installation

npm install funcster

Function reference

serialize(function, [marker])

serialize(function() { return "Hello world!" });
// -> { __js_function: 'function() { return "Hello world!" }' }

deepSerialize(root, [marker])

lib = {
  moduleA: {
    functions: {
      helloWorld: function() { return "Hello world!" }
    }
  },
  moduleB: {
    functions: {
      goodbyeWorld: function() { return "Goodbye world!" }
    }
  },
};

funcster.deepSerialize(lib);

// -> {
//      moduleA: {
//        functions: {
//          helloWorld: { __js_function: 'function() { return "Hello world!" }' }
//        }
//      },
//      moduleB: {
//        functions: {
//          goodbyeWorld: { __js_function: 'function() { return "Goodbye world!" }' }
//        }
//      },
//    }

deepDeserialize(root, [marker, [moduleOpts]])

Security warning

deepDeserialize performs code evaluation on strings, and is susceptible to arbitrary code injection. Please make sure that root comes from a trusted source before using it.

Example
serializedLib = {
  moduleA: {
    functions: {
      helloWorld: { __js_function: 'function() { return "Hello world!" }' }
    }
  },
  moduleB: {
    functions: {
      goodbyeWorld: { __js_function: 'function() { return "Goodbye world!" }' }
    }
  },
};

deserializedLib = funcster.deepDeserialize(serializedLib);
deserializedLib.moduleA.functions.helloWorld(); // -> Hello world!
deserializedLib.moduleB.functions.goodbyeWorld(); // -> Hello world!

Available options:

globals (object)

This option injects objects from the host context into the function evaluation context. The key is the name of the object inside the function evaluation context, and the value is the object in the host context.

deserializedLib = funcster.deepDeserialize(serializedLib, {
  globals: { foo: true }
});
requires (object)

This option injects require-able modules into the function evaluation context. These modules will be re-required in the host context, generating distinct module objects to those that might already exist. This is a safer method of granting serialized functions access to common libraries.

deserializedLib = funcster.deepDeserialize(serializedLib, {
  requires: { _: 'underscore' }
});

Keywords

FAQs

Package last updated on 20 Jun 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc