Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
javascript-stringify
Advanced tools
The javascript-stringify npm package is designed to safely serialize JavaScript expressions to a string representation that can be readily parsed by JavaScript engines. This is particularly useful for scenarios where you need to generate code or serialize objects and functions in a way that retains their behavior and structure.
Serialize Objects
This feature allows the serialization of objects into a string format that can be evaluated by JavaScript. Useful for logging or storing configurations.
const stringify = require('javascript-stringify');
const object = { a: 1, b: 'text', c: true };
const stringified = stringify(object);
console.log(stringified);
Serialize Functions
Enables the serialization of functions, preserving the function's structure and content. Ideal for scenarios where functions need to be transmitted or stored and later reconstructed.
const stringify = require('javascript-stringify');
function exampleFunction() {
return 'Hello, World!';
}
const stringified = stringify(exampleFunction);
console.log(stringified);
Custom Serialization
Supports custom serialization options such as limiting the depth of serialization. This is useful for complex objects where deep nesting occurs.
const stringify = require('javascript-stringify');
const object = { a: 1, b: undefined, c: function() {} };
const stringified = stringify(object, null, null, { maxDepth: 3 });
console.log(stringified);
Similar to javascript-stringify, json-stringify-safe handles circular dependencies gracefully when serializing objects to JSON. However, it does not handle functions or provide options for custom serialization depth.
This package offers functionality similar to javascript-stringify by allowing serialization of objects including functions and regex expressions. It provides XSS protection which javascript-stringify does not focus on.
Stringify is to eval
as JSON.stringify
is to JSON.parse
.
npm install javascript-stringify --save
bower install javascript-stringify --save
var javascriptStringify = require('javascript-stringify');
define(function (require, exports, module) {
var javascriptStringify = require('javascript-stringify');
});
<script>
tag<script src="javascript-stringify.js"></script>
javascriptStringify(value[, replacer [, space [, options]]])
The API is similar to JSON.stringify
. However, any value returned by the replacer will be used literally. For this reason, the replacer is passed three arguments - value
, indentation
and stringify
. If you need to continue the stringification process inside your replacer, you can call stringify
with the updated value.
The options
object allows some additional configuration:
javascriptStringify({}); // "{}"
javascriptStringify(true); // "true"
javascriptStringify('foo'); // "'foo'"
javascriptStringify({ x: 5, y: 6}); // "{x:5,y:6}"
javascriptStringify([1, 2, 3, 'string']); // "[1,2,3,'string']"
javascriptStringify({ a: { b: { c: 1 } } }, null, null, { maxDepth: 2 }); // "{a:{b:{}}}"
/**
* Invalid key names are automatically stringified.
*/
javascriptStringify({ 'some-key': 10 }); // "{'some-key':10}"
/**
* Some object types and values can remain identical.
*/
javascriptStringify([/.+/ig, new Number(10), new Date()]); // "[/.+/gi,new Number(10),new Date(1406623295732)]"
/**
* Unknown or circular references are removed.
*/
var obj = { x: 10 };
obj.circular = obj;
javascriptStringify(obj); // "{x:10}"
/**
* Specify indentation - just like `JSON.stringify`.
*/
javascriptStringify({ a: 2 }, null, ' '); // "{\n a: 2\n}"
javascriptStringify({ uno: 1, dos : 2 }, null, '\t'); // "{\n\tuno: 1,\n\tdos: 2\n}"
/**
* Add custom replacer behaviour - like double quoted strings.
*/
javascriptStringify(['test', 'string'], function (value, indent, stringify) {
if (typeof value === 'string') {
return '"' + value.replace(/"/g, '\\"') + '"';
}
return stringify(value);
});
//=> '["test","string"]'
MIT
FAQs
Stringify is to `eval` as `JSON.stringify` is to `JSON.parse`
The npm package javascript-stringify receives a total of 1,219,521 weekly downloads. As such, javascript-stringify popularity was classified as popular.
We found that javascript-stringify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.