Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
The js-yaml npm package is a JavaScript library that allows you to parse and dump YAML, a human-friendly data serialization standard. It can be used to convert YAML to JSON and vice versa, making it a useful tool for configuration files, data exchange, and more.
YAML Parsing
This feature allows you to parse a YAML file or string and convert it into a JavaScript object. The code sample demonstrates how to read a YAML file from the filesystem and parse its contents.
{"const yaml = require('js-yaml');\nconst fs = require('fs');\n\ntry {\n const doc = yaml.load(fs.readFileSync('/path/to/file.yml', 'utf8'));\n console.log(doc);\n} catch (e) {\n console.error(e);\n}"}
YAML Dumping
This feature allows you to take a JavaScript object and convert it into a YAML-formatted string. The code sample shows how to create a YAML string from an object and then save it to a file.
{"const yaml = require('js-yaml');\nconst fs = require('fs');\n\nconst obj = { hello: 'world' };\nconst ymlText = yaml.dump(obj);\n\nfs.writeFileSync('/path/to/file.yml', ymlText, 'utf8');\nconsole.log('YAML file saved.');"}
Custom Types
js-yaml allows you to define custom types for specialized use cases. The code sample demonstrates how to create a custom YAML type and use it in parsing a YAML string.
{"const yaml = require('js-yaml');\n\nconst schema = yaml.Schema.create([ new yaml.Type('!myType', {\n kind: 'scalar',\n resolve: data => data === 'valid',\n construct: data => data,\n instanceOf: String\n}) ]);\n\nconst doc = yaml.load('!myType valid', { schema });\nconsole.log(doc); // 'valid'"}
The 'yaml' package is another JavaScript library for parsing and serializing YAML. It offers a similar API to js-yaml but with a focus on being highly compliant with the YAML specification. It may be preferred for applications that require strict adherence to the spec.
Yamljs is a JavaScript library that provides YAML parsing and dumping functionalities. It is similar to js-yaml but has a different API design and may not be as actively maintained as js-yaml.
This package is designed for parsing YAML into an abstract syntax tree (AST). It is useful for developers who need to analyze or manipulate the structure of YAML documents at a lower level compared to js-yaml.
This is a native port of PyYAML, the most advanced YAML parser. Now you can use all modern YAML feature right in JavaScript. Originally snapshoted version - PyYAML 3.10 (2011-05-30).
npm install js-yaml
If you want to inspect your YAML files from CLI, install js-yaml.bin.
<script src="js-yaml.min.js"></script>
<script type="text/javascript">
var doc = jsyaml.load('greeting: hello\nname: world');
</script>
Also we support AMD loaders, e.g. RequireJS.
JS-YAML automatically registers handlers for .yml
and .yaml
files. You can load them just with require
.
That's mostly equivalent to calling loadAll() on file handler ang gathering all documents into array.
Just with one string!
require('js-yaml');
// Get array of documents, or throw exception on error
var docs = require('/home/ixti/examples.yml');
console.log(docs);
If you are sure, that file has only one document, chained shift()
will help to exclude array wrapper:
require('js-yaml');
// Get array of documents, or throw exception on error
var singleDoc = require('/home/ixti/examples.yml').shift();
console.log(singleDoc);
Parses source as single YAML document. Returns JS object or throws exception on error.
This function does NOT understands multi-doc sources, it throws exception on those.
var yaml = require('js-yaml');
// pass the string
fs.readFile('/home/ixti/example.yml', 'utf8', function (err, data) {
if (err) {
// handle error
return;
}
try {
console.log( yaml.load(data) );
} catch(e) {
console.log(e);
}
});
Same as Load
, but understands multi-doc sources and apply iterator to each document.
var yaml = require('js-yaml');
// pass the string
fs.readFile('/home/ixti/example.yml', 'utf8', function (err, data) {
if (err) {
// handle error
return;
}
try {
yaml.loadAll(data, function (doc) {
console.log(doc);
});
} catch(e) {
console.log(e);
}
});
Same as load()
but uses safe schema - only recommended tags of YAML
specification (no JavaScript-specific tags, e.g. !!js/regexp
).
Same as loadAll()
but uses safe schema - only recommended tags of YAML
specification (no JavaScript-specific tags, e.g. !!js/regexp
).
The list of standard YAML tags and corresponding JavaScipt types. See also YAML Tag Discussion and Yaml Types.
!!null '' # null
!!bool 'yes' # bool
!!int '3...' # number
!!float '3.14...' # number
!!binary '...base64...' # buffer
!!timestamp 'YYYY-...' # date
!!omap [ ... ] # array of key-value pairs
!!pairs [ ... ] # array or array pairs
!!set { ... } # array of objects with given keys and null values
!!str '...' # string
!!seq [ ... ] # array
!!map { ... } # object
JavaScript-specific tags
!!js/regexp /pattern/gim # RegExp
!!js/undefined '' # Undefined
!!js/function 'function () {...}' # Function
Note, that you use arrays or objects as key in JS-YAML. JS do not allows objects or array as keys, and stringifies them at the moment of adding them.
---
? [ foo, bar ]
: - baz
? { foo: bar }
: - baz
- baz
=>
{ "": ["baz"], "[object Object]": ["baz", "baz"] }
View the LICENSE file (MIT).
[0.3.5] - 2012-01-10
FAQs
YAML 1.2 parser and serializer
The npm package js-yaml receives a total of 72,139,906 weekly downloads. As such, js-yaml popularity was classified as popular.
We found that js-yaml demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.