Security News
The Push to Ban Ransom Payments Is Gaining Momentum
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
js-yaml
Advanced tools
Package description
The js-yaml npm package is a JavaScript library that allows you to parse and dump YAML, a human-friendly data serialization standard. It can be used to convert YAML to JSON and vice versa, making it a useful tool for configuration files, data exchange, and more.
YAML Parsing
This feature allows you to parse a YAML file or string and convert it into a JavaScript object. The code sample demonstrates how to read a YAML file from the filesystem and parse its contents.
{"const yaml = require('js-yaml');\nconst fs = require('fs');\n\ntry {\n const doc = yaml.load(fs.readFileSync('/path/to/file.yml', 'utf8'));\n console.log(doc);\n} catch (e) {\n console.error(e);\n}"}
YAML Dumping
This feature allows you to take a JavaScript object and convert it into a YAML-formatted string. The code sample shows how to create a YAML string from an object and then save it to a file.
{"const yaml = require('js-yaml');\nconst fs = require('fs');\n\nconst obj = { hello: 'world' };\nconst ymlText = yaml.dump(obj);\n\nfs.writeFileSync('/path/to/file.yml', ymlText, 'utf8');\nconsole.log('YAML file saved.');"}
Custom Types
js-yaml allows you to define custom types for specialized use cases. The code sample demonstrates how to create a custom YAML type and use it in parsing a YAML string.
{"const yaml = require('js-yaml');\n\nconst schema = yaml.Schema.create([ new yaml.Type('!myType', {\n kind: 'scalar',\n resolve: data => data === 'valid',\n construct: data => data,\n instanceOf: String\n}) ]);\n\nconst doc = yaml.load('!myType valid', { schema });\nconsole.log(doc); // 'valid'"}
The 'yaml' package is another JavaScript library for parsing and serializing YAML. It offers a similar API to js-yaml but with a focus on being highly compliant with the YAML specification. It may be preferred for applications that require strict adherence to the spec.
Yamljs is a JavaScript library that provides YAML parsing and dumping functionalities. It is similar to js-yaml but has a different API design and may not be as actively maintained as js-yaml.
This package is designed for parsing YAML into an abstract syntax tree (AST). It is useful for developers who need to analyze or manipulate the structure of YAML documents at a lower level compared to js-yaml.
Changelog
[2.0.3] - 2013-02-26
Readme
This is an implementation of YAML, a human friendly data serialization language. Started as PyYAML port, it was completely rewritten from scratch. Now it's very fast, and supports 1.2 spec.
If your have not used custom tags or loader classes - no changes needed. Just upgrade library and enjoy high parse speed.
In other case, you should rewrite your tag constructors and custom loader classes, to conform new schema-based API. See examples and wiki for details. Note, that parser internals were completely rewritten.
npm install js-yaml
If you want to inspect your YAML files from CLI, install js-yaml globally:
npm install js-yaml -g
usage: js-yaml [-h] [-v] [-c] [-j] [-t] file
Positional arguments:
file File with YAML document(s)
Optional arguments:
-h, --help Show this help message and exit.
-v, --version Show program's version number and exit.
-c, --compact Display errors in compact mode
-j, --to-json Output a non-funky boring JSON
-t, --trace Show stack trace on error
<script src="js-yaml.min.js"></script>
<script type="text/javascript">
var doc = jsyaml.load('greeting: hello\nname: world');
</script>
Browser support was done mostly for online demo. If you find eny errors - feel free to send pull requests with fixes. Also note, that IE and other old browsers needs es5-shims to operate.
Here we cover the most 'useful' methods. If you need advanced details (creating your own tags), see wiki and examples for more info.
In node.js JS-YAML automatically registers handlers for .yml
and .yaml
files. You can load them just with require
. That's mostly equivalent to
calling load()
on fetched content of a file. Just with one string!
require('js-yaml');
// Get document, or throw exception on error
try {
var doc = require('/home/ixti/example.yml');
console.log(doc);
} catch (e) {
console.log(e);
}
Parses string
as single YAML document. Returns a JavaScript object or throws
YAMLException
on error.
NOTE: This function does not understands multi-document sources, it throws exception on those.
options:
filename
(default: null) - string to be used as a file path in
error/warning messages.strict
(default - false) makes the loader to throw errors instead of
warnings.schema
(default: DEFAULT_SCHEMA
) - specifies a schema to use.Same as load()
, but understands multi-document sources and apply iterator
to
each document.
var yaml = require('js-yaml');
yaml.loadAll(data, function (doc) {
console.log(doc);
});
Same as load()
but uses SAFE_SCHEMA
by default - only recommended tags of
YAML specification (no JavaScript-specific tags, e.g. !!js/regexp
).
Same as loadAll()
but uses SAFE_SCHEMA
by default - only recommended tags of
YAML specification (no JavaScript-specific tags, e.g. !!js/regexp
).
Serializes object
as YAML document.
options:
indent
(default: 2) - indentation width to use (in spaces).flowLevel
(default: -1) - specifies level of nesting, when to switch from
block to flow style for collections. -1 means block style everwherestyles
- "tag" => "style" map. Each tag may have own set of styles.schema
(default: DEFAULT_SCHEMA
) specifies a schema to use.styles:
!!null
"canonical" => "~"
!!int
"binary" => "0b1", "0b101010", "0b1110001111010"
"octal" => "01", "052", "016172"
"decimal" => "1", "42", "7290"
"hexadecimal" => "0x1", "0x2A", "0x1C7A"
!!null, !!bool, !!float
"lowercase" => "null", "true", "false", ".nan", '.inf'
"uppercase" => "NULL", "TRUE", "FALSE", ".NAN", '.INF'
"camelcase" => "Null", "True", "False", ".NaN", '.Inf'
By default, !!int uses decimal
, and !!null, !!bool, !!float use lowercase
.
Same as dump()
but uses SAFE_SCHEMA
by default - only recommended tags of
YAML specification (no JavaScript-specific tags, e.g. !!js/regexp
).
The list of standard YAML tags and corresponding JavaScipt types. See also YAML tag discussion and YAML types repository.
!!null '' # null
!!bool 'yes' # bool
!!int '3...' # number
!!float '3.14...' # number
!!binary '...base64...' # buffer
!!timestamp 'YYYY-...' # date
!!omap [ ... ] # array of key-value pairs
!!pairs [ ... ] # array or array pairs
!!set { ... } # array of objects with given keys and null values
!!str '...' # string
!!seq [ ... ] # array
!!map { ... } # object
JavaScript-specific tags
!!js/regexp /pattern/gim # RegExp
!!js/undefined '' # Undefined
!!js/function 'function () {...}' # Function
Note, that you use arrays or objects as key in JS-YAML. JS do not allows objects or array as keys, and stringifies (by calling .toString method) them at the moment of adding them.
---
? [ foo, bar ]
: - baz
? { foo: bar }
: - baz
- baz
{ "foo,bar": ["baz"], "[object Object]": ["baz", "baz"] }
Also, reading of properties on implicit block mapping keys is not supported yet. So, the following YAML document cannot be loaded.
&anchor foo:
foo: bar
*anchor: duplicate key
baz: bat
*anchor: duplicate key
View the LICENSE file (MIT).
FAQs
YAML 1.2 parser and serializer
We found that js-yaml demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
Application Security
New SEC disclosure rules aim to enforce timely cyber incident reporting, but fear of job loss and inadequate resources lead to significant underreporting.
Security News
The Python Software Foundation has secured a 5-year sponsorship from Fastly that supports PSF's activities and events, most notably the security and reliability of the Python Package Index (PyPI).