
Research
Security News
The Landscape of Malicious Open Source Packages: 2025 Mid‑Year Threat Report
A look at the top trends in how threat actors are weaponizing open source packages to deliver malware and persist across the software supply chain.
json-bourne
Advanced tools
Drop in replacement for JSON that standardizes Array.toJSON and Date.toJSON
Normalizes the JavaScript JSON API against overwritten Array.prototype.toJSON
and IE8's unstandardized version of Date.prototype.toJSON
.
Advantages over JSON 3
Known issues
$ npm install --save json-bourne
JSON Bourne is intended for use in code that you'll execute on websites you don't control. Such websites can break the native JSON.stringify
implementation by changing Array.prototype.toJSON
, specifically if they use prototype.js version 1.6 or under. JSON Bourne also normalizes Date.prototype.toJSON
, correcting the unstandard implementation for IE8. Any changes to prototypes are restored immediately after stringifying.
JSON Bourne is a drop in replacement for JSON, replicating the standard parse
and stringify
methods exactly.
var JSON = require('json-bourne')
console.log(JSON.parse('{"bourne": "legacy"}'))
// Logs { bourne: "legacy" }
console.log(JSON.stringify({"bourne": "ultimatum"}))
// Logs { "bourne": "ultimatum" }
Tested on IE8+, Chrome, Firefox, Opera and Safari.
This project was created by the Engineering team at Qubit. As we use open source libraries, we make our projects public where possible.
We’re currently looking to grow our team, so if you’re a JavaScript engineer and keen on ES2016 React+Redux applications and Node micro services, why not get in touch? Work with like minded engineers in an environment that has fantastic perks, including an annual ski trip, yoga, a competitive foosball league, and copious amounts of yogurt.
Find more details on our Engineering site. Don’t have an up to date CV? Just link us your Github profile! Better yet, send us a pull request that improves this project.
FAQs
Drop in replacement for JSON that standardizes Array.toJSON and Date.toJSON
The npm package json-bourne receives a total of 0 weekly downloads. As such, json-bourne popularity was classified as not popular.
We found that json-bourne demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A look at the top trends in how threat actors are weaponizing open source packages to deliver malware and persist across the software supply chain.
Security News
ESLint now supports HTML linting with 48 new rules, expanding its language plugin system to cover more of the modern web development stack.
Security News
CISA is discontinuing official RSS support for KEV and cybersecurity alerts, shifting updates to email and social media, disrupting automation workflows.