🚀 Big News: Socket Acquires Coana to Bring Reachability Analysis to Every Appsec Team.Learn more
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

json-bourne

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

json-bourne

Drop in replacement for JSON that standardizes Array.toJSON and Date.toJSON

1.0.1
latest
Source
npm
Version published
Weekly downloads
644
18.82%
Maintainers
1
Weekly downloads
 
Created
Source

json-bourne

js-standard-style

Codeship Status for qubitproducts/json-bourne

Normalizes the JavaScript JSON API against overwritten Array.prototype.toJSON and IE8's unstandardized version of Date.prototype.toJSON.

Advantages over JSON 3

  • Much smaller, only a few lines rather than 4KB
  • Uses native stringify and parse methods
  • Runs much quicker on older browsers

Known issues

  • Does not protect against all monkeypatching
  • Can be slower at stringifying on newer browsers (see Benchmarks)
  • Not compatible with IE7 or below

Installation

$ npm install --save json-bourne

Motivation

JSON Bourne is intended for use in code that you'll execute on websites you don't control. Such websites can break the native JSON.stringify implementation by changing Array.prototype.toJSON, specifically if they use prototype.js version 1.6 or under. JSON Bourne also normalizes Date.prototype.toJSON, correcting the unstandard implementation for IE8. Any changes to prototypes are restored immediately after stringifying.

Usage

JSON Bourne is a drop in replacement for JSON, replicating the standard parse and stringify methods exactly.

var JSON = require('json-bourne')

console.log(JSON.parse('{"bourne": "legacy"}'))
// Logs { bourne: "legacy" }

console.log(JSON.stringify({"bourne": "ultimatum"}))
// Logs { "bourne": "ultimatum" }

Compatibility

Tested on IE8+, Chrome, Firefox, Opera and Safari.

Benchmarks

Want to work on this for your day job?

This project was created by the Engineering team at Qubit. As we use open source libraries, we make our projects public where possible.

We’re currently looking to grow our team, so if you’re a JavaScript engineer and keen on ES2016 React+Redux applications and Node micro services, why not get in touch? Work with like minded engineers in an environment that has fantastic perks, including an annual ski trip, yoga, a competitive foosball league, and copious amounts of yogurt.

Find more details on our Engineering site. Don’t have an up to date CV? Just link us your Github profile! Better yet, send us a pull request that improves this project.

FAQs

Package last updated on 03 Feb 2016

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Deno 2.4 Brings Back deno bundle, Improves Dependency Management and Observability

Security News

Deno 2.4 Brings Back deno bundle, Improves Dependency Management and Observability

Deno 2.4 brings back bundling, improves dependency updates and telemetry, and makes the runtime more practical for real-world JavaScript projects.

By Sarah Gooding  -  Jul 08, 2025