Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
json-parse-even-better-errors
Advanced tools
The json-parse-even-better-errors package is an npm package that provides an improved JSON.parse function. It offers better error messages than the default JSON.parse, making it easier to debug issues with JSON data. It can pinpoint the exact location and cause of the error in the JSON string.
Improved error messages
This feature enhances the error messages provided by JSON.parse. In the code sample, if the JSON is invalid, it will throw an error with a message that includes the position and reason for the failure, making it easier to identify and fix the issue.
const parseJSON = require('json-parse-even-better-errors');
try {
const obj = parseJSON('{"foo": "bar", "baz": }');
} catch (e) {
console.error(e.message);
}
This package offers a safe way to parse JSON strings without try-catch blocks. It returns an object with an error and value property. It is similar to json-parse-even-better-errors in providing a safer JSON parsing experience but does not focus on detailed error messages.
Secure-json-parse provides safe parsing of JSON strings, protecting against prototype pollution attacks. It is similar to json-parse-even-better-errors in that it enhances the JSON parsing process, but it focuses on security rather than error message clarity.
Parse-json is another JSON parsing library that provides more informative error messages with a clear indication of where the parsing failed. It is similar to json-parse-even-better-errors in its goal to provide better error messages, but it may differ in implementation and the exact output of the errors.
json-parse-even-better-errors
is a Node.js library for getting nicer errors out of JSON.parse()
,
including context and position of the parse errors.
It also preserves the newline and indentation styles of the JSON data, by
putting them in the object or array in the Symbol.for('indent')
and
Symbol.for('newline')
properties.
$ npm install --save json-parse-even-better-errors
const parseJson = require('json-parse-even-better-errors')
parseJson('"foo"') // returns the string 'foo'
parseJson('garbage') // more useful error message
parseJson.noExceptions('garbage') // returns undefined
noExceptions
method that returns undefined rather than throwing.Symbol.for('newline')
property on objects and arrays.Symbol.for('indent')
property on objects and arrays.To preserve indentation when the file is saved back to disk, use
data[Symbol.for('indent')]
as the third argument to JSON.stringify
, and
if you want to preserve windows \r\n
newlines, replace the \n
chars in
the string with data[Symbol.for('newline')]
.
For example:
const txt = await readFile('./package.json', 'utf8')
const data = parseJsonEvenBetterErrors(txt)
const indent = Symbol.for('indent')
const newline = Symbol.for('newline')
// .. do some stuff to the data ..
const string = JSON.stringify(data, null, data[indent]) + '\n'
const eolFixed = data[newline] === '\n' ? string
: string.replace(/\n/g, data[newline])
await writeFile('./package.json', eolFixed)
Indentation is determined by looking at the whitespace between the initial
{
and [
and the character that follows it. If you have lots of weird
inconsistent indentation, then it won't track that or give you any way to
preserve it. Whether this is a bug or a feature is debatable ;)
parse(txt, reviver = null, context = 20)
Works just like JSON.parse
, but will include a bit more information when
an error happens, and attaches a Symbol.for('indent')
and
Symbol.for('newline')
on objects and arrays. This throws a
JSONParseError
.
parse.noExceptions(txt, reviver = null)
Works just like JSON.parse
, but will return undefined
rather than
throwing an error.
class JSONParseError(er, text, context = 20, caller = null)
Extends the JavaScript SyntaxError
class to parse the message and provide
better metadata.
Pass in the error thrown by the built-in JSON.parse
, and the text being
parsed, and it'll parse out the bits needed to be helpful.
context
defaults to 20.
Set a caller
function to trim internal implementation details out of the
stack trace. When calling parseJson
, this is set to the parseJson
function. If not set, then the constructor defaults to itself, so the
stack trace will point to the spot where you call new JSONParseError
.
FAQs
JSON.parse with context information on error
The npm package json-parse-even-better-errors receives a total of 37,272,539 weekly downloads. As such, json-parse-even-better-errors popularity was classified as popular.
We found that json-parse-even-better-errors demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.