Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
json-stable-stringify-pretty
Advanced tools
A fork of substack's json-stable-stringify: deterministic JSON.stringify() with useful options
deterministic version of JSON.stringify()
so you can get a consistent hash
from stringified results
You can also pass in a custom comparison function.
var stringify = require('json-stable-stringify');
var obj = { c: 8, b: [{z:6,y:5,x:4},7], a: 3 };
console.log(stringify(obj));
output:
{"a":3,"b":[{"x":4,"y":5,"z":6},7],"c":8}
var stringify = require('json-stable-stringify')
Return a deterministic stringified string str
from the object obj
.
If opts
is given, you can supply an opts.cmp
to have a custom comparison
function for object keys. Your function opts.cmp
is called with these
parameters:
opts.cmp({ key: akey, value: avalue }, { key: bkey, value: bvalue })
For example, to sort on the object key names in reverse order you could write:
var stringify = require('json-stable-stringify');
var obj = { c: 8, b: [{z:6,y:5,x:4},7], a: 3 };
var s = stringify(obj, function (a, b) {
return a.key < b.key ? 1 : -1;
});
console.log(s);
which results in the output string:
{"c":8,"b":[{"z":6,"y":5,"x":4},7],"a":3}
Or if you wanted to sort on the object values in reverse order, you could write:
var stringify = require('json-stable-stringify');
var obj = { d: 6, c: 5, b: [{z:3,y:2,x:1},9], a: 10 };
var s = stringify(obj, function (a, b) {
return a.value < b.value ? 1 : -1;
});
console.log(s);
which outputs:
{"d":6,"c":5,"b":[{"z":3,"y":2,"x":1},9],"a":10}
If you specify opts.space
, it will indent the output for pretty-printing.
Valid values are strings (e.g. {space: \t}
) or a number of spaces
({space: 3}
).
For example:
var obj = { b: 1, a: { foo: 'bar', and: [1, 2, 3] } };
var s = stringify(obj, { space: ' ' });
console.log(s);
which outputs:
{
"a": {
"and": [
1,
2,
3
],
"foo": "bar"
},
"b": 1
}
The replacer parameter is a function opts.replacer(key, value)
that behaves
the same as the replacer
from the core JSON object.
If you specify opts.pretty: true
the stringified text will be formatted as Javascript instead of JSON, similar to util.inspect().
For example:
var obj = { one: 1, two: { b: 4, a: [2,3] } };
var s = stringify(obj, { pretty: true });
console.log(s);
which outputs:
{one:1,two:{a:[2,3],b:4}}
Or if also using space:
var obj = { one: 1, two: { b: 4, a: [2,3] } };
var s = stringify(obj, { pretty: true, space: ' ' });
console.log(s);
which outputs:
{
one: 1,
two: {
a: [
2,
3
],
b: 4
}
}
If you specify opts.sortarrays: true
all arrays in the output will be sorted. This can be
useful in situations where an array is used with the semantics of an unordered collection.
For example:
var obj = { one: 1, two: { b: 4, a: [9,3] } };
var s = stringify(obj, { sortarrays: true });
console.log(s);
which outputs:
{"one":1,"two":{"a":[3,9],"b":4}}
By default, if an object has a key whose value is undefined
, the key will not be shown
in the stringified output. The option {undef: true}
will display the key
For example:
var obj = { a: 3, z: undefined };
var s = stringify(obj);
console.log('Default: ', s);
var t = stringify(obj, {undef: true});
console.log('With undef: ', t);
which outputs:
Default: {"a":3}
With undef: {"a":3,z:undefined}
With npm do:
npm install json-stable-stringify
MIT
FAQs
A fork of substack's json-stable-stringify: deterministic JSON.stringify() with useful options
The npm package json-stable-stringify-pretty receives a total of 224 weekly downloads. As such, json-stable-stringify-pretty popularity was classified as not popular.
We found that json-stable-stringify-pretty demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.