Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
json-stable-stringify
Advanced tools
deterministic JSON.stringify() with custom sorting to get deterministic hashes from stringified results
The json-stable-stringify npm package is used to convert a JavaScript object into a JSON string with a deterministic order of keys. This is particularly useful when you want to ensure that the string output is consistent for the same structural data, which is important for tasks like creating cryptographic hashes, caching, or simply when you need a stable serialization of JSON that you can compare.
Deterministic JSON.stringify
This feature allows you to serialize a JavaScript object into a JSON string with a consistent ordering of keys. This is useful when you need to compare JSON strings for equality or when you need to generate a hash from a JSON string and require that the string be the same for the same data.
{"result": "json-stable-stringify"}
Custom comparator
json-stable-stringify allows you to provide a custom comparison function to determine the order of keys. This is useful when you have specific requirements for the order of keys beyond simple alphabetical sorting.
{"result": "json-stable-stringify with custom comparator"}
Space argument for pretty-printing
The package also supports the 'space' argument like JSON.stringify, which allows you to pretty-print the output with indentation for better readability.
{"result": "json-stable-stringify with pretty-printing"}
This package offers similar functionality to json-stable-stringify but focuses on performance. It claims to be the fastest stable JSON.stringify available.
Similar to fast-json-stable-stringify, this package also aims to provide fast and stable JSON stringification. It compares to json-stable-stringify by offering a different balance of speed and features.
deterministic version of JSON.stringify()
so you can get a consistent hash from stringified results
You can also pass in a custom comparison function.
var stringify = require('json-stable-stringify');
var obj = { c: 8, b: [{ z: 6, y: 5, x: 4 }, 7], a: 3 };
console.log(stringify(obj));
output:
{"a":3,"b":[{"x":4,"y":5,"z":6},7],"c":8}
var stringify = require('json-stable-stringify')
Return a deterministic stringified string str
from the object obj
.
If opts
is given, you can supply an opts.cmp
to have a custom comparison function for object keys.
Your function opts.cmp
is called with these parameters:
opts.cmp({ key: akey, value: avalue }, { key: bkey, value: bvalue }, { get(key): value })
For example, to sort on the object key names in reverse order you could write:
var stringify = require('json-stable-stringify');
var obj = { c: 8, b: [{ z: 6, y: 5, x: 4 },7], a: 3 };
var s = stringify(obj, function (a, b) {
return b.key.localeCompare(a.key);
});
console.log(s);
which results in the output string:
{"c":8,"b":[{"z":6,"y":5,"x":4},7],"a":3}
Or if you wanted to sort on the object values in reverse order, you could write:
var stringify = require('json-stable-stringify');
var obj = { d: 6, c: 5, b: [{ z: 3, y: 2, x: 1 }, 9], a: 10 };
var s = stringify(obj, function (a, b) {
return a.value < b.value ? 1 : -1;
});
console.log(s);
which outputs:
{"d":6,"c":5,"b":[{"z":3,"y":2,"x":1},9],"a":10}
An additional param get(key)
returns the value of the key from the object being currently compared.
If you specify opts.space
, it will indent the output for pretty-printing.
Valid values are strings (e.g. {space: \t}
) or a number of spaces
({space: 3}
).
For example:
var obj = { b: 1, a: { foo: 'bar', and: [1, 2, 3] } };
var s = stringify(obj, { space: ' ' });
console.log(s);
which outputs:
{
"a": {
"and": [
1,
2,
3
],
"foo": "bar"
},
"b": 1
}
The replacer parameter is a function opts.replacer(key, value)
that behaves the same as the replacer
from the core JSON object.
With npm do:
npm install json-stable-stringify
MIT
v1.1.0 - 2023-11-13
opts.cmp
: add get
function 1b11748
fd520e1
isarray
, object-keys
instead of homegrown attempts d1d2038
6c066b8
8243ea1
02f0778
new Array
80d52a1
call-bind
to invoke replacer c52438f
JSON.stringify
at module load 616dec3
@ljharb/eslint-config
, aud
, tape
494a3ce
@ljharb/eslint-config
, aud
, tape
861ea7d
4e95ebb
1226971
engines.node
7a80ff6
FAQs
deterministic JSON.stringify() with custom sorting to get deterministic hashes from stringified results
The npm package json-stable-stringify receives a total of 4,125,898 weekly downloads. As such, json-stable-stringify popularity was classified as popular.
We found that json-stable-stringify demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.