Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
jsonata is a lightweight query and transformation language for JSON data. It allows you to query, transform, and manipulate JSON data with a simple and expressive syntax.
Querying JSON Data
This feature allows you to query JSON data using a simple and expressive syntax. In this example, we query for a person named 'John' in the 'people' array.
const jsonata = require('jsonata');
const data = { "people": [{ "name": "John", "age": 30 }, { "name": "Jane", "age": 25 }] };
const expression = jsonata('people[name="John"]');
const result = expression.evaluate(data);
console.log(result); // Output: { "name": "John", "age": 30 }
Transforming JSON Data
This feature allows you to transform JSON data into a new structure. In this example, we transform the 'people' array to have 'fullName' and 'yearsOld' properties instead of 'name' and 'age'.
const jsonata = require('jsonata');
const data = { "people": [{ "name": "John", "age": 30 }, { "name": "Jane", "age": 25 }] };
const expression = jsonata('people.{"fullName": name, "yearsOld": age}');
const result = expression.evaluate(data);
console.log(result); // Output: [{ "fullName": "John", "yearsOld": 30 }, { "fullName": "Jane", "yearsOld": 25 }]
Aggregating JSON Data
This feature allows you to perform aggregations on JSON data. In this example, we calculate the sum of ages in the 'people' array.
const jsonata = require('jsonata');
const data = { "people": [{ "name": "John", "age": 30 }, { "name": "Jane", "age": 25 }] };
const expression = jsonata('people.age.sum()');
const result = expression.evaluate(data);
console.log(result); // Output: 55
jq is a lightweight and flexible command-line JSON processor. It allows you to slice, filter, map, and transform structured data with the same ease that sed, awk, grep, and friends let you play with text. Compared to jsonata, jq is more suited for command-line usage and scripting.
lodash is a modern JavaScript utility library delivering modularity, performance, and extras. It provides a wide range of utility functions for common programming tasks, including manipulating and querying JSON data. While lodash is more general-purpose, jsonata is specifically designed for querying and transforming JSON.
underscore is a JavaScript library that provides a whole mess of useful functional programming helpers without extending any built-in objects. It includes functions for working with arrays, objects, and other data structures, making it useful for manipulating JSON data. However, jsonata offers a more specialized and expressive syntax for JSON querying and transformation.
JSON query and transformation language
Reference implementation of the JSONata query and transformation language.
npm install jsonata
In Node.js:
const jsonata = require('jsonata');
const data = {
example: [
{value: 4},
{value: 7},
{value: 13}
]
};
(async () => {
const expression = jsonata('$sum(example.value)');
const result = await expression.evaluate(data); // returns 24
})()
In a browser:
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>JSONata test</title>
<script src="https://cdn.jsdelivr.net/npm/jsonata/jsonata.min.js"></script>
<script>
async function greeting() {
var json = JSON.parse(document.getElementById('json').value);
var result = await jsonata('"Hello, " & name').evaluate(json);
document.getElementById('greeting').innerHTML = result;
}
</script>
</head>
<body>
<textarea id="json">{ "name": "Wilbur" }</textarea>
<button onclick="greeting()">Click me</button>
<p id="greeting"></p>
</body>
</html>
See the CONTRIBUTING.md for details of how to contribute to this repo.
2.0.5 Maintenance Release
FAQs
JSON query and transformation language
We found that jsonata demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.