Security News
New Python Packaging Proposal Aims to Solve Phantom Dependency Problem with SBOMs
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
jsonrepair
Advanced tools
The jsonrepair npm package is designed to fix common errors in JSON strings, making them valid JSON. It can handle issues such as missing quotes, trailing commas, and other common JSON syntax errors.
Repairing JSON strings
This feature allows you to repair a broken JSON string by fixing common syntax errors. In the example, the input JSON string has a missing quote around the key and a trailing comma, which are corrected by jsonrepair.
const jsonrepair = require('jsonrepair');
const brokenJson = '{key: "value",}';
const repairedJson = jsonrepair(brokenJson);
console.log(repairedJson); // Output: {"key": "value"}
Handling various JSON errors
This feature demonstrates jsonrepair's ability to handle multiple types of errors in a JSON string, such as trailing commas and missing quotes. The repaired JSON string is valid and can be parsed by JSON.parse.
const jsonrepair = require('jsonrepair');
const brokenJson = '{"key": "value", "key2": "value2",}';
const repairedJson = jsonrepair(brokenJson);
console.log(repairedJson); // Output: {"key": "value", "key2": "value2"}
jsonlint is a JSON parser and validator with a CLI. It can be used to validate and format JSON strings, but it does not repair broken JSON strings like jsonrepair. Instead, it provides error messages to help you manually fix the issues.
json5 is a JSON parser that allows for more relaxed JSON syntax, such as allowing comments and trailing commas. While it can parse JSON with some errors, it does not specifically aim to repair broken JSON strings like jsonrepair.
jsonc-parser is a parser for JSON with comments (JSONC). It can parse JSON strings with comments and other relaxed syntax rules, but it does not focus on repairing broken JSON strings. It is more about extending JSON's capabilities.
Repair invalid JSON documents.
Try it out in a minimal demo: https://josdejong.github.io/jsonrepair/
Use it in a full-fledged application: https://jsoneditoronline.org
Read the background article "How to fix JSON and validate it with ease"
The following issues can be fixed:
“...”
with regular double quotesNone
, True
, and False
with null
, true
, and false
/* ... */
and // ...
[1, 2, 3, ...]
callback({ ... })
{\"stringified\": \"content\"}
NumberLong(2)
and ISODate("2012-12-19T06:01:17.171Z")
"long text" + "more text on next line"
{ "id": 1, "name": "John" }
{ "id": 2, "name": "Sarah" }
The jsonrepair
library has streaming support and can handle infinitely large documents.
$ npm install jsonrepair
Note that in the lib
folder, there are builds for ESM, UMD, and CommonJs.
Use the jsonrepair
function using an ES modules import:
import { jsonrepair } from 'jsonrepair'
try {
// The following is invalid JSON: is consists of JSON contents copied from
// a JavaScript code base, where the keys are missing double quotes,
// and strings are using single quotes:
const json = "{name: 'John'}"
const repaired = jsonrepair(json)
console.log(repaired) // '{"name": "John"}'
} catch (err) {
console.error(err)
}
Use the streaming API in Node.js:
import { createReadStream, createWriteStream } from 'node:fs'
import { pipeline } from 'node:stream'
import { jsonrepairTransform } from 'jsonrepair/stream'
const inputStream = createReadStream('./data/broken.json')
const outputStream = createWriteStream('./data/repaired.json')
pipeline(inputStream, jsonrepairTransform(), outputStream, (err) => {
if (err) {
console.error(err)
} else {
console.log('done')
}
})
// or using .pipe() instead of pipeline():
// inputStream
// .pipe(jsonrepairTransform())
// .pipe(outputStream)
// .on('error', (err) => console.error(err))
// .on('finish', () => console.log('done'))
Use in CommonJS (not recommended):
const { jsonrepair } = require('jsonrepair')
const json = "{name: 'John'}"
console.log(jsonrepair(json)) // '{"name": "John"}'
Use with UMD in the browser (not recommended):
<script src="/node_modules/jsonrepair/lib/umd/jsonrepair.js"></script>
<script>
const { jsonrepair } = JSONRepair
const json = "{name: 'John'}"
console.log(jsonrepair(json)) // '{"name": "John"}'
</script>
Use in Python via PythonMonkey
.
Install jsonrepair
via npm install jsonrepair
Install PythonMonkey
via pip install pythonmonkey
Use the libraries in a Python script:
import pythonmonkey
jsonrepair = pythonmonkey.require('jsonrepair').jsonrepair
json = "[1,2,3,"
repaired = jsonrepair(json)
print(repaired)
# [1,2,3]
You can use jsonrepair
as a function or as a streaming transform. Broken JSON is passed to the function, and the function either returns the repaired JSON, or throws an JSONRepairError
exception when an issue is encountered which could not be solved.
// @throws JSONRepairError
jsonrepair(json: string) : string
The streaming API is availabe in jsonrepair/stream
and can be used in a Node.js stream. It consists of a transform function that can be used in a stream pipeline.
jsonrepairTransform(options?: { chunkSize?: number, bufferSize?: number }) : Transform
The option chunkSize
determines the size of the chunks that the transform outputs, and is 65536
bytes by default. Changing chunkSize
can influcence the performance.
The option bufferSize
determines how many bytes of the input and output stream are kept in memory and is also 65536
bytes by default. This buffer is used as a "moving window" on the input and output. This is necessary because jsonrepair
must look ahead or look back to see what to fix, and it must sometimes walk back the generated output to insert a missing comma for example. The bufferSize
must be larger than the length of the largest string and whitespace in the JSON data, otherwise, and error is thrown when processing the data. Making bufferSize
very large will result in more memory usage and less performance.
When jsonrepair
is installed globally using npm, it can be used on the command line. To install jsonrepair
globally:
$ npm install -g jsonrepair
Usage:
$ jsonrepair [filename] {OPTIONS}
Options:
--version, -v Show application version
--help, -h Show this message
--output, -o Output file
--overwrite Overwrite the input file
--buffer Buffer size in bytes, for example 64K (default) or 1M
Example usage:
$ jsonrepair broken.json # Repair a file, output to console
$ jsonrepair broken.json > repaired.json # Repair a file, output to file
$ jsonrepair broken.json --output repaired.json # Repair a file, output to file
$ jsonrepair broken.json --overwrite # Repair a file, replace the file itself
$ cat broken.json | jsonrepair # Repair data from an input stream
$ cat broken.json | jsonrepair > repaired.json # Repair data from an input stream, output to file
Similar libraries:
When implementing a fix or a new feature, it important to know that there are currently two implementations:
src/regular
This is a non-streaming implementation. The code is small and works for files up to 512MB, ideal for usage in the browser.src/streaming
A streaming implementation that can be used in Node.js. The code is larger and more complex, and the implementation uses a configurable bufferSize
and chunkSize
. When the parsed document contains a string or number that is longer than the configured bufferSize
, the library will throw an "Index out of range" error since it cannot hold the full string in the buffer. When configured with an infinite buffer size, the streaming implementation works the same as the regular implementation. In that case this out of range error cannot occur, but it makes the performance worse and the application can run out of memory when repairing large documents.Both implementations are tested against the same suite of unit tests in src/index.test.ts
.
Scripts:
Script | Description |
---|---|
npm install | Install the dependencies once |
npm run build | Build the library (ESM, CommonJs, and UMD output in the folder lib ) |
npm test | Run the unit tests |
npm run lint | Run the linter (eslint) |
npm run format | Automatically fix linter issues |
npm run build-and-test | Run the linter, build all, and run unit tests and integration tests |
npm run release | Release a new version. This will lint, test, build, increment the version number, push the changes to git, add a git version tag, and publish the npm package. |
npm run release-dry-run | Run all release steps and see the change list without actually publishing: |
Released under the ISC license.
FAQs
Repair broken JSON documents
The npm package jsonrepair receives a total of 216,540 weekly downloads. As such, jsonrepair popularity was classified as popular.
We found that jsonrepair demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PEP 770 proposes adding SBOM support to Python packages to improve transparency and catch hidden non-Python dependencies that security tools often miss.
Security News
Socket CEO Feross Aboukhadijeh discusses open source security challenges, including zero-day attacks and supply chain risks, on the Cyber Security Council podcast.
Security News
Research
Socket researchers uncover how threat actors weaponize Out-of-Band Application Security Testing (OAST) techniques across the npm, PyPI, and RubyGems ecosystems to exfiltrate sensitive data.