
Research
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.
StreamJSONParser is a JavaScript module that provides a way to parse JSON data from a readable stream in an asynchronous and efficient manner. It is particularly useful when dealing with streaming JSON data, such as data received from server-sent events (SSE) or other real-time data sources.
You can install StreamJSONParser using npm or yarn:
npm install stream-json-parser
or
yarn add stream-json-parser
To use StreamJSONParser, you need to import it into your JavaScript or TypeScript code:
import streamJSONParser from 'stream-json-parser';
Here is an example of how to use StreamJSONParser to parse JSON data from a readable stream:
import streamJSONParser from 'stream-json-parser';
// Create a ReadableStream (e.g., from a fetch response)
const response = await fetch('https://example.com/streaming-data');
const stream = response.body;
for await (const chunk of streamjsonparser(response.body)) {
console.log(chunk)
}
The streamJSONParser function accepts a readable stream as its input and returns an asynchronous generator that yields parsed JSON objects as they are received from the stream.
The readChunks function reads the stream in chunks, asynchronously yielding each chunk.
The readLines function processes the chunks to split them into lines of text. It handles cases where a single chunk might contain multiple lines.
The main streamJSONParser function trims each line of text, removes any "data: " prefix, and parses the resulting JSON. It then yields the parsed JSON objects.
If you'd like to contribute to StreamJSONParser, please open an issue or submit a pull request on GitHub.
StreamJSONParser is licensed under the MIT License.
StreamJSONParser is inspired by the need for efficient parsing of streaming JSON data in real-time applications.
StreamJSONParser is maintained by [Your Name]. You can contact me at [your.email@example.com].
For more information, visit the GitHub repository.
Note: Replace [your/repo], [Your Name], [your.email@example.com], and [MIT License] with your actual repository URL, name, contact information, and license information.
This README is a template, and you should customize it according to your project's specific details.
FAQs
A JSON parsing utility for streaming data
The npm package jsonsurge receives a total of 9 weekly downloads. As such, jsonsurge popularity was classified as not popular.
We found that jsonsurge demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

Company News
Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

Security News
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.