Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
parse-conflict-json
Advanced tools
Parse a JSON string that has git merge conflicts, resolving if possible
Parse a JSON string that has git merge conflicts, resolving if possible.
If the JSON is valid, it just does JSON.parse
as normal.
If either side of the conflict is invalid JSON, then an error is thrown for that.
// after a git merge that left some conflicts there
const data = fs.readFileSync('package-lock.json', 'utf8')
// reviverFunction is passed to JSON.parse as the reviver function
// preference defaults to 'ours', set to 'theirs' to prefer the other
// side's changes.
const parsed = parseConflictJson(data, reviverFunction, preference)
// returns true if the data looks like a conflicted diff file
parsed.isDiff(data)
If prefer
is set to theirs
, then the vaules of theirs
and ours
are
switched in the resolver function. (Ie, we'll apply their changes on top
of our object, rather than the other way around.)
Parse the conflicted file into 3 pieces: ours
, theirs
, and parent
Get the diff from parent
to ours
.
Apply each change of
that diff to theirs
.
If any change in the diff set cannot be applied (ie, because they
changed an object into a non-object and we changed a field on that
object), then replace the object at the specified path with the object
at the path in ours
.
4.0.0 (2024-09-24)
parse-conflict-json
now supports node ^18.17.0 || >=20.5.0
bbad0b5
#97 run template-oss-apply (@hashtagchris)aaa60b6
#96 enable auto publish (#96) (@reggi)ceb69ec
#93 bump @npmcli/eslint-config from 4.0.5 to 5.0.0 (@dependabot[bot])5724d51
#80 bump @npmcli/template-oss to 4.22.0 (@lukekarrys)46686e2
#94 postinstall for dependabot template-oss PR (@hashtagchris)0694002
#94 bump @npmcli/template-oss from 4.23.1 to 4.23.3 (@dependabot[bot])FAQs
Parse a JSON string that has git merge conflicts, resolving if possible
The npm package parse-conflict-json receives a total of 2,290,289 weekly downloads. As such, parse-conflict-json popularity was classified as popular.
We found that parse-conflict-json demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.