Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
parse-json
Advanced tools
The parse-json npm package is used for parsing JSON strings. It provides an API for parsing JSON with more helpful error messages than the native JSON.parse. It can also handle trailing commas and comments in JSON strings, which are not supported by the standard JSON.parse.
Parse JSON with better error messages
This feature allows users to parse JSON strings and get more informative error messages when the JSON is invalid. It helps in debugging and fixing the JSON content.
const parseJson = require('parse-json');
try {
const obj = parseJson('{"foo": true,}');
} catch (error) {
console.error(error.message);
}
Parse JSON with comments
parse-json can handle JSON strings that contain comments, which are not typically allowed in JSON. This is useful when dealing with configurations or other JSON files where comments might be present.
const parseJson = require('parse-json');
const jsonWithComments = '{/* comment */ "foo": true}'
const obj = parseJson(jsonWithComments);
Parse JSON with trailing commas
This feature allows the parsing of JSON strings that have trailing commas after the last element in an object or array, which is not permitted in standard JSON.
const parseJson = require('parse-json');
const jsonWithTrailingComma = '{"foo": true,}'
const obj = parseJson(jsonWithTrailingComma);
json5 is a JSON parser and serializer that allows for comments, trailing commas, and other non-standard features. It is similar to parse-json but aims to be a superset of the JSON5 data format, which extends the JSON format to include additional JavaScript features.
json-parse-better-errors is another JSON parsing library that provides more helpful error messages than the native JSON.parse. It is similar to parse-json in its goal to improve error feedback but does not support comments or trailing commas.
json-parse-safe is a safe JSON parser that returns an error instead of throwing one. This can be useful for applications that need to handle JSON parsing errors more gracefully. It does not provide the extended syntax support that parse-json does.
Parse JSON with more helpful errors
npm install parse-json
import parseJson from 'parse-json';
const json = '{\n\t"foo": true,\n}';
JSON.parse(json);
/*
undefined:3
}
^
SyntaxError: Unexpected token }
*/
parseJson(json);
/*
JSONError: Unexpected token } in JSON at position 16 while parsing near '{ "foo": true,}'
1 | {
2 | "foo": true,
> 3 | }
| ^
*/
parseJson(json, 'foo.json');
/*
JSONError: Unexpected token } in JSON at position 16 while parsing near '{ "foo": true,}' in foo.json
1 | {
2 | "foo": true,
> 3 | }
| ^
*/
// You can also add the filename at a later point
try {
parseJson(json);
} catch (error) {
if (error instanceof parseJson.JSONError) {
error.fileName = 'foo.json';
}
throw error;
}
/*
JSONError: Unexpected token } in JSON at position 16 while parsing near '{ "foo": true,}' in foo.json
1 | {
2 | "foo": true,
> 3 | }
| ^
*/
Throws a JSONError
when there is a parsing error.
Type: string
Type: Function
Prescribes how the value originally produced by parsing is transformed, before being returned. See JSON.parse
docs for more.
Type: string
The filename displayed in the error message.
Exposed for instanceof
checking.
Type: string
The filename displayed in the error message.
Type: string
The printable section of the JSON which produces the error.
FAQs
Parse JSON with more helpful errors
The npm package parse-json receives a total of 62,680,829 weekly downloads. As such, parse-json popularity was classified as popular.
We found that parse-json demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.