Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
protobufjs
Advanced tools
The protobufjs npm package provides a comprehensive suite of tools for working with Protocol Buffers (protobuf), a method of serializing structured data. It allows users to encode and decode protobuf messages, generate and work with static code, and handle dynamic message building and parsing.
Loading .proto files
This feature allows users to load .proto files and use the defined protobuf structures within their JavaScript code.
const protobuf = require('protobufjs');
protobuf.load('awesome.proto', function(err, root) {
if (err) throw err;
const AwesomeMessage = root.lookupType('awesomepackage.AwesomeMessage');
// ... use AwesomeMessage
});
Encoding and decoding messages
With protobufjs, users can encode JavaScript objects into binary protobuf format and decode binary messages into JavaScript objects.
const message = AwesomeMessage.create({ awesomeField: 'AwesomeString' });
const buffer = AwesomeMessage.encode(message).finish();
const decodedMessage = AwesomeMessage.decode(buffer);
Reflection and runtime message building
This feature allows users to work with protobuf messages dynamically at runtime using JSON descriptors, without the need for generated static code.
const root = protobuf.Root.fromJSON(jsonDescriptor);
const AwesomeMessage = root.lookupType('awesomepackage.AwesomeMessage');
const errMsg = AwesomeMessage.verify({ awesomeField: 'AwesomeString' });
if (errMsg) throw Error(errMsg);
const message = AwesomeMessage.create({ awesomeField: 'AwesomeString' });
Static code generation
Protobufjs can generate static code from .proto files, which can be used for better performance and type safety.
protobuf.load('awesome.proto', function(err, root) {
if (err) throw err;
protobuf.codegen(root, { keepCase: true }, function(err, output) {
if (err) throw err;
// output will contain the generated static code
});
});
This is a fork of the original protobufjs package with some modifications. It is used within the Apollo tooling ecosystem but generally offers similar functionality to protobufjs.
This is the official Protocol Buffers runtime library for JavaScript. It is provided by Google and offers similar serialization and deserialization capabilities. However, it may not be as feature-rich or flexible as protobufjs in terms of dynamic message handling and may require more setup for code generation.
Pbf is a fast, lightweight Protocol Buffers implementation in JavaScript. It focuses on performance and is smaller in size compared to protobufjs. However, it might not offer the same level of functionality, especially in terms of reflection and dynamic message building.
Protocol Buffers are a language-neutral, platform-neutral, extensible way of serializing structured data for use in communications protocols, data storage, and more, originally designed at Google (see).
protobuf.js is a pure JavaScript implementation on top of bytebuffer.js including a .proto parser, message class building and simple encoding and decoding. There is no compilation step required, it's super easy to use and it works out of the box on .proto files!
$> npm install protobufjs
var ProtoBuf = require("protobufjs");
...
Requires bytebuffer.js. Optionally depends on long.js for long (int64) support. If you do not require long support, you can skip the Long.js config. RequireJS example:
require(["protobuf"], function(ProtoBuf) {
...
});
Or as a module dependency:
define("MyModule", ["protobuf"], function(ProtoBuf) {
...
});
Requires bytebuffer.js. Optionally depends on long.js for long (int64) support. If you do not require long support, you can skip the Long.js include.
<!-- Order is important -->
<script src="long.min.js"></script>
<script src="bytebuffer.min.js"></script>
<script src="protobuf.min.js"></script>
var ProtoBuf = dcodeIO.ProtoBuf;
...
Note: You'll need the full build to load .proto data. light builds are able to load JSON only.
To load a .proto file, use:
API: ProtoBuf.loadProtoFile(source[, callback[, builder]]):Builder|undefined
// Synchronously
var builder = ProtoBuf.loadProtoFile("path/to/file.proto");
// Asynchronously
ProtoBuf.loadProtoFile("path/to/file.proto", function(err, builder) {
...
});
ProtoBuf.loadProtoFile
also accepts an object specifying the import root directory and the file to load as its first parameter: {root: string, file: string}
. Additionally, an already created and then reused builder can be specified as the last argument, which is useful if all the definitions shall reside in a single namespace.
API: ProtoBuf.loadProto(source[, builder][, filename]):Builder
var builder = ProtoBuf.loadProto(...protoString..., "myproto.proto");
To load the (raw) JSON counterpart generated through pbjs, use ProtoBuf.loadJsonFile
respectively ProtoBuf.loadJson
. It's the same API.
If you generated classes or modules with it, loading is done just by including respectively requiring the resulting file. Loading is handled transparently in this case.
When using JSON only, you can use protobuf-light.js or protobuf-light.min.js instead, which do NOT include the ProtoBuf.DotProto package for parsing and are therefore smaller.
Since ProtoBuf.js 4.0.0 the library ships with the pbjs
command line utility. With it it's possible to convert between .proto and JSON descriptors and even to generate the code required to access runtime structures as pure JS (classes), an AMD module or a CommonJS module.
_ |_ . _
|_)|_)|_) ProtoBuf.js v4.0.0-b3 https://github.com/dcodeIO/ProtoBuf.js
| '
CLI utility to convert between .proto and JSON syntax / to generate classes.
Usage: pbjs <filename> [options] [> outFile]
Options:
--help, -h Show help [boolean]
--version, -v Show version number [boolean]
--source, -s Specifies the source format. Valid formats are:
json Plain JSON descriptor
proto Plain .proto descriptor
--target, -t Specifies the target format. Valid formats are:
amd Runtime structures as AMD module
commonjs Runtime structures as CommonJS module
js Runtime structures
json Plain JSON descriptor
proto Plain .proto descriptor
--using, -u Specifies an option to apply to the volatile builder
loading the source, e.g. convertFieldsToCamelCase.
--min, -m Minifies the output. [default: false]
--path, -p Adds a directory to the include path.
--legacy, -l Includes legacy descriptors from google/protobuf/ if
explicitly referenced. [default: false]
--quiet, -q Suppresses any informatory output to stderr. [default: false]
--use, -i Specifies an option to apply to the emitted builder
utilized by your program, e.g. populateAccessors.
--exports, -e Specifies the namespace to export. Defaults to export
the root namespace.
--dependency, -d Library dependency to use when generating classes.
Defaults to 'protobufjs' for CommonJS, 'ProtoBuf' for
AMD modules and 'dcodeIO.ProtoBuf' for classes.
<script src="//cdn.rawgit.com/dcodeIO/protobuf.js/5.0.1/dist/protobuf.min.js"></script>
With the version pointing to the exact release your project depends upon.
License: Apache License, Version 2.0
FAQs
Protocol Buffers for JavaScript (& TypeScript).
The npm package protobufjs receives a total of 18,411,908 weekly downloads. As such, protobufjs popularity was classified as popular.
We found that protobufjs demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.