Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

secure-json-parse

Package Overview
Dependencies
Maintainers
10
Versions
15
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

secure-json-parse - npm Package Compare versions

Comparing version 3.0.1 to 3.0.2

eslint.config.js
LICENSE

2

benchmarks/ignore.js

@@ -33,4 +33,4 @@ 'use strict'

internals.reviver = function (key, value) {
internals.reviver = function (_key, value) {
return value
}

6

benchmarks/throw.js

@@ -20,3 +20,3 @@ 'use strict'

JSON.parse(internals.invalid)
} catch (ignoreErr) { }
} catch { }
})

@@ -26,3 +26,3 @@ .add('secure-json-parse parse', () => {

sjson.parse(internals.invalid)
} catch (ignoreErr) { }
} catch { }
})

@@ -35,3 +35,3 @@ .add('secure-json-parse safeParse', () => {

JSON.parse(internals.invalid, internals.reviver)
} catch (ignoreErr) { }
} catch { }
})

@@ -38,0 +38,0 @@ .on('cycle', (event) => {

40

package.json
{
"name": "secure-json-parse",
"version": "3.0.1",
"version": "3.0.2",
"description": "JSON parse with prototype poisoning protection",

@@ -10,3 +10,4 @@ "main": "index.js",

"benchmark": "cd benchmarks && npm install && npm run all",
"lint": "standard",
"lint": "eslint",
"lint:fix": "eslint --fix",
"test": "nyc npm run test:unit && npm run test:typescript",

@@ -21,2 +22,22 @@ "test:unit": "tape \"test/*.test.js\"",

},
"author": "Eran Hammer <eran@sideway.com>",
"contributors": [
{
"name": "Matteo Collina",
"email": "hello@matteocollina.com"
},
{
"name": "Tomas Della Vedova",
"url": "http://delved.org"
},
{
"name": "Aras Abbasi",
"email": "aras.abbasi@gmail.com"
},
{
"name": "Frazer Smith",
"email": "frazer.dev@icloud.com",
"url": "https://github.com/fdawgs"
}
],
"keywords": [

@@ -35,9 +56,20 @@ "JSON",

"homepage": "https://github.com/fastify/secure-json-parse#readme",
"funding": [
{
"type": "github",
"url": "https://github.com/sponsors/fastify"
},
{
"type": "opencollective",
"url": "https://opencollective.com/fastify"
}
],
"devDependencies": {
"@fastify/pre-commit": "^2.1.0",
"airtap": "^4.0.4",
"airtap": "^5.0.0",
"airtap-playwright": "^1.0.1",
"eslint": "^9.17.0",
"neostandard": "^0.12.0",
"nyc": "^17.0.0",
"playwright": "^1.43.1",
"standard": "^17.1.0",
"tape": "^5.7.5",

@@ -44,0 +76,0 @@ "tsd": "^0.31.0"

12

README.md
# secure-json-parse
![CI](https://github.com/fastify/secure-json-parse/workflows/CI/badge.svg)
[![CI](https://github.com/fastify/secure-json-parse/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/fastify/secure-json-parse/actions/workflows/ci.yml)
[![NPM version](https://img.shields.io/npm/v/secure-json-parse.svg?style=flat)](https://www.npmjs.com/package/secure-json-parse)
[![js-standard-style](https://img.shields.io/badge/code%20style-standard-brightgreen.svg?style=flat)](https://standardjs.com/)
[![neostandard javascript style](https://img.shields.io/badge/code_style-neostandard-brightgreen?style=flat)](https://github.com/neostandard/neostandard)

@@ -120,8 +120,8 @@ `JSON.parse()` drop-in replacement with prototype poisoning protection.

# Acknowledgements
## Acknowledgments
This project has been forked from [hapijs/bourne](https://github.com/hapijs/bourne).
All the credits before the commit [4690682](https://github.com/hapijs/bourne/commit/4690682c6cdaa06590da7b2485d5df91c09da889) goes to the hapijs/bourne project contributors.
All credit before commit [4690682](https://github.com/hapijs/bourne/commit/4690682c6cdaa06590da7b2485d5df91c09da889) goes to the hapijs/bourne project contributors.
After, the project will be maintained by the Fastify team.
# License
Licensed under BSD-3-Clause.
## License
Licensed under [BSD-3-Clause](./LICENSE).

6

test/index.test.js

@@ -48,3 +48,3 @@ 'use strict'

t.test('parses object string (reviver)', t => {
const reviver = (key, value) => {
const reviver = (_key, value) => {
return typeof value === 'number' ? value + 1 : value

@@ -62,3 +62,3 @@ }

t.test('sanitizes object string (reviver, options)', t => {
const reviver = (key, value) => {
const reviver = (_key, value) => {
return typeof value === 'number' ? value + 1 : value

@@ -163,3 +163,3 @@ }

t.test('sanitizes object string (reviver, options)', t => {
const reviver = (key, value) => {
const reviver = (_key, value) => {
return typeof value === 'number' ? value + 1 : value

@@ -166,0 +166,0 @@ }

10

types/index.d.ts

@@ -42,3 +42,3 @@ type Parse = typeof parse

*/
export function safeParse(text: string | Buffer, reviver?: Reviver | null): any
export function safeParse (text: string | Buffer, reviver?: Reviver | null): any

@@ -52,9 +52,9 @@ /**

*/
export function scan(obj: { [key: string | number]: any }, options?: ParseOptions): any
export function scan (obj: { [key: string | number]: any }, options?: ParseOptions): any
export { parse as default}
export { parse as default }
}
declare function parse(text: string | Buffer, options?: parse.ParseOptions): any
declare function parse(text: string | Buffer, reviver?: parse.Reviver | null, options?: parse.ParseOptions): any
declare function parse (text: string | Buffer, options?: parse.ParseOptions): any
declare function parse (text: string | Buffer, reviver?: parse.Reviver | null, options?: parse.ParseOptions): any
export = parse

2

types/index.test-d.ts

@@ -24,3 +24,3 @@ import { expectType, expectError } from 'tsd'

sjson.scan({}, { constructorAction: 'ignore' })
sjson.scan(new Array(), {})
sjson.scan([], {})

@@ -27,0 +27,0 @@ declare const input: Buffer

LICENSE.md
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc