serialize-to-js
Advanced tools
Comparing version 1.2.2 to 2.0.0
module.exports = { | ||
serialize: require('./serialize'), | ||
serializeToModule: require('./serializeToModule'), | ||
deserialize: require('./deserialize') | ||
serializeToModule: require('./serializeToModule') | ||
} |
{ | ||
"name": "serialize-to-js", | ||
"version": "1.2.2", | ||
"version": "2.0.0", | ||
"description": "serialize objects to javascript", | ||
@@ -45,16 +45,14 @@ "keywords": [ | ||
"dependencies": { | ||
"js-beautify": "^1.8.9", | ||
"safer-eval": "^1.3.0" | ||
"js-beautify": "^1.10.0" | ||
}, | ||
"devDependencies": { | ||
"eslint": "^5.11.1", | ||
"eslint": "^5.16.0", | ||
"eslint-config-standard": "^12.0.0", | ||
"eslint-plugin-import": "^2.14.0", | ||
"eslint-plugin-node": "^8.0.0", | ||
"eslint-plugin-promise": "^4.0.1", | ||
"eslint-plugin-import": "^2.17.2", | ||
"eslint-plugin-node": "^9.0.1", | ||
"eslint-plugin-promise": "^4.1.1", | ||
"eslint-plugin-standard": "^4.0.0", | ||
"jsdox": "^0.4.10", | ||
"mocha": "^5.2.0", | ||
"nyc": "^13.1.0", | ||
"rimraf": "^2.6.2" | ||
"mocha": "^6.1.4", | ||
"nyc": "^14.1.1", | ||
"rimraf": "^2.6.3" | ||
}, | ||
@@ -61,0 +59,0 @@ "engines": { |
@@ -95,34 +95,2 @@ # serialize-to-js | ||
### deserialize | ||
`deserialize(str, [context])` | ||
deserialize a serialized object to javascript | ||
> _NOTE_: Deserialization uses `new Function()` for code evaluation which may be "harmful". | ||
> **SO NOW YOU ARE WARNED!** | ||
Uses [safer-eval][] for deserialization. | ||
#### Example - deserializing regex, date, ... | ||
```js | ||
var str = '{obj: {foo: "bar"}, arr: [1, "2"], regexp: /^test?$/, date: new Date("2016-04-15T16:22:52.009Z")}' | ||
var res = deserialize(str) | ||
console.log(res) | ||
//> { obj: { foo: 'bar' }, | ||
//> arr: [ 1, '2' ], | ||
//> regexp: /^test?$/, | ||
//> date: Sat Apr 16 2016 01:22:52 GMT+0900 (JST) } | ||
``` | ||
**Parameters** | ||
**str**: `String`, string containing serialized data | ||
**context**: (optional) pass context e.g. if requiring Buffer use `{Buffer: Buffer}`. | ||
**Returns**: `Any`, deserialized data | ||
### serializeToModule | ||
@@ -129,0 +97,0 @@ |
Uses eval
Supply chain riskPackage uses eval() which is a dangerous function. This prevents the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
1
9
0
16841
8
363
149
- Removedsafer-eval@^1.3.0
- Removedclones@1.2.0(transitive)
- Removedsafer-eval@1.3.6(transitive)
Updatedjs-beautify@^1.10.0