Security News
PyPI’s New Archival Feature Closes a Major Security Gap
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
By Sarah Gooding - Jan 30, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
What is xml-parser?
The xml-parser npm package is a simple and lightweight XML parser that converts XML data into a JavaScript object. It is designed to be easy to use and efficient for parsing XML strings.
What are xml-parser's main functionalities?
Parsing XML to JavaScript Object
This feature allows you to parse an XML string into a JavaScript object. The code sample demonstrates how to use the xml-parser package to convert a simple XML string into a JavaScript object, which can then be easily manipulated or accessed in your application.
const parse = require('xml-parser');
const xml = '<root><child name="foo">bar</child></root>';
const obj = parse(xml);
console.log(obj);Other packages similar to xml-parser
xml2js
xml2js is a popular XML parser for Node.js that converts XML to JavaScript objects. It offers more features than xml-parser, such as support for XML namespaces and the ability to customize the parsing process with options. xml2js is more feature-rich and configurable compared to the simpler xml-parser.
fast-xml-parser
fast-xml-parser is another XML parser for Node.js that is known for its performance. It provides fast parsing of XML data into JavaScript objects and supports various options for customization. Compared to xml-parser, fast-xml-parser is optimized for speed and offers additional features like validation and transformation of XML data.
sax
sax is a streaming XML parser for Node.js that provides an event-driven API. It is suitable for parsing large XML files as it processes the data in chunks. Unlike xml-parser, which parses the entire XML string at once, sax allows for more control over the parsing process and is ideal for handling large or complex XML data.
xml-parser
Simple non-compiant XML parser because we just need to parse some basic responses and libxml takes forever to compile :D you probably don't want to use this unless you also have similar needs.
Installation
$ npm install xml-parser
Example
JavaScript:
var fs = require('fs');
var parse = require('xml-parser');
var xml = fs.readFileSync('examples/developerforce.xml', 'utf8');
var inspect = require('util').inspect;
var obj = parse(xml);
console.log(inspect(obj, { colors: true, depth: Infinity }));
XML:
<?xml version="1.0" encoding="utf-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns="urn:enterprise.soap.sforce.com">
<soapenv:Body>
<createResponse>
<result>
<id>003D000000OY9omIAD</id>
<success>true</success>
</result>
<result>
<id>001D000000HTK3aIAH</id>
<success>true</success>
</result>
</createResponse>
</soapenv:Body>
</soapenv:Envelope>
Yields:
{ declaration: { attributes: { version: '1.0', encoding: 'utf-8' } },
root:
{ name: 'soapenv:Envelope',
attributes:
{ 'xmlns:soapenv': 'http://schemas.xmlsoap.org/soap/envelope/',
xmlns: 'urn:enterprise.soap.sforce.com' },
children:
[ { name: 'soapenv:Body',
attributes: {},
children:
[ { name: 'createResponse',
attributes: {},
children:
[ { name: 'result',
attributes: {},
children:
[ { name: 'id',
attributes: {},
children: [],
content: '003D000000OY9omIAD' },
{ name: 'success', attributes: {}, children: [], content: 'true' } ],
content: '' },
{ name: 'result',
attributes: {},
children:
[ { name: 'id',
attributes: {},
children: [],
content: '001D000000HTK3aIAH' },
{ name: 'success', attributes: {}, children: [], content: 'true' } ],
content: '' } ],
content: '' } ],
content: '' } ],
content: '' } }
License
MIT
FAQs
the little xml parser that could
The npm package xml-parser receives a total of 60,300 weekly downloads. As such, xml-parser popularity was classified as popular.
We found that xml-parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 05 Jun 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
North Korean APT Lazarus Targets Developers with Malicious npm Package
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.
By Kirill Boychenko, Peter van der Zee - Jan 29, 2025
Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
By Sarah Gooding - Jan 29, 2025