Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Standalone JavaScript YAML 1.2 Parser & Encoder. Works under node.js and all major browsers. Also brings command line YAML/JSON conversion tools.
The yamljs npm package is a library designed to parse YAML ('YAML Ain't Markup Language') strings and generate JavaScript objects, and vice versa. It provides an easy way to convert data between YAML, a human-friendly data serialization standard, and JavaScript objects. This can be particularly useful for configuration files, data exchange, and more, where YAML's readability and JavaScript's ubiquity are advantageous.
Parsing YAML to JavaScript Object
This feature allows you to convert a YAML string into a JavaScript object. It's particularly useful for reading configuration files or data represented in YAML format and using it within a JavaScript application.
const YAML = require('yamljs');
const yamlString = 'greeting: hello\nname: world';
const object = YAML.parse(yamlString);
console.log(object); // Output: { greeting: 'hello', name: 'world' }
Stringifying JavaScript Object to YAML
This feature enables the conversion of JavaScript objects into YAML strings. It's useful for creating configuration files or data exchange where YAML's human-readable format is preferred.
const YAML = require('yamljs');
const object = { greeting: 'hello', name: 'world' };
const yamlString = YAML.stringify(object, 4);
console.log(yamlString); // Output: 'greeting: hello\nname: world'
js-yaml is another popular YAML parsing and serialization library that offers similar functionalities to yamljs. It provides comprehensive YAML support, including the ability to customize schemas, which makes it more flexible in handling various YAML specifications compared to yamljs. js-yaml is known for its performance and extensive feature set.
The 'yaml' package is a modern YAML parser and stringifier, supporting YAML 1.2. It focuses on being highly compliant with the YAML specification and offers a simple API for parsing and stringifying. Compared to yamljs, it might offer better support for newer YAML features and specifications.
Standalone JavaScript YAML 1.2 Parser & Encoder. Works under node.js and all major browsers. Also brings command line YAML/JSON conversion tools.
Mainly inspired from Symfony Yaml Component.
Import yaml.js in your html page:
<script type="text/javascript" src="yaml.js"></script>
Parse yaml string:
nativeObject = YAML.parse(yamlString);
Dump native object into yaml string:
yamlString = YAML.stringify(nativeObject[, inline /* @integer depth to start using inline notation at */[, spaces /* @integer number of spaces to use for indentation */] ]);
Load yaml file:
nativeObject = YAML.load('file.yml');
Load yaml file:
YAML.load('file.yml', function(result)
{
nativeObject = result;
});
Install module:
npm install yamljs
Use it:
YAML = require('yamljs');
// parse YAML string
nativeObject = YAML.parse(yamlString);
// Generate YAML
yamlString = YAML.stringify(nativeObject, 4);
// Load yaml file using YAML.load
nativeObject = YAML.load('myfile.yml');
You can enable the command line tools by installing yamljs as a global module:
npm install -g yamljs
Then, two cli commands should become available: yaml2json and json2yaml. They let you convert YAML to JSON and JSON to YAML very easily.
yaml2json
usage: yaml2json [-h] [-v] [-p] [-i INDENTATION] [-s] [-r] [-w] input
Positional arguments:
input YAML file or directory containing YAML files.
Optional arguments:
-h, --help Show this help message and exit.
-v, --version Show program's version number and exit.
-p, --pretty Output pretty (indented) JSON.
-i INDENTATION, --indentation INDENTATION
Number of space characters used to indent code (use
with --pretty, default: 2).
-s, --save Save output inside JSON file(s) with the same name.
-r, --recursive If the input is a directory, also find YAML files in
sub-directories recursively.
-w, --watch Watch for changes.
json2yaml
usage: json2yaml [-h] [-v] [-d DEPTH] [-i INDENTATION] [-s] [-r] [-w] input
Positional arguments:
input JSON file or directory containing JSON files.
Optional arguments:
-h, --help Show this help message and exit.
-v, --version Show program's version number and exit.
-d DEPTH, --depth DEPTH
Set minimum level of depth before generating inline
YAML (default: 2).
-i INDENTATION, --indentation INDENTATION
Number of space characters used to indent code
(default: 2).
-s, --save Save output inside YML file(s) with the same name.
-r, --recursive If the input is a directory, also find JSON files in
sub-directories recursively.
-w, --watch Watch for changes.
examples
# Convert YAML to JSON and output resulting JSON on the console
yaml2json myfile.yml
# Store output inside a JSON file
yaml2json myfile.yml > output.json
# Output "pretty" (indented) JSON
yaml2json myfile.yml --pretty
# Save the output inside a file called myfile.json
yaml2json myfile.yml --pretty --save
# Watch a full directory and convert any YAML file into its JSON equivalent
yaml2json mydirectory --pretty --save --recursive
# Convert JSON to YAML and store output inside a JSON file
json2yaml myfile.json > output.yml
# Output YAML that will be inlined only after 8 levels of indentation
json2yaml myfile.json --depth 8
# Save the output inside a file called myfile.json with 4 spaces for each indentation
json2yaml myfile.json --indentation 4
# Watch a full directory and convert any JSON file into its YAML equivalent
json2yaml mydirectory --pretty --save --recursive
FAQs
Standalone JavaScript YAML 1.2 Parser & Encoder. Works under node.js and all major browsers. Also brings command line YAML/JSON conversion tools.
We found that yamljs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.