npmpackage.info

Gathering detailed insights and metrics for fast-xml-parser

Other packages similar to fast-xml-parser

node-xml-stream

1.0.2

A fast XML parser using streams.

node-xml-stream-parser

1.0.12

A fast XML parser using streams.

@borgar/simple-xml

2.0.1

Overly simplistic (but fast) XML parser

@smartdcc/duis-parser

0.6.0

Lightweight utility script wrapper around fast-xml-parser tuned for DUIS

Gathering detailed insights and metrics for fast-xml-parser

fast-xml-parser

Validate XML, Parse XML and Build XML rapidly without C/C++ based libraries and no callback.

4.5.0

2,589

MIT

JavaScript

8.41 kB

1,881,906,715 5.8

Installations

npm install fast-xml-parser

Score

99.6

Supply Chain

99.6

Quality

80.8

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

8

Total

208

Closed

63

Merged

137

Issues

Open

52

Total

424

Closed

372

Releases

Security Fix

v4.2.4

Published on 07 Jun 2023

v4.0.0

Published on 06 Jan 2022

Fixed Parsing issues

3.17.1

Published on 19 May 2020

Validator fix for & characters and no more settings for locale range

3.16.0

Published on 12 Jan 2020

Update validator for error message

v3.15.0

Published on 24 Nov 2019

Update tagValueProcessor to work with date value (broken changes)

3.12.20

Published on 25 Aug 2019

View all 14 releases

Developer

NaturalIntelligence

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

Typescript Support

No

Node Version

19.2.0

NPM Version

8.19.3 Statistics

2,589 Stars

844 Commits

309 Forks

31 Watching

6 Branches

95 Contributors

Updated on 27 Nov 2024

Bundle Size

26.54 kB

Minified

8.41 kB

Minified + Gzipped

Bundlephobia

Languages

JavaScript (95.7%)

HTML (4.06%)

TypeScript (0.24%)

Total Downloads

Cumulative downloads

Total Downloads

1,881,906,715

Last day

-11.7%

4,397,509

Compared to previous day

Last week

1.5%

25,934,344

Compared to previous week

Last month

7.7%

108,721,401

Compared to previous month

Last year

69.5%

995,045,601

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

strnum

Dev Dependencies

@babel/core @babel/plugin-transform-runtime @babel/preset-env @babel/register @types/node babel-loader eslint he jasmine nyc prettier publish-please typescript webpack webpack-cli

Versions

fast-xml-parser

[![NPM quality][quality-image]][quality-url]

Validate XML, Parse XML to JS Object, or Build XML from JS Object without C/C++ based libraries and no callback.

I had recently published a book, The Power Glasses. Please have a look. Your feedback would be helpful. You can mail me for a free copy.

Sponsor this project

fxp_sponsors Hiroki Kokubun

Users

The list of users are mostly published by Github or communicated directly. Feel free to contact if you find any information wrong.

Main Features

Validate XML data syntactically
Parse XML to JS Object
Build XML from JS Object
Compatible to node js packages, in browser, and in CLI (click try me button above for demo)
Faster than any other pure JS implementation.
It can handle big files (tested up to 100mb).
Controlled parsing using various options
XML Entities, HTML entities, and DOCTYPE entites are supported.
unpaired tags (Eg <br> in HTML), stop nodes (Eg <script> in HTML) are supported.
You can restore almost same XML from JSON
Supports comments
It can preserve Order of tags in JS object
You can control if a single tag should be parsed into array.
Supports parsing of PI (Processing Instruction) tags with XML declaration tags
And many more other features.

v5

I developed v5 in Apr 2023. And I didn't get the chance to complete all the features. I've ensured that new features don't impact performance. With v5, you have more control on parsing output. Check docs for syntax help and basic understanding.

Please leave a comment in discussion forum for your suggestions and if you really need v5.

How to use

To use as package dependency $ npm install fast-xml-parser or $ yarn add fast-xml-parser

To use as system command $ npm install fast-xml-parser -g

To use it on a webpage include it from a CDN

Example

As CLI command

1$ fxparser some.xml

In a node js project

1const { XMLParser, XMLBuilder, XMLValidator} = require("fast-xml-parser");
2
3const parser = new XMLParser();
4let jObj = parser.parse(XMLdata);
5
6const builder = new XMLBuilder();
7const xmlContent = builder.build(jObj);

In a HTML page

1<script src="path/to/fxp.min.js"></script>
2:
3<script>
4  const parser = new fxparser.XMLParser();
5  parser.parse(xmlContent);
6</script>

Bundle size

Bundle Name	Size
fxbuilder.min.js	6.5K
fxparser.min.js	20K
fxp.min.js	26K
fxvalidator.min.js	5.7K

Documents

v3	v4	v5
documents	Getting Started XML Parser XML Builder XML Validator Entities HTML Document Parsing PI Tag processing	Getting Started Features Options Output Builders Value Parsers

note: version 5 is released with version 4 tfor experimental use. Based on it's demand, it'll be developed and the features can be different in final release.

Performance

negative means error

XML Parser

Y-axis: requests per second
X-axis: File size

XML Builder

* Y-axis: requests per second

Usage Trend

Usage Trend of fast-xml-parser

Supporters

Contributors

This project exists thanks to all the people who contribute. [Contribute].

Backers

Thank you to all our backers! 🙏 [Become a backer]

License

MIT License

Donate $5

Stable Version

The latest stable version of the package.

Stable Version

4.5.0

HIGH

7.5/10

Summary

fast-xml-parser vulnerable to ReDOS at currency parsing

Affected Versions

>= 4.3.5, < 4.4.1

Patched Versions

4.4.1

HIGH

7.5/10

Summary

fast-xml-parser vulnerable to Regex Injection via Doctype Entities

Affected Versions

>= 4.1.3, < 4.2.4

Patched Versions

4.2.4

MODERATE

6.5/10

Summary

fast-xml-parser vulnerable to Prototype Pollution through tag or attribute name

Affected Versions

< 4.1.2

Patched Versions

4.1.2

LOW

0/10

Summary

fast-xml-parser regex vulnerability patch could be improved from a safety perspective

Affected Versions

= 4.2.4

Patched Versions

4.2.5

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Security-Policy

Determines if the project has published a security policy.

10

Maintained

Determines if the project is "actively maintained".

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Fuzzing

Determines if the project uses fuzzing.

3

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

3

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

0

SAST

Determines if the project uses static code analysis.

Score

5.8

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More