Installations

npm install json

Pull Requests

Open

10

Total

44

Closed

18

Merged

16

Issues

Open

40

Total

124

Closed

84

Releases

Unable to fetch releases

Developer

trentm

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

>=0.10.0

Typescript Support

No

Node Version

10.23.0

NPM Version

6.14.8 Statistics

1,558 Stars

356 Commits

122 Forks

29 Watching

11 Branches

13 Contributors

Updated on 28 Nov 2024

Languages

JavaScript (68.55%)

Perl (24.15%)

Makefile (3.26%)

Python (3.02%)

Shell (1.02%)

Total Downloads

Cumulative downloads

Total Downloads

30,088,799

Last day

6.6%

27,097

Compared to previous day

Last week

11.8%

168,031

Compared to previous week

Last month

17.9%

604,727

Compared to previous month

Last year

-5.2%

5,870,283

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

6

ansidiff async ben nodeunit semver uglify-js

Versions

json is a fast CLI tool for working with JSON. It is a single-file node.js script with no external deps (other than node.js itself). A quick taste:

$ echo '{"foo":"bar"}' | json
{
  "foo": "bar"
}

$ echo '{"foo":"bar"}' | json foo
bar

$ echo '{"fred":{"age":42}}' | json fred.age    # '.' for property access
42

$ echo '{"age":10}' | json -e 'this.age++'
{
  "age": 11
}

# `json -ga` (g == group, a == array) for streaming mode
$ echo '{"latency":32,"req":"POST /widgets"}
{"latency":10,"req":"GET /ping"}
' | json -gac 'this.latency > 10' req
POST /widgets

Features:

pretty-printing JSON
natural syntax (like JS code) for extracting particular values
get details on JSON syntax errors (handy for config files)
filter input JSON (see -e and -c options)
fast stream processing (see -ga)
JSON validation
in-place file editing

See https://trentm.com/json for full docs and examples as a man page.

Follow @trentmick for updates to json.

Installation

Get node.
npm install -g json

Note: This used to be called 'jsontool' in the npm registry, but as of version 8.0.0 it has taken over the 'json' name. See npm Package Name below.

OR manually:

Get the 'json' script and put it on your PATH somewhere (it is a single file with no external dependencies). For example:
```
 cd ~/bin
 curl -L https://github.com/trentm/json/raw/master/lib/json.js > json
 chmod 755 json
```

You should now have "json" on your PATH:

$ json --version
json 9.0.0

WARNING for Ubuntu/Debian users: There is a current bug in Debian stable such that "apt-get install nodejs" installed a nodejs binary instead of a node binary. You'll either need to create a symlink for node, change the json command's shebang line to "#!/usr/bin/env nodejs" or use chrislea's PPA as discussed on issue #56. You can also do "apt-get install nodejs-legacy" to install symlink for node with apt.

Test suite

npm test   # or 'make test'

This is using node-tap, so you can use all its options, for example filtering which tests to run:

npm test -- -g stream

License

MIT (see the fine LICENSE.txt file).

Module Usage

Since v1.3.1 you can use "json" as a node.js module:

var json = require('json');

However, so far the module API isn't that useful and the CLI is the primary focus.

npm Package Name

Once upon a time, json was a different thing (see zpoley's json-command here), and this module was called jsontool in npm. As of version 8.0.0 of this module, npm install json means this tool.

If you see documentation referring to jsontool, it is most likely referring to this module.

Alternatives you might prefer

jq: https://stedolan.github.io/jq/
json:select: https://jsonselect.org/
json-command: https://github.com/zpoley/json-command
JSONPath: https://goessner.net/articles/JsonPath/, https://code.google.com/p/jsonpath/wiki/Javascript
jsawk: https://github.com/micha/jsawk
jshon: https://kmkeen.com/jshon/
json2: https://github.com/vi/json2
fx: https://github.com/antonmedv/fx

Stable Version

The latest stable version of the package.

Stable Version

11.0.0

HIGH

1

HIGH

7.2/10

Summary

trentm/json vulnerable to command injection

Affected Versions

< 10.0.0

Patched Versions

10.0.0

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

9

License

Determines if the project has defined a license.

3

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

2.8

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More