Gathering detailed insights and metrics for json-parse-even-better-errors
Gathering detailed insights and metrics for json-parse-even-better-errors
Installations
npm install json-parse-even-better-errorsDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
^18.17.0 || >=20.5.0
Node Version
22.8.0
NPM Version
10.8.3
Score
99.9
Supply Chain
98.3
Quality
83
Maintenance
100
Vulnerability
100
License
Releases
4
Languages
1
JavaScript
JavaScript (100%)
Developer
npm
Download Statistics
Total Downloads
6,611,124,290
Last Day
8,979,304
Last Week
54,199,935
Last Month
236,074,671
Last Year
2,355,958,191
GitHub Statistics
NOASSERTION License
23 Stars
85 Commits
4 Forks
2 Watchers
1 Branches
64 Contributors
Updated on May 04, 2025
Bundle Size
1.75 kB
Minified
985.00 B
Minified + Gzipped
Maintainers
7
Package Meta Information
Latest Version
4.0.0
Package Id
json-parse-even-better-errors@4.0.0
Unpacked Size
9.73 kB
Size
4.38 kB
File Count
4
NPM Version
10.8.3
Node Version
22.8.0
Published on
Sep 04, 2024
Total Downloads
Cumulative downloads
Total Downloads
6,611,124,290
Last Day
-12.2%
8,979,304
Compared to previous day
Last Week
-5.7%
54,199,935
Compared to previous week
Last Month
3.8%
236,074,671
Compared to previous month
Last Year
27.4%
2,355,958,191
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
3
json-parse-even-better-errors
json-parse-even-better-errors
is a Node.js library for getting nicer errors out of JSON.parse(),
including context and position of the parse errors.
It also preserves the newline and indentation styles of the JSON data, by
putting them in the object or array in the Symbol.for('indent') and
Symbol.for('newline') properties.
Install
$ npm install --save json-parse-even-better-errors
Table of Contents
Example
1const parseJson = require('json-parse-even-better-errors') 2 3parseJson('"foo"') // returns the string 'foo' 4parseJson('garbage') // more useful error message 5parseJson.noExceptions('garbage') // returns undefined
Features
- Like JSON.parse, but the errors are better.
- Strips a leading byte-order-mark that you sometimes get reading files.
- Has a
noExceptionsmethod that returns undefined rather than throwing. - Attaches the newline character(s) used to the
Symbol.for('newline')property on objects and arrays. - Attaches the indentation character(s) used to the
Symbol.for('indent')property on objects and arrays.
Indentation
To preserve indentation when the file is saved back to disk, use
data[Symbol.for('indent')] as the third argument to JSON.stringify, and
if you want to preserve windows \r\n newlines, replace the \n chars in
the string with data[Symbol.for('newline')].
For example:
1const txt = await readFile('./package.json', 'utf8') 2const data = parseJsonEvenBetterErrors(txt) 3const indent = Symbol.for('indent') 4const newline = Symbol.for('newline') 5// .. do some stuff to the data .. 6const string = JSON.stringify(data, null, data[indent]) + '\n' 7const eolFixed = data[newline] === '\n' ? string 8 : string.replace(/\n/g, data[newline]) 9await writeFile('./package.json', eolFixed)
Indentation is determined by looking at the whitespace between the initial
{ and [ and the character that follows it. If you have lots of weird
inconsistent indentation, then it won't track that or give you any way to
preserve it. Whether this is a bug or a feature is debatable ;)
API
parse(txt, reviver = null, context = 20)
Works just like JSON.parse, but will include a bit more information when
an error happens, and attaches a Symbol.for('indent') and
Symbol.for('newline') on objects and arrays. This throws a
JSONParseError.
parse.noExceptions(txt, reviver = null)
Works just like JSON.parse, but will return undefined rather than
throwing an error.
class JSONParseError(er, text, context = 20, caller = null)
Extends the JavaScript SyntaxError class to parse the message and provide
better metadata.
Pass in the error thrown by the built-in JSON.parse, and the text being
parsed, and it'll parse out the bits needed to be helpful.
context defaults to 20.
Set a caller function to trim internal implementation details out of the
stack trace. When calling parseJson, this is set to the parseJson
function. If not set, then the constructor defaults to itself, so the
stack trace will point to the spot where you call new JSONParseError.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
all changesets reviewed
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 14 commits out of 30 are checked with a SAST tool
Reason
2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:24
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:25
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/release.yml:247
- Info: topLevel 'contents' permission set to 'read': .github/workflows/audit.yml:12
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci-release.yml:22
- Warn: topLevel 'checks' permission set to 'write': .github/workflows/ci-release.yml:23
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:16
- Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:17
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/post-dependabot.yml:8
- Info: topLevel 'contents' permission set to 'read': .github/workflows/pull-request.yml:14
- Info: topLevel 'contents' permission set to 'read': .github/workflows/release-integration.yml:23
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/release.yml:11
- Warn: topLevel 'checks' permission set to 'write': .github/workflows/release.yml:13
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/audit.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/audit.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci-release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci-release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci-release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci-release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-release.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci-release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-release.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci-release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/post-dependabot.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/post-dependabot.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/post-dependabot.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/post-dependabot.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/pull-request.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/pull-request.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-integration.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release-integration.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-integration.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release-integration.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:199: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:304: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/npm/json-parse-even-better-errors/release.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/audit.yml:41
- Warn: npmCommand not pinned by hash: .github/workflows/ci-release.yml:62
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:45
- Warn: npmCommand not pinned by hash: .github/workflows/post-dependabot.yml:39
- Warn: npmCommand not pinned by hash: .github/workflows/pull-request.yml:45
- Warn: npmCommand not pinned by hash: .github/workflows/release-integration.yml:56
- Warn: npmCommand not pinned by hash: .github/workflows/release.yml:50
- Warn: npmCommand not pinned by hash: .github/workflows/release.yml:130
- Info: 0 out of 26 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 12 third-party GitHubAction dependencies pinned
- Info: 0 out of 8 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
6.1
/10
Last Scanned on 2025-05-19
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More