Gathering detailed insights and metrics for json5
Gathering detailed insights and metrics for json5
Gathering detailed insights and metrics for json5
Gathering detailed insights and metrics for json5
npm install json5
99
Supply Chain
100
Quality
78.4
Maintenance
100
Vulnerability
100
License
Module System
Min. Node Version
Typescript Support
Node Version
NPM Version
6,531 Stars
446 Commits
248 Forks
87 Watching
7 Branches
25 Contributors
Updated on 27 Nov 2024
Minified
Minified + Gzipped
JavaScript (100%)
Cumulative downloads
Total Downloads
Last day
-8.5%
15,435,745
Compared to previous day
Last week
1%
91,345,592
Compared to previous week
Last month
16.1%
371,120,642
Compared to previous month
Last year
0.6%
3,733,114,475
Compared to previous year
JSON5 is an extension to the popular JSON file format that aims to be easier to write and maintain by hand (e.g. for config files). It is not intended to be used for machine-to-machine communication. (Keep using JSON or other file formats for that. 🙂)
JSON5 was started in 2012, and as of 2022, now gets >65M downloads/week, ranks in the top 0.1% of the most depended-upon packages on npm, and has been adopted by major projects like Chromium, Next.js, Babel, Retool, WebStorm, and more. It's also natively supported on Apple platforms like macOS and iOS.
Formally, the JSON5 Data Interchange Format is a superset of JSON (so valid JSON files will always be valid JSON5 files) that expands its syntax to include some productions from ECMAScript 5.1 (ES5). It's also a subset of ES5, so valid JSON5 files will always be valid ES5.*
This JavaScript library is a reference implementation for JSON5 parsing and serialization, and is directly used in many of the popular projects mentioned above (where e.g. extreme performance isn't necessary), but others have created many other libraries across many other platforms.
The following ECMAScript 5.1 features, which are not supported in JSON, have been extended to JSON5.
Kitchen-sink example:
1{ 2 // comments 3 unquoted: 'and you can quote me on that', 4 singleQuotes: 'I can use "double quotes" here', 5 lineBreaks: "Look, Mom! \ 6No \\n's!", 7 hexadecimal: 0xdecaf, 8 leadingDecimalPoint: .8675309, andTrailing: 8675309., 9 positiveSign: +1, 10 trailingComma: 'in objects', andIn: ['arrays',], 11 "backwardsCompatible": "with JSON", 12}
A more real-world example is this config file from the Chromium/Blink project.
For a detailed explanation of the JSON5 format, please read the official specification.
1npm install json5
1const JSON5 = require('json5')
1import JSON5 from 'json5'
1<!-- This will create a global `JSON5` variable. --> 2<script src="https://unpkg.com/json5@2/dist/index.min.js"></script>
1<script type="module"> 2 import JSON5 from 'https://unpkg.com/json5@2/dist/index.min.mjs' 3</script>
The JSON5 API is compatible with the JSON API.
Parses a JSON5 string, constructing the JavaScript value or object described by the string. An optional reviver function can be provided to perform a transformation on the resulting object before it is returned.
JSON5.parse(text[, reviver])
text
: The string to parse as JSON5.reviver
: If a function, this prescribes how the value originally produced by
parsing is transformed, before being returned.The object corresponding to the given JSON5 text.
Converts a JavaScript value to a JSON5 string, optionally replacing values if a replacer function is specified, or optionally including only the specified properties if a replacer array is specified.
JSON5.stringify(value[, replacer[, space]])
JSON5.stringify(value[, options])
value
: The value to convert to a JSON5 string.replacer
: A function that alters the behavior of the stringification
process, or an array of String and Number objects that serve as a whitelist
for selecting/filtering the properties of the value object to be included in
the JSON5 string. If this value is null or not provided, all properties of the
object are included in the resulting JSON5 string.space
: A String or Number object that's used to insert white space into the
output JSON5 string for readability purposes. If this is a Number, it
indicates the number of space characters to use as white space; this number is
capped at 10 (if it is greater, the value is just 10). Values less than 1
indicate that no space should be used. If this is a String, the string (or the
first 10 characters of the string, if it's longer than that) is used as white
space. If this parameter is not provided (or is null), no white space is used.
If white space is used, trailing commas will be used in objects and arrays.options
: An object with the following properties:
replacer
: Same as the replacer
parameter.space
: Same as the space
parameter.quote
: A String representing the quote character to use when serializing
strings.A JSON5 string representing the value.
require()
JSON5 filesWhen using Node.js, you can require()
JSON5 files by adding the following
statement.
1require('json5/lib/register')
Then you can load a JSON5 file with a Node.js require()
statement. For
example:
1const config = require('./config.json5')
Since JSON is more widely used than JSON5, this package includes a CLI for converting JSON5 to JSON and for validating the syntax of JSON5 documents.
1npm install --global json5
1json5 [options] <file>
If <file>
is not provided, then STDIN is used.
-s
, --space
: The number of spaces to indent or t
for tabs-o
, --out-file [file]
: Output to the specified file, otherwise STDOUT-v
, --validate
: Validate JSON5 but do not output JSON-V
, --version
: Output the version number-h
, --help
: Output usage information1git clone https://github.com/json5/json5 2cd json5 3npm install
When contributing code, please write relevant tests and run npm test
and npm run lint
before submitting pull requests. Please use an editor that supports
EditorConfig.
To report bugs or request features regarding the JSON5 data format, please submit an issue to the official specification repository.
Note that we will never add any features that make JSON5 incompatible with ES5; that compatibility is a fundamental premise of JSON5.*
To report bugs or request features regarding this JavaScript implementation of JSON5, please submit an issue to this repository.
To report a security vulnerability, please follow the follow the guidelines described in our security policy.
While JSON5 aims to be fully compatible with ES5, there is one exception where both JSON and JSON5 are not. Both JSON and JSON5 allow unescaped line and paragraph separator characters (U+2028 and U+2029) in strings, however ES5 does not. A proposal to allow these characters in strings was adopted into ES2019, making JSON and JSON5 fully compatible with ES2019.
MIT. See LICENSE.md for details.
Aseem Kishore founded this project. He wrote a blog post about the journey and lessons learned 10 years in.
Michael Bolin independently arrived at and published some of these same ideas with awesome explanations and detail. Recommended reading: Suggested Improvements to JSON
Douglas Crockford of course designed and built JSON, but his state machine diagrams on the JSON website, as cheesy as it may sound, gave us motivation and confidence that building a new parser to implement these ideas was within reach! The original implementation of JSON5 was also modeled directly off of Doug’s open-source json_parse.js parser. We’re grateful for that clean and well-documented code.
Max Nanasy has been an early and prolific supporter, contributing multiple patches and ideas.
Andrew Eisenberg contributed the original
stringify
method.
Jordan Tucker has aligned JSON5 more closely with ES5, wrote the official JSON5 specification, completely rewrote the codebase from the ground up, and is actively maintaining this project.
The latest stable version of the package.
Stable Version
2
7.1/10
Summary
Prototype Pollution in JSON5 via Parse Method
Affected Versions
< 1.0.2
Patched Versions
1.0.2
7.1/10
Summary
Prototype Pollution in JSON5 via Parse Method
Affected Versions
>= 2.0.0, < 2.2.2
Patched Versions
2.2.2
Reason
security policy file detected
Details
Reason
no binaries found in the repo
Reason
license file detected
Details
Reason
Found 6/27 approved changesets -- score normalized to 2
Reason
1 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Reason
45 existing vulnerabilities detected
Details
Score
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More