JSON->URL defines a text format for the JSON data model suitable for use within a URL/URI (as described by RFC3986). This repository holds the JavaScript reference implementation of JSON->URL.
Home Page: http://www.jsonurl.org/
License: MIT License
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Please install our new product, Sonatype Lift with advanced features
Vulnerabilities
DepShield reports that this application's usage of kind-of:4.0.0 results in the following vulnerability(s):
Occurrences
kind-of:4.0.0 is a transitive dependency introduced by the following direct dependency(s):
• babel-cli:6.26.0
└─ chokidar:1.7.0
└─ readdirp:2.2.1
└─ micromatch:3.1.10
└─ snapdragon:0.8.2
└─ base:0.11.2
└─ cache-base:1.0.1
└─ has-value:1.0.0
└─ has-values:1.0.0
└─ kind-of:4.0.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of glob-parent:5.1.1 results in the following vulnerability(s):
Occurrences
glob-parent:5.1.1 is a transitive dependency introduced by the following direct dependency(s):
• rollup-plugin-eslint:7.0.0
└─ eslint:6.8.0
└─ glob-parent:5.1.1
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of marked:0.8.2 results in the following vulnerability(s):
Occurrences
marked:0.8.2 is a transitive dependency introduced by the following direct dependency(s):
• jsdoc:3.6.6
└─ marked:0.8.2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
as #102 shows, the fact that JsonURL doesn't round-trip empty arrays is pretty surprising. I can't really think of a situation where you would want to save the : byte versus being able to round-trip the correct type
(I also wouldn't mind if AQF were the default since that's the main usage of this library, I think, but I don't know if that might have some backwards compatability problems)
Vulnerabilities
DepShield reports that this application's usage of lodash.sortby:4.7.0 results in the following vulnerability(s):
Occurrences
lodash.sortby:4.7.0 is a transitive dependency introduced by the following direct dependency(s):
• jest:26.1.0
└─ @jest/core:26.1.0
└─ jest-config:26.1.0
└─ jest-environment-jsdom:26.1.0
└─ jsdom:16.3.0
└─ whatwg-url:8.1.0
└─ lodash.sortby:4.7.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of braces:1.8.5 results in the following vulnerability(s):
Occurrences
braces:1.8.5 is a transitive dependency introduced by the following direct dependency(s):
• babel-cli:6.26.0
└─ chokidar:1.7.0
└─ anymatch:1.3.2
└─ micromatch:2.3.11
└─ braces:1.8.5
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
I'd love to see typescript support or at least type declaration file.
thanks!
Hi,
I found a bug parsing empty arrays.
See the example in the image bellow.
Vulnerabilities
DepShield reports that this application's usage of lodash.debounce:4.0.8 results in the following vulnerability(s):
Occurrences
lodash.debounce:4.0.8 is a transitive dependency introduced by the following direct dependency(s):
• @babel/preset-env:7.13.15
└─ babel-plugin-polyfill-corejs2:0.2.0
└─ @babel/helper-define-polyfill-provider:0.2.0
└─ lodash.debounce:4.0.8
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Chrome and firefox both percent encode apostrophe in URL query strings. This can be mitigated by using options.impliedStringLiterals, but that has the side effect that other literal types can't be represented.
A new grammar option that removes apostrophy, uses an escape-based syntax rather than the encoding-based syntax, and uses a different syntax to distinguish between true, false, null, number, and string would solve this problem.
Hi,
I have issues converting a string containing the equal "=" value back from url to json.
The "=" seems not be to escaped as is, however if the string containing the "=" also contains an ampersand, then it is properly escaped and parsed back. I thought of enabling the wwwFormUrlEncoded property but it did not solve the problem.
Here is a record of the behavior (from the playground):
Is this the expected behavior ?
Vulnerabilities
DepShield reports that this application's usage of kind-of:5.1.0 results in the following vulnerability(s):
Occurrences
kind-of:5.1.0 is a transitive dependency introduced by the following direct dependency(s):
• babel-cli:6.26.0
└─ chokidar:1.7.0
└─ readdirp:2.2.1
└─ micromatch:3.1.10
└─ snapdragon:0.8.2
└─ define-property:0.2.5
└─ is-descriptor:0.1.6
└─ kind-of:5.1.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of kind-of:3.2.2 results in the following vulnerability(s):
Occurrences
kind-of:3.2.2 is a transitive dependency introduced by the following direct dependency(s):
• babel-cli:6.26.0
└─ chokidar:1.7.0
└─ anymatch:1.3.2
└─ micromatch:2.3.11
└─ braces:1.8.5
└─ expand-range:1.8.2
└─ fill-range:2.2.4
└─ is-number:2.1.0
└─ kind-of:3.2.2
└─ kind-of:3.2.2
└─ readdirp:2.2.1
└─ micromatch:3.1.10
└─ braces:2.3.2
└─ fill-range:4.0.0
└─ is-number:3.0.0
└─ kind-of:3.2.2
└─ snapdragon-node:2.1.1
└─ snapdragon-util:3.0.1
└─ kind-of:3.2.2
└─ snapdragon:0.8.2
└─ base:0.11.2
└─ cache-base:1.0.1
└─ has-value:1.0.0
└─ has-values:1.0.0
└─ is-number:3.0.0
└─ kind-of:3.2.2
└─ to-object-path:0.3.0
└─ kind-of:3.2.2
└─ class-utils:0.3.6
└─ static-extend:0.1.2
└─ object-copy:0.1.0
└─ kind-of:3.2.2
└─ define-property:0.2.5
└─ is-descriptor:0.1.6
└─ is-accessor-descriptor:0.1.6
└─ kind-of:3.2.2
└─ is-data-descriptor:0.1.4
└─ kind-of:3.2.2
• babel-jest:26.1.0
└─ @jest/transform:26.1.0
└─ jest-haste-map:26.1.0
└─ sane:4.1.0
└─ micromatch:3.1.10
└─ braces:2.3.2
└─ fill-range:4.0.0
└─ is-number:3.0.0
└─ kind-of:3.2.2
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Will this be available on npm?
Hi, amazing library.
the most beautiful format ive seen so far.
Is this ready for production?
const x = { text: '-1' };
const xStringified = JsonURL.stringify(x, { AQF: true });
const parsed = JsonURL.parse(xStringified, { AQF: true });
console.assert(parsed['text'] == x['text'], 'parsed should be equal to x');"-1" gets encoded as (!-1) and it gets parsed as ",1".
Any string value that contains '=' breaks JSONUrl when parsing back from string to JSON.
Exmaple:
JSONUrl.stringify({"test":"foo=bar"}); // returns (test:foo=bar)
JSONUrl.parse('(test:foo=bar)'); // SyntaxError: JSON->URL: expected comma, open paren, or close paren at position 9
Vulnerabilities
DepShield reports that this application's usage of debug:2.6.9 results in the following vulnerability(s):
Occurrences
debug:2.6.9 is a transitive dependency introduced by the following direct dependency(s):
• babel-cli:6.26.0
└─ babel-core:6.26.3
└─ debug:2.6.9
└─ babel-traverse:6.26.0
└─ debug:2.6.9
└─ chokidar:1.7.0
└─ readdirp:2.2.1
└─ micromatch:3.1.10
└─ extglob:2.0.4
└─ expand-brackets:2.1.4
└─ debug:2.6.9
└─ snapdragon:0.8.2
└─ debug:2.6.9
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Hi,
First of all, thank you for a great package!
I'm using this in an Angular 15 project. Angular points out that JSON→URL is a CommonJS module, which can prevent bundlers and minifiers from optimizing my application, which results in a larger bundle size. It recommends not to depend on CommonJS modules and instead use ECMAScript modules.
Any chance of an ECMAScript module of JSON→URL?
Vulnerabilities
DepShield reports that this application's usage of lodash.flatten:4.4.0 results in the following vulnerability(s):
Occurrences
lodash.flatten:4.4.0 is a transitive dependency introduced by the following direct dependency(s):
• eslint:7.25.0
└─ table:6.5.1
└─ lodash.flatten:4.4.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of lodash.clonedeep:4.5.0 results in the following vulnerability(s):
Occurrences
lodash.clonedeep:4.5.0 is a transitive dependency introduced by the following direct dependency(s):
• eslint:7.25.0
└─ table:6.5.1
└─ lodash.clonedeep:4.5.0
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Vulnerabilities
DepShield reports that this application's usage of lodash:4.17.19 results in the following vulnerability(s):
Occurrences
lodash:4.17.19 is a transitive dependency introduced by the following direct dependency(s):
• @babel/cli:7.10.5
└─ lodash:4.17.19
• @babel/preset-env:7.11.0
└─ @babel/plugin-proposal-async-generator-functions:7.10.5
└─ @babel/helper-remap-async-to-generator:7.10.4
└─ @babel/traverse:7.11.0
└─ lodash:4.17.19
└─ @babel/plugin-transform-classes:7.10.4
└─ @babel/helper-define-map:7.10.5
└─ lodash:4.17.19
└─ @babel/plugin-transform-modules-amd:7.10.5
└─ @babel/helper-module-transforms:7.11.0
└─ lodash:4.17.19
└─ @babel/plugin-transform-sticky-regex:7.10.4
└─ @babel/helper-regex:7.10.5
└─ lodash:4.17.19
└─ @babel/types:7.11.0
└─ lodash:4.17.19
• babel-jest:26.3.0
└─ @jest/transform:26.3.0
└─ @babel/core:7.11.1
└─ lodash:4.17.19
• eslint:7.7.0
└─ lodash:4.17.19
└─ table:5.4.6
└─ lodash:4.17.19
• eslint-plugin-jest:23.20.0
└─ @typescript-eslint/experimental-utils:2.34.0
└─ @typescript-eslint/typescript-estree:2.34.0
└─ lodash:4.17.19
• jest:26.4.2
└─ @jest/core:26.4.2
└─ jest-config:26.4.2
└─ jest-environment-jsdom:26.3.0
└─ jsdom:16.4.0
└─ request-promise-native:1.0.9
└─ request-promise-core:1.1.4
└─ lodash:4.17.19
• jsdoc:3.6.5
└─ catharsis:0.8.11
└─ lodash:4.17.19
└─ requizzle:0.2.3
└─ lodash:4.17.19
• rollup-plugin-eslint:7.0.0
└─ eslint:6.8.0
└─ inquirer:7.3.3
└─ lodash:4.17.19
└─ lodash:4.17.19
This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.
Using https://sonarcloud.io/project/issues?id=jsonurl-js&resolved=false as a reference, resolve one or more codesmells.
I've been playing around with this library and encountered a weird cornercase. The following parses fail:
JsonURL.parse("e,!e", { AQF: true, impliedArray: [] })
JsonURL.parse("e:!e", { AQF: true, impliedObject: {} })
Using an explicit array/object or making sure the !e is not at the end seems to make it work.
This looks like a bug to me, am I wrong?
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.