npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

yaml-parser

v3.5.3

Published

YAML 1.2 parser and serializer

Downloads

678

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

flobyfloby

Keywords

yamlparserserializerpyyaml

Readme

YAML-PARSER - YAML 1.2 parser / writer for JavaScript

Build Status NPM version

Online Demo

yaml-parser is a fork of js-yaml whose goal is to remove command-line functionalities in order to provide a leaner module.

This is an implementation of YAML, a human friendly data serialization language. Started as PyYAML port, it was completely rewritten from scratch. Now it's very fast, and supports 1.2 spec.

Installation

YAML module for node.js

npm install --save js-yaml

API

Here we cover the most 'useful' methods. If you need advanced details (creating your own tags), see wiki and examples for more info.

yaml = require('js-yaml');
fs   = require('fs');

// Get document, or throw exception on error
try {
  var doc = yaml.safeLoad(fs.readFileSync('/home/ixti/example.yml', 'utf8'));
  console.log(doc);
} catch (e) {
  console.log(e);
}

safeLoad (string [ , options ])

Recommended loading way. Parses string as single YAML document. Returns a JavaScript object or throws YAMLException on error. By default, does not support regexps, functions and undefined. This method is safe for untrusted data.

options:

  • filename (default: null) - string to be used as a file path in error/warning messages.
  • onWarning (default: null) - function to call on warning messages. Loader will throw on warnings if this function is not provided.
  • schema (default: DEFAULT_SAFE_SCHEMA) - specifies a schema to use.
    • FAILSAFE_SCHEMA - only strings, arrays and plain objects: http://www.yaml.org/spec/1.2/spec.html#id2802346
    • JSON_SCHEMA - all JSON-supported types: http://www.yaml.org/spec/1.2/spec.html#id2803231
    • CORE_SCHEMA - same as JSON_SCHEMA: http://www.yaml.org/spec/1.2/spec.html#id2804923
    • DEFAULT_SAFE_SCHEMA - all supported YAML types, without unsafe ones (!!js/undefined, !!js/regexp and !!js/function): http://yaml.org/type/
    • DEFAULT_FULL_SCHEMA - all supported YAML types.
  • json (default: false) - compatibility with JSON.parse behaviour. If true, then duplicate keys in a mapping will override values rather than throwing an error.

NOTE: This function does not understand multi-document sources, it throws exception on those.

NOTE: JS-YAML does not support schema-specific tag resolution restrictions. So, JSON schema is not as strict as defined in the YAML specification. It allows numbers in any notation, use Null and NULL as null, etc. Core schema also has no such restrictions. It allows binary notation for integers.

load (string [ , options ])

Use with care with untrusted sources. The same as safeLoad() but uses DEFAULT_FULL_SCHEMA by default - adds some JavaScript-specific types: !!js/function, !!js/regexp and !!js/undefined. For untrusted sources you must additionally validate object structure, to avoid injections:

var untrusted_code = '"toString": !<tag:yaml.org,2002:js/function> "function (){very_evil_thing();}"';

// I'm just converting that string, what could possibly go wrong?
require('js-yaml').load(untrusted_code) + ''

safeLoadAll (string, iterator [ , options ])

Same as safeLoad(), but understands multi-document sources and apply iterator to each document.

var yaml = require('js-yaml');

yaml.safeLoadAll(data, function (doc) {
  console.log(doc);
});

loadAll (string, iterator [ , options ])

Same as safeLoadAll() but uses DEFAULT_FULL_SCHEMA by default.

safeDump (object [ , options ])

Serializes object as YAML document. Uses DEFAULT_SAFE_SCHEMA, so it will throw exception if you try to dump regexps or functions. However, you can disable exceptions by skipInvalid option.

options:

  • indent (default: 2) - indentation width to use (in spaces).
  • skipInvalid (default: false) - do not throw on invalid types (like function in the safe schema) and skip pairs and single values with such types.
  • flowLevel (default: -1) - specifies level of nesting, when to switch from block to flow style for collections. -1 means block style everwhere
  • styles - "tag" => "style" map. Each tag may have own set of styles.
  • schema (default: DEFAULT_SAFE_SCHEMA) specifies a schema to use.
  • sortKeys (default: false) - if true, sort keys when dumping YAML. If a function, use the function to sort the keys.
  • lineWidth (default: 80) - set max line width.
  • noRefs (default: false) - if true, don't convert duplicate objects into references

styles:

!!null
  "canonical"   => "~"

!!int
  "binary"      => "0b1", "0b101010", "0b1110001111010"
  "octal"       => "01", "052", "016172"
  "decimal"     => "1", "42", "7290"
  "hexadecimal" => "0x1", "0x2A", "0x1C7A"

!!null, !!bool, !!float
  "lowercase"   => "null", "true", "false", ".nan", '.inf'
  "uppercase"   => "NULL", "TRUE", "FALSE", ".NAN", '.INF'
  "camelcase"   => "Null", "True", "False", ".NaN", '.Inf'

By default, !!int uses decimal, and !!null, !!bool, !!float use lowercase.

dump (object [ , options ])

Same as safeDump() but without limits (uses DEFAULT_FULL_SCHEMA by default).

Supported YAML types

The list of standard YAML tags and corresponding JavaScipt types. See also YAML tag discussion and YAML types repository.

!!null ''                   # null
!!bool 'yes'                # bool
!!int '3...'                # number
!!float '3.14...'           # number
!!binary '...base64...'     # buffer
!!timestamp 'YYYY-...'      # date
!!omap [ ... ]              # array of key-value pairs
!!pairs [ ... ]             # array or array pairs
!!set { ... }               # array of objects with given keys and null values
!!str '...'                 # string
!!seq [ ... ]               # array
!!map { ... }               # object

JavaScript-specific tags

!!js/regexp /pattern/gim            # RegExp
!!js/undefined ''                   # Undefined
!!js/function 'function () {...}'   # Function

Caveats

Note, that you use arrays or objects as key in JS-YAML. JS does not allow objects or array as keys, and stringifies (by calling .toString method) them at the moment of adding them.

---
? [ foo, bar ]
: - baz
? { foo: bar }
: - baz
  - baz
{ "foo,bar": ["baz"], "[object Object]": ["baz", "baz"] }

Also, reading of properties on implicit block mapping keys is not supported yet. So, the following YAML document cannot be loaded.

&anchor foo:
  foo: bar
  *anchor: duplicate key
  baz: bat
  *anchor: duplicate key

Breaking changes in 2.x.x -> 3.x.x

If you have not used custom tags or loader classes and not loaded yaml files via require() - no changes needed. Just upgrade library.

Otherwise, you should:

  1. Replace all occurences of require('xxxx.yml') by fs.readFileSync() + yaml.safeLoad().
  2. rewrite your custom tags constructors and custom loader classes, to conform new API. See examples and wiki for details.

License

View the LICENSE file (MIT).