npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

jsonpickle

v1.1.2

Published

Javascript reinterpretation of Python jsonpickle to allow reading and (to a lesser extent) writing JSON objects

Downloads

138

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

mscuthbertmscuthbert

Keywords

jsonpicklepythonjsonpickle

Readme

jsonpickleJS

Javascript reinterpretation of Python jsonpickle to allow reading and (to a lesser extent) writing JSON objects

Copyright (c) 2014 Michael Scott Cuthbert and cuthbertLab. Released under the BSD (3-clause) license. See LICENSE.

Python to Javascript and Back

Python has a remarkable number of ways (for a language that believes there's only one way to do it) to transfer data between itself and Javascript, most obviously with the json.dump()/json.dumps() calls, which work well on specifically created data, especially of primitive objects. It also has a good number of ways to store the contents of an object so that it could be reloaded later into the same Python interpreter/session. The most well known of these is the pickle module, which stores the Python data as binary data.

The external jsonpickle module, which you'll need to have installed to make this module have any sense, combines the features of json and pickle, storing Python data in a JSON (Javascript Object Notation) string, via jsonpickle.encode() that can be parsed back by jsonpickle.decode() to get nearly all data types restored to their previous state. (Highly recommended: jsonpickle v1.7 or higher. Older versions will not serialize recursive data structures as necessary for a lot of applications.)

Since JSON is one of the most easily parsed formats in Javascript (the name should be a giveaway), this project, jsonpickleJS, exists to parse the output of Python's jsonpickle into objects in Javascript. The constructors of the objects need to have the same names and exist in the global namespace, such as window, in the Javascript. For instance, if you have a class called myobject.Thing in Python, you'll need to have a Prototype constructor function called window.myobject.Thing in Javascript. The object, and any subobjects, will be created as closely as possible in Javascript.

The reverse is also possible, with some caveats. Since Javascript doesn't (until ECMAScript 6) have the concept of named classes, each object will need to have a marker somewhere on it saying what Python object it should convert back to. The marker is o[jsonpickle.tags.PY_CLASS] = 'fully.qualified.ClassName'. It may be possible in the future to use instanceof through the entire Global namespace to figure out what something is, but that seems rather dangerous and inefficient (A project for later).

Limitations

Remember that Javascript does not have tuples, so all tuple objects are changed to lists. Namedtuples behave the same way, I believe. Dicts and Objects are identical in Javascript (both a blessing and a curse).

Security

Pickle, jsonpickle, and jsonpickleJS all raise important security considerations you must be aware of. You will be loading data directly into Python or Javascript with no checks on what the data contains. Only load data you have personally produced if you want to be safe. In Javascript, malicious data may compromise your browser, browser history, functioning of the current web page, etc. That's pretty bad, but nothing compared to what can happen if you load jsonpickle data from Javascript into Python: a maliciously written set of jsonpickle data may be able to send the contents of any file back to the net or manipulate or delete the hard drive of the server. It may be that the parsed Python object have to be called in some way, but it may even be possible to have malicious code executed just on parsing; assume the worst. Your .html/.js may only produce safe data, but anyone with JS programming experience can inject other data into your server scripts. Be safe: be cautious going from Python to Javascript and NEVER accept Javascript-produced jsonpickle data from the net into your Python program in any sort of open environment.

Usage

See the source code of: testUnpickle.html to see how to use it. JsonpickleJS follows the AMD moduleloader standard, so set the src="" attribute in the <script> to an AMD loader such as //cdnjs.cloudflare.com/ajax/libs/require.js/2.1.14/require.min.js (or the included local version in jsonpickleJS/ext/require/require.js) and the data-main attribute to jsonpickleJS/main (no .js). Then call var o = jsonpickle.decode(jsonStr) to get the Python object back as a JS object named o.

See the cuthbertLab/music21 and cuthbertLab/music21j projects and especially the .show('vexflow') component for an example of how jsonpickleJS can be extremely useful for projects that have parallel data structures between Python and Javascript.