@socketsecurity/lib
Version:
Core utilities and infrastructure for Socket.dev security tools
130 lines (129 loc) • 4.28 kB
JavaScript
;
/* Socket Lib - Built with esbuild */
var __defProp = Object.defineProperty;
var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
var __getOwnPropNames = Object.getOwnPropertyNames;
var __hasOwnProp = Object.prototype.hasOwnProperty;
var __export = (target, all) => {
for (var name in all)
__defProp(target, name, { get: all[name], enumerable: true });
};
var __copyProps = (to, from, except, desc) => {
if (from && typeof from === "object" || typeof from === "function") {
for (let key of __getOwnPropNames(from))
if (!__hasOwnProp.call(to, key) && key !== except)
__defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
}
return to;
};
var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
var json_parser_exports = {};
__export(json_parser_exports, {
createJsonParser: () => createJsonParser,
parseJsonWithResult: () => parseJsonWithResult,
parseNdjson: () => parseNdjson,
safeJsonParse: () => safeJsonParse,
streamNdjson: () => streamNdjson,
tryJsonParse: () => tryJsonParse
});
module.exports = __toCommonJS(json_parser_exports);
const { hasOwn: ObjectHasOwn } = Object;
function safeJsonParse(jsonString, schema, options = {}) {
const { allowPrototype = false, maxSize = 10 * 1024 * 1024 } = options;
const byteLength = Buffer.byteLength(jsonString, "utf8");
if (byteLength > maxSize) {
throw new Error(
`JSON string exceeds maximum size limit${maxSize !== 10 * 1024 * 1024 ? ` of ${maxSize} bytes` : ""}`
);
}
let parsed;
try {
parsed = JSON.parse(jsonString);
} catch (error) {
throw new Error(`Failed to parse JSON: ${error}`);
}
if (!allowPrototype && typeof parsed === "object" && parsed !== null && !Array.isArray(parsed)) {
const dangerous = ["__proto__", "constructor", "prototype"];
for (const key of dangerous) {
if (ObjectHasOwn(parsed, key)) {
throw new Error(
"JSON contains potentially malicious prototype pollution keys"
);
}
}
}
if (schema) {
const result = schema.safeParse(parsed);
if (!result.success) {
const errors = result.error.issues.map(
(issue) => `${issue.path.join(".")}: ${issue.message}`
).join(", ");
throw new Error(`Validation failed: ${errors}`);
}
return result.data;
}
return parsed;
}
function tryJsonParse(jsonString, schema, options) {
try {
return safeJsonParse(jsonString, schema, options);
} catch {
return void 0;
}
}
function parseJsonWithResult(jsonString, schema, options) {
try {
const data = safeJsonParse(jsonString, schema, options);
return { success: true, data };
} catch (error) {
const message = error instanceof Error ? error.message : "Unknown error";
return { success: false, error: message };
}
}
function createJsonParser(schema, defaultOptions) {
return (jsonString, options) => {
return safeJsonParse(jsonString, schema, { ...defaultOptions, ...options });
};
}
function parseNdjson(ndjson, schema, options) {
const results = [];
const lines = ndjson.split(/\r?\n/);
for (let i = 0; i < lines.length; i++) {
const line = lines[i]?.trim();
if (!line || line === "") {
continue;
}
try {
const parsed = safeJsonParse(line, schema, options);
results.push(parsed);
} catch (error) {
const message = error instanceof Error ? error.message : String(error);
throw new Error(`Failed to parse NDJSON at line ${i + 1}: ${message}`);
}
}
return results;
}
function* streamNdjson(ndjson, schema, options) {
const lines = ndjson.split(/\r?\n/);
for (let i = 0; i < lines.length; i++) {
const line = lines[i]?.trim();
if (!line || line === "") {
continue;
}
try {
yield safeJsonParse(line, schema, options);
} catch (error) {
const message = error instanceof Error ? error.message : String(error);
throw new Error(`Failed to parse NDJSON at line ${i + 1}: ${message}`);
}
}
}
// Annotate the CommonJS export names for ESM import in node:
0 && (module.exports = {
createJsonParser,
parseJsonWithResult,
parseNdjson,
safeJsonParse,
streamNdjson,
tryJsonParse
});