vm2 | json5 | |
---|---|---|
14 | 94 | |
3,826 | 6,301 | |
- | 0.7% | |
4.5 | 0.0 | |
about 2 months ago | 5 months ago | |
JavaScript | JavaScript | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
vm2
- Vm2 discontinued due to unfixable security issues
- VM2 (Puppeteer Dependency) Is Deprecated Due to Critical Security Issues
- NPM package vm2 is no longer secure
-
CVE-2023-29017 / Query Help
Sandbox Escape · Advisory · patriksimek/vm2 · GitHub
- Sandbox Escape in VM2 - designed to run untrusted code in an isolated context on Node.js servers - used by integrated development environments (IDEs) and code editors, function-as-a-service (FaaS) solutions, pen-testing frameworks, security tools, and various JavaScript-related products
- Does reinitializing a new vm cause memory leak when using vm2?
- Is there a way to destroy the vm when using vm2?
-
What is the purpose of 'vm' module?
There are projects like vm2 based on vm, but they seem to be offer best-effort solutions for avoiding frequently discovered vulnerabilities, and cannot guarantee safety in general.
-
[AskJS] How to security test JS playground?
Here is link number 1 - Previous text "vm2"
-
Run untrusted code in sandbox
Something like this? https://github.com/patriksimek/vm2
json5
- JSON5 – JSON for Humans
- Why the fuck are we templating YAML? (2019)
-
I pre-released my project "json-responder" written in Rust
JSON5 support
-
topoconfig: enhancing config declarations with graphs
Meanwhile, formats have been evolving (JSON5, YAML), config entry points are constantly changing. These fluctuations, fortunately, were covered by tools like the cosmiconfig.
-
That's a Lot of YAML
I think JSON5 is fairly close to this: https://json5.org
I reckon the only thing it's missing to be truly accessible to non-techies is that string values still need to be quoted, i.e. you can't have:
key: this is my value
(I'm definitely not saying it would be a good idea to allow quotes to be dropped, just that that's the only potential stumbling block I see for non-techies.)
-
XML is better than YAML
I believe that's JSON5.
https://github.com/json5/json5
It's my preferred configuration file format, it fixes all the problems I have with JSON (trailing commas, comments) without turning it into a mess full of gotchas like YAML.
- Fx – Terminal JSON Viewer
- What Is Wrong with TOML?
-
🚀 'GET' API in API Maker
JSON 5 support
-
TySON: a native go library that lets you use TypeScript as an embedded configuration language without depending on Node or V8
I would like to see mention of JSON5 which is 11 years its elder. For comments in JSON, JSON5 is a good starting point.
What are some alternatives?
deno - A modern runtime for JavaScript and TypeScript.
Json.NET - Json.NET is a popular high-performance JSON framework for .NET
TypeScript - TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
hjson-js - Hjson for JavaScript
JS-Interpreter - A sandboxed JavaScript interpreter in JavaScript.
jq - Command-line JSON processor [Moved to: https://github.com/jqlang/jq]
jk - Configuration as Code with ECMAScript
toml - Tom's Obvious, Minimal Language
sysbox - An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.
jsonnet - Jsonnet - The data templating language
rfcs - Public change requests/proposals & ideation
sublime-hjson - Hjson support for Sublime Text