Hi all,
I've been working on a strict, security-focused subset of CSON called CSONH (Concise Structured Object Notation for Humanity).
The goal was to solve the "security by design" problem for configuration files without losing the readability of CSON.
Key Differences from standard CSON:
- Data-Only: No code execution, no expressions, no interpolation.
- Strict Parsing: Rejects "Norway Problem" ambiguities (case-sensitive booleans).
- Zero Dependency: Standalone parsers for Python and JS that do not require the CoffeeScript compiler.
It is effectively "Safe Mode CSON."
I am sharing this here in case anyone looking for a CSON parser needs strict security guarantees (e.g., loading untrusted config files).
Spec & Impl: https://github.com/pythagorean/csonh
Thanks for the inspiration of the original format!
Hi all,
I've been working on a strict, security-focused subset of CSON called CSONH (Concise Structured Object Notation for Humanity).
The goal was to solve the "security by design" problem for configuration files without losing the readability of CSON.
Key Differences from standard CSON:
It is effectively "Safe Mode CSON."
I am sharing this here in case anyone looking for a CSON parser needs strict security guarantees (e.g., loading untrusted config files).
Spec & Impl: https://github.com/pythagorean/csonh
Thanks for the inspiration of the original format!