Skip to content
main
Switch branches/tags
Code

Latest commit

Our doc checks do not like that construct, even though newer versions
of Sphinx support it. Drop it for now.

Signed-off-by: David Aguilar <davvid@gmail.com>
a15517e

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
https://readthedocs.org/projects/jsonpickle/badge/?version=latest Github Actions BSD

jsonpickle

jsonpickle is a library for the two-way conversion of complex Python objects and JSON. jsonpickle builds upon the existing JSON encoders, such as simplejson, json, and demjson.

Warning

jsonpickle can execute arbitrary Python code.

Please see the Security section for more details.

For complete documentation, please visit the jsonpickle documentation.

Bug reports and merge requests are encouraged at the jsonpickle repository on github.

jsonpickle supports Python 2.7 and Python 3.4 or greater.

Why jsonpickle?

Data serialized with python's pickle (or cPickle or dill) is not easily readable outside of python. Using the json format, jsonpickle allows simple data types to be stored in a human-readable format, and more complex data types such as numpy arrays and pandas dataframes, to be machine-readable on any platform that supports json. E.g., unlike pickled data, jsonpickled data stored in an Amazon S3 bucket is indexible by Amazon's Athena.

Security

jsonpickle should be treated the same as the Python stdlib pickle module from a security perspective.

Warning

The jsonpickle module is not secure. Only unpickle data you trust.

It is possible to construct malicious pickle data which will execute arbitrary code during unpickling. Never unpickle data that could have come from an untrusted source, or that could have been tampered with.

Consider signing data with an HMAC if you need to ensure that it has not been tampered with.

Safer deserialization approaches, such as reading JSON directly, may be more appropriate if you are processing untrusted data.

Install

Install from pip for the latest stable release:

pip install jsonpickle

Install from github for the latest changes:

pip install git+https://github.com/jsonpickle/jsonpickle.git

If you have the files checked out for development:

git clone https://github.com/jsonpickle/jsonpickle.git
cd jsonpickle
python setup.py develop

Numpy Support

jsonpickle includes a built-in numpy extension. If would like to encode sklearn models, numpy arrays, and other numpy-based data then you must enable the numpy extension by registering its handlers:

>>> import jsonpickle.ext.numpy as jsonpickle_numpy
>>> jsonpickle_numpy.register_handlers()

Pandas Support

jsonpickle includes a built-in pandas extension. If would like to encode pandas DataFrame or Series objects then you must enable the pandas extension by registering its handlers:

>>> import jsonpickle.ext.pandas as jsonpickle_pandas
>>> jsonpickle_pandas.register_handlers()

jsonpickleJS

jsonpickleJS is a javascript implementation of jsonpickle by Michael Scott Cuthbert. jsonpickleJS can be extremely useful for projects that have parallel data structures between Python and Javascript.

License

Licensed under the BSD License. See COPYING for details. See jsonpickleJS/LICENSE for details about the jsonpickleJS license.

Development

Use make to run the unit tests:

make test

pytest is used to run unit tests internally.

A tox target is provided to run tests using tox. Setting multi=1 tests using all installed and supported Python versions:

make tox
make tox multi=1

jsonpickle itself has no dependencies beyond the Python stdlib. tox is required for testing when using the tox test runner only.

The testing requirements are specified in requirements-dev.txt. It is recommended to create a virtualenv and run tests from within the virtualenv, or use a tool such as vx to activate the virtualenv without polluting the shell environment:

python3 -mvenv env3x
vx env3x pip install --requirement requirements-dev.txt
vx env3x make test

jsonpickle supports multiple Python versions, so using a combination of multiple virtualenvs and tox is useful in order to catch compatibility issues when developing.

About

Python library for serializing any arbitrary object graph into JSON. It can take almost any Python object and turn the object into JSON. Additionally, it can reconstitute the object back into Python.

Topics

Resources

License

Packages

No packages published