Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
@babel/template
Advanced tools
The @babel/template package is a part of the Babel toolchain that allows developers to create AST (Abstract Syntax Tree) nodes with placeholders programmatically. This is useful for code generation, transformation, and manipulation tasks where you want to produce syntactically correct code snippets based on a template with variable parts.
Building AST Nodes
This feature allows you to build AST nodes using template literals with placeholders. The placeholders are then replaced with actual values to create a syntactically correct code snippet.
const template = require('@babel/template').default;
const buildRequire = template(`
const %%importName%% = require(%%source%%);
`);
const ast = buildRequire({
importName: template.identifier('myModule'),
source: template.stringLiteral('my-module')
});
Using Placeholders
This feature demonstrates how to use placeholders for different parts of the code, such as function names, parameters, and bodies. The placeholders are replaced with AST nodes representing identifiers, arrays of identifiers, and block statements, respectively.
const template = require('@babel/template').default;
const buildFunction = template(`
function %%funcName%%(%%params%%) {
return %%body%%;
}
`);
const ast = buildFunction({
funcName: template.identifier('myFunction'),
params: [template.identifier('a'), template.identifier('b')],
body: template.blockStatement([])
});
Customizing Placeholder Patterns
This feature shows how to customize the placeholder pattern used in the template. This is useful when you want to define a specific pattern for your placeholders to avoid conflicts with other parts of the code.
const template = require('@babel/template').default;
const buildAssertion = template(`
assert(%%test%%, '%%errorMessage%%');
`, {
placeholderPattern: /^%%[a-zA-Z0-9_]+%%$/
});
const ast = buildAssertion({
test: template.binaryExpression('===', template.identifier('a'), template.numericLiteral(3)),
errorMessage: template.stringLiteral('a is not 3')
});
Recast is a JavaScript AST manipulation library that allows you to parse, transform, and print code. It provides a different API than @babel/template but serves a similar purpose in terms of manipulating AST nodes. Recast preserves the original formatting of the code, which is a feature that distinguishes it from @babel/template.
Escodegen is a code generator for ECMAScript. It takes an AST and turns it into code. While it doesn't provide templating functionality like @babel/template, it is often used in conjunction with AST manipulation libraries to generate code after transformations have been applied.
Jscodeshift is a toolkit for running codemods over multiple JavaScript or TypeScript files. It uses recast under the hood for parsing and printing, while providing a higher-level API for transforming code. It's more focused on large-scale codebase refactors compared to the more granular transformations that @babel/template is typically used for.
Generate an AST from a string template.
See our website @babel/template for more information or the issues associated with this package.
Using npm:
npm install --save-dev @babel/template
or using yarn:
yarn add @babel/template --dev
FAQs
Generate an AST from a string template.
The npm package @babel/template receives a total of 37,396,965 weekly downloads. As such, @babel/template popularity was classified as popular.
We found that @babel/template demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.