Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@contentful/structured-text-html-serializer
Advanced tools
HTML serializer for the Structured Text document.
HTML serializer for the Structured Text document.
Using npm:
npm install @contentful/structured-text-html-serializer
Using yarn:
yarn add @contentful/structured-text-html-serializer
import { documentToHtmlString } from '@contentful/structured-text-html-serializer';
const document = {
nodeType: 'document',
nodeClass: 'document',
content: [
{
nodeClass: 'block',
nodeType: 'paragraph',
content: [
{
nodeClass: 'text',
nodeType: 'text',
value: 'Hello world!',
marks: [],
},
],
},
]
};
documentToHtmlString(document); // -> <p>Hello world!</p>
import { documentToHtmlString } from '@contentful/structured-text-html-serializer';
const document = {
nodeType: 'document',
nodeClass: 'document',
content: [
{
nodeClass: 'block',
nodeType: 'paragraph',
content: [
{
nodeClass: 'text',
nodeType: 'text',
value: 'Hello',
marks: [{ nodeType: 'bold' }]
},
{
nodeClass: 'text',
nodeType: 'text',
value: ' world!',
marks: [{ nodeType: 'italic' }]
},
],
},
]
};
documentToHtmlString(document); // -> <p><b>Hello</b><u> world!</u></p>
You can also pass custom renderers for both marks and nodes as an optional parameter like so:
import { BLOCKS.PARAGRAPH, MARKS.BOLD } from '@contentful/structured-text-types';
import { documentToHtmlString } from '@contentful/structured-text-html-serializer';
const document = {
nodeType: 'document',
nodeClass: 'document',
content: [
{
nodeClass: 'block',
nodeType: 'paragraph',
content: [
{
nodeClass: 'text',
nodeType: 'text',
value: 'Hello',
marks: [{ nodeType: 'bold' }]
},
{
nodeClass: 'text',
nodeType: 'text',
value: ' world!',
marks: [{ nodeType: 'italic' }]
},
],
},
]
};
const options = {
renderMark: {
[MARKS.BOLD]: text => `<custom-bold>${text}<custom-bold>`
},
renderNode: {
[BLOCKS.PARAGRAPH]: (node, next) => `<custom-paragraph>${next(node.content)}</custom-paragraph>`
}
}
documentToHtmlString(document, options);
// -> <custom-paragraph><custom-bold>Hello</custom-bold><u> world!</u></custom-paragraph>
Last, but not least, you can pass a custom rendering component for an embedded entry:
import { BLOCKS.EMBEDDED_ENTRY } from '@contentful/structured-text-types';
import { documentToHtmlString } from '@contentful/structured-text-html-serializer';
const document = {
nodeType: 'document',
nodeClass: 'document',
content: [
{
nodeClass: 'block',
nodeType: 'embedded-entry-block',
data: {
target: (...)Link<'Entry'>(...);
},
},
]
};
const options = {
renderNode: {
[BLOCKS.EMBEDDED_ENTRY]: (node) => `<custom-component>${customComponentRenderer(node)}</custom-component>`
}
}
documentToHtmlString(document, options);
// -> <custom-component>(...)Link<'Entry'>(...)</custom-component>
The renderNode
keys should be one of the following BLOCKS
and INLINES
properties as defined in @contentful/structured-text-types
:
BLOCKS
DOCUMENT
PARAGRAPH
HEADING_1
HEADING_2
HEADING_3
HEADING_4
HEADING_5
HEADING_6
UL_LIST
OL_LIST
LIST_ITEM
QUOTE
HR
EMBDEDDED_ENTRY
INLINES
EMBEDDED_ENTRY
(this is different from the BLOCKS.EMBEDDED_ENTRY
)HYPERLINK
ENTRY_HYPERLINK
ASSET_HYPERLINK
The renderMark
keys should be one of the following MARKS
properties as defined in @contentful/structured-text-types
:
BOLD
ITALIC
UNDERLINE
CODE
FAQs
HTML serializer for the Structured Text document.
The npm package @contentful/structured-text-html-serializer receives a total of 2 weekly downloads. As such, @contentful/structured-text-html-serializer popularity was classified as not popular.
We found that @contentful/structured-text-html-serializer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 49 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.