Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@endpass/markdown-it-include
Advanced tools
Markdown-it plugin which adds the ability to include markdown fragment files.
Markdown-it plugin which adds the ability to include markdown fragment files.
node.js, browser:
npm install markdown-it-include --save
bower install markdown-it-include --save
Let's create a markdown which uses a header and a footer from two separate files:
header.md
# This is my header for all my markdowns
footer.md
Follow me on twitter!
Let's assume that header.md and footer.md are located in /in/this/directory
.
Now it's your turn to play markdown-it!
var md = require('markdown-it')()
.use(require('markdown-it-include'), '/in/this/directory');
md.render('!!!include(header.md)!!!\n\n*your content*\n\n!!!include(footer.md)!!!');
It will produce this
<h1>This is my header for all my markdowns</h1>
<p><em>your content</em></p>
<p>Follow me on twitter!</p>
var md = require('markdown-it')()
.use(require('markdown-it-include'), [, options]);
String|Object
If it's a string, it's the same as options.root
.
String
.
root
is the base directory of all the markdown files.
RegExp
/\!{3}\s*include\s*\(\s*(.+?)\s*\)\s*\!{3}/i
By default the !!!include( )!!!
statement is used to include markdown fragment files. This option allows to change the regular expression and then customize this statement.
This purposefully doesn't conform to any spec or discussion related to CommonMark.
FAQs
Markdown-it plugin which adds the ability to include markdown fragment files.
We found that @endpass/markdown-it-include demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.