Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@jaames/cod
Advanced tools
An unassuming documentation format that works with any language.
Forked in 2022 to:
A couple of things I didn't bother porting as they weren't relevant to me, feel free to make a PR though:
@colon:delimited:tag:format
@complexProperty["!value"]
pretty
option/**
@Example
Text can go anywhere.
Whitespace is preserved.
@flag
@number 42
@string Hello, cod
@nested
@property yay
Nested text.
@list A
@list B
@list C
*/
{
"@Example": {
"lineBefore": 0,
"lineAfter": 15,
"text": "Text can go anywhere.\n Whitespace is preserved.",
"@flag": true,
"@number": 42,
"@string": "Hello, cod",
"@nested": {
"text": "Nested text.",
"@property": "yay"
},
"@list": ["A", "B", "C"]
}
}
cod is not a documentation generator.
It is a documentation format that outputs nearly "1-to-1" JSON.
cod does zero code analysis.
cod doesn't know what @class
, @return
, @param
or @any
@other
tag means.
cod does not generate HTML, PDFs, or any traditionally human-readable documentation; that part is left up to you.
As such, cod is not a standalone replacement for tools like doxygen or Sphinx, but it functions as the first step in a more flexible doc-generation process for those who need finer control.
You write your docs in cod's format, and it faithfully outputs JSON. That's it.
Use whatever tags you need.
Anything that isn't a @tag
is text.
Text sections are left untouched. You can process it as Markdown later. Or HTML. Or just keep it as plain text.
Once you have the JSON, use it however you like:
cod is naturally language-agnostic; all it needs to know is the pattern you use to denote a doc-block (i.e. /**
and */
).
Tags without values are treated as boolean flags:
@flag
{
"@flag": true
}
There are also numbers and strings, and you can explicitly set a flag to false
:
@number 42
@string Hello there.
@boolean false
{
"@number": 42,
"@string": "Hello there.",
"@boolean": false
}
Structure is designated by indentation.
@root
@nested value
{
"@root": {
"@nested": "value"
}
}
Whitespace after indentation is preserved in text blocks.
@example
This is some example text.
It can handle multiple lines.
Indentation is preserved.
{
"@example": {
"text": "This is some example text.\n\nIt can handle multiple lines.\n Indentation is preserved."
}
}
Specifying a @tag
more than once will turn it into a list of values.
@list A
@list B
@list C
{
"@list": [
"A",
"B",
"C"
]
}
cod *.js # or *.go or *.c or ...
cod -b '###*' -e '###' *.coffee
cod -b "'''*" -e "'''" *.py
cod -b '{-*' -e '-}' *.hs
cod -b '--[[*' -e ']]' *.lua
cod -p '---' *.lua
cat *.js | cod > api.json
cod --help
_-""-,-"'._
.-*'`` ``-.__.-`:
.'o ))` ` ` ` ` ` `_`.---._:
`-'.._,,____...--*"` `"
``
cod: An unassuming documentation generator.
Usage: cod [-b <doc-begin> -e <doc-end>] [-o <output-file>] [-u] [<input-file>...]
Options:
-b <doc-begin> String that marks the start of a doc-block (default: "/**")
-e <doc-end> String that marks the end of a doc-block (default: "*/")
-p <doc-line-prefix> String that marks the line prefix of a doc-block (default: "", doc-begin and doc-end are ignored if used)
-o <output-file> Output file (default: "STDOUT")
-u --ugly Output non-pretty JSON.
-v --version output the current version
-h, --help display help for command
cod(text, options)
If
text
is supplied, cod will parse it and return a plain JS object that contains your doc structure.
text
(String)Text containing cod-style documentation. Probably source code.
options
(Object)
docBegin
(String) default:"/**"
String that marks the start of a doc-block
docEnd
(String) default:"*/"
String that marks the end of a doc-block
[
docLinePrefix
](#api_cod_options_ docLinePrefix) (String) default:""
String that marks the line prefix of a doc-block -
docBegin
anddocEnd
are ignored if used.
import { cod } from 'cod';
const doc = cod(`
/**
Hello, cod.
@answer 42
*/`, {});
console.log(doc);
// Output:
// { 'text': 'Hello, cod.', '@answer': 42 }
npm install -g @jaames/cod
MIT
FAQs
An unopinionated documentation generator.
We found that @jaames/cod demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.