![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
@lezer/highlight
Advanced tools
Package description
@lezer/highlight is a syntax highlighting library that works with the Lezer parser system. It allows you to define and apply syntax highlighting rules to code parsed by Lezer parsers.
Defining Highlighting Styles
This feature allows you to define custom highlighting styles for different syntax elements like keywords, strings, and comments.
const { styleTags, tags } = require('@lezer/highlight');
const myHighlighting = styleTags({
Keyword: tags.keyword,
String: tags.string,
Comment: tags.comment
});
Applying Highlighting to Parsed Code
This feature allows you to apply the defined highlighting styles to a parsed syntax tree, and it logs the highlighted ranges and their corresponding classes.
const { highlightTree } = require('@lezer/highlight');
const { parser } = require('lezer-python');
const { defaultHighlightStyle } = require('@codemirror/highlight');
const code = 'def my_function():\n return "Hello, World!"';
const tree = parser.parse(code);
highlightTree(tree, defaultHighlightStyle.match, (from, to, classes) => {
console.log(`Highlight ${from}-${to}: ${classes}`);
});
highlight.js is a popular syntax highlighting library that supports a wide range of languages and is easy to integrate into web projects. Unlike @lezer/highlight, it does not require a separate parser and comes with built-in language definitions.
Prism is a lightweight, extensible syntax highlighter that supports a variety of languages and themes. It is similar to @lezer/highlight in that it allows for custom highlighting rules, but it is more focused on web integration and has a larger community and more plugins.
CodeMirror is a versatile text editor implemented in JavaScript for the browser. It includes syntax highlighting as one of its features and supports a wide range of languages. CodeMirror's highlighting capabilities are more integrated into its editor functionalities compared to @lezer/highlight, which is more focused on the highlighting aspect alone.
Changelog
0.16.0 (2022-04-20)
First numbered release.
Readme
[ WEBSITE | ISSUES | FORUM | CHANGELOG ]
Lezer is an incremental parser system intended for use in an editor or similar system.
@lezer/highlight provides a syntax highlighting framework for Lezer parse trees.
Its programming interface is documented on the website.
This code is licensed under an MIT license.
FAQs
Unknown package
We found that @lezer/highlight demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.