Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
a-rel
List of values for rel on <a> and <area> elements according to
Microformats.
Contents
- What is this?
- When should I use this?
- Install
- Use
- API
- Types
- Compatibility
- Security
- Related
- Contribute
- License
What is this?
This package lists values that are allowed in rel attributes on <a> and
<area> elements.
These values come from Microformats.
When should I use this?
Use this package for a list of Microformats extensions on <a> and <area>
elements.
See link-rel for a list of Microformats extensions to <link>
and html-link-types if you specifically need to check which
values are allowed by the HTML spec.
Install
This package is ESM only. In Node.js (version 12.20+, 14.14+, or 16.0+), install with npm:
npm install a-rel
In Deno with Skypack:
import {aRel} from 'https://cdn.skypack.dev/a-rel@3?dts'
In browsers with Skypack:
<script type="module">
import {aRel} from 'https://cdn.skypack.dev/a-rel@3?min'
</script>
Use
import {aRel} from 'a-rel'
console.log(aRel.slice(0, 10))
Yields:
[
'about',
'acquaintance',
'alternate',
'amphtml',
'appendix',
'archived',
'attachment',
'bookmark',
'canonical',
'category'
]
API
This package exports the following identifiers: aRel.
There is no default export.
aRel
List of lowercase types (Array<string>).
Types
This package is fully typed with TypeScript. There are no extra exported types.
Compatibility
This package is at least compatible with all maintained versions of Node.js. As of now, that is Node.js 12.20+, 14.14+, and 16.0+. It also works in Deno and modern browsers.
Security
This package is safe.
Related
wooorm/html-link-types— list of link types forrelaccording to HTMLwooorm/link-rel— list of link types forrelonlinkwooorm/aria-attributes— list of ARIA attributeswooorm/html-dangerous-encodings— list of dangerous HTML character encoding labelswooorm/html-encodings— list of HTML character encoding labelswooorm/meta-name— list of values fornameonmetawooorm/web-namespaces— map of web namespaces
Contribute
Yes please! See How to Contribute to Open Source.
License
FAQs
List of values for `rel` on `` and `` elements according to Microformats
We found that a-rel demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 05 Dec 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025