Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
assemble-core
Advanced tools
The core assemble application with no presets or defaults. All configuration is left to the implementor.
Built on top of base and templates, assemble-core is used in assemble to provide the baseline features and API necessary for rendering templates, working with the file system, and running tasks.
Implementors and hackers can use assemble-core to create rich and powerful build tooling, project scaffolding systems, documentation generators, or even your completely custom static site generators.
(TOC generated by verb using markdown-toc)
Create your own:
NPM
Install with npm:
$ npm install --save assemble-core
yarn
Install with yarn:
$ yarn add assemble-core && yarn upgrade
var assemble = require('assemble-core');
var app = assemble();
view collections
Create a custom view collection:
var app = assemble();
app.create('pages');
Now you can add pages with app.page()
or app.pages()
:
app.page('home.hbs', {content: 'this is the home page!'});
render
Render a view:
var app = assemble();
var view = app.view('foo', {content: 'Hi, my name is <%= name %>'});
app.render(view, { name: 'Brian' }, function(err, res) {
console.log(res.content);
//=> 'Hi, my name is Brian'
});
Render a view from a collection:
var app = assemble();
app.create('pages');
app.page('foo', {content: 'Hi, my name is <%= name %>'})
.set('data.name', 'Brian')
.render(function (err, res) {
console.log(res.content);
//=> 'Hi, my name is Brian'
});
Create an assemble
application. This is the main function exported by the assemble module.
Params
options
{Object}: Optionally pass default options to use.Example
var assemble = require('assemble');
var app = assemble();
Assemble has the following methods for working with the file system:
Assemble v0.6.0 has full vinyl-fs support, so any gulp plugin should work with assemble.
Use one or more glob patterns or filepaths to specify source files.
Params
glob
{String|Array}: Glob patterns or file paths to source files.options
{Object}: Options or locals to merge into the context and/or pass to src
pluginsExample
app.src('src/*.hbs', {layout: 'default'});
Specify the destination to use for processed files.
Params
dest
{String|Function}: File path or custom renaming function.options
{Object}: Options and locals to pass to dest
pluginsExample
app.dest('dist/');
Copy files from A to B, where A
is any pattern that would be valid in app.src and B
is the destination directory.
Params
patterns
{String|Array}: One or more file paths or glob patterns for the source files to copy.dest
{String|Function}: Desination directory.returns
{Stream}: The stream is returned, so you can continue processing files if necessary.Example
app.copy('assets/**', 'dist/');
Glob patterns or paths for symlinks.
Params
glob
{String|Array}Example
app.symlink('src/**');
Assemble has the following methods for running tasks and controlling workflows:
Define a task. Tasks are functions that are stored on a tasks
object, allowing them to be called later by the build method. (the CLI calls build to run tasks)
Params
name
{String}: Task namefn
{Function}: function that is called when the task is run.Example
app.task('default', function() {
return app.src('templates/*.hbs')
.pipe(app.dest('dist/'));
});
Run one or more tasks.
Params
tasks
{Array|String}: Task name or array of task names.cb
{Function}: callback function that exposes err
Example
app.build(['foo', 'bar'], function(err) {
if (err) console.error('ERROR:', err);
});
Watch files, run one or more tasks when a watched file changes.
Params
glob
{String|Array}: Filepaths or glob patterns.tasks
{Array}: Task(s) to watch.Example
app.task('watch', function() {
app.watch('docs/*.md', ['docs']);
});
How does assemble-core differ from assemble?
feature | assemble-core | assemble | notes |
---|---|---|---|
front-matter parsing | No | Yes | use assemble or use parser-front-matter as an .onLoad middleware. |
CLI | No | Yes | Create your own CLI experience, or use assemble |
Built-in template collections | No | Yes | Use .create() to add collections |
Built-in template engine | No | Yes | assemble ships with engine-handlebars. Use .engine() to register any consolidate-compatible template engine. |
assemble-core is a standalone application that was created using applications and plugins from the toolkit suite:
Building blocks
Plugins
Assemble is built on top of these great projects:
Running and reviewing unit tests is a great way to get familiarized with a library and its API. You can install dependencies and run tests with the following command:
$ npm install && npm test
Pull requests and stars are always welcome. For bugs and feature requests, please create an issue.
Please read the contributing guide for advice on opening issues, pull requests, and coding standards.
If Assemble doesn't do what you need, please let us know.
Changelog entries are classified using the following labels from keep-a-changelog:
added
: for new featureschanged
: for changes in existing functionalitydeprecated
: for once-stable features removed in upcoming releasesremoved
: for deprecated features removed in this releasefixed
: for any bug fixesCustom labels used in this changelog:
dependencies
: bumps dependencieshousekeeping
: code re-organization, minor edits, or other changes that don't fit in one of the other categories.Heads up!
Please let us know if any of the following heading links are broken. Thanks!
dependencies
view
is decorated with .toStream()
when created by app (instead of a collection). This is arguably a bugfix, but it might break someone's code.dependencies
dependencies
.dest()
handling.dependencies
list
sdependencies
dependencies
handle.once
changed
dependencies
removed
templates
removes the renameKey
option from the .data
method. Use the namespace
option instead.fixed
dependencies
.find
and getView
. No API changes were made. Please let us know if regressions occur.fixed
List
bug that was caused collection helpers to explodechanged
app.getView()
and app.find()
dependencies
removed
queue
property was removed on collections. See templates for additional details.dependencies
changed
dependencies
housekeeping
dependencies
renameKey
was not always being used when defined on collection loader options.dependencies
dependencies
dependencies
dependencies
deprecated
.handleView
method is now deprecated, use .handleOnce
insteadchanged
.mergePartialsSync
rename was reverted to .mergePartials
to be consistent with other updates in .render
and .compile
.added
.log
, .verbose
, etc).mergePartials
method to be async. If you're currently using .mergePartials
, you can continue to do so synchronously using the .mergePartialsSync
method..watch
method in favor of using the base-watch plugin.isType
method for checking a collection type, and a number of improvements to how collections and views are instantiated and named.onStream
and preWrite
middleware handlers.(Changelog generated by helper-changelog)
Jon Schlinkert
Brian Woodward
Copyright © 2017, Jon Schlinkert. MIT
This file was generated by verb-generate-readme, v0.4.2, on February 11, 2017.
FAQs
The core assemble application with no presets or defaults. All configuration is left to the implementor.
The npm package assemble-core receives a total of 18,739 weekly downloads. As such, assemble-core popularity was classified as popular.
We found that assemble-core demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.