🚀 Socket Launch Week Day 5:Introducing Repository Access Permissions and Custom Roles.Learn more
Sign In

beblob

Package Overview
Dependencies
Maintainers
2
Versions
13
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

beblob

This is an open-source widget allowing bloggers to insert comment section to their blogs hosted on GitLab Pages. The comments use GitLab issues underneath.

latest
Source
npmnpm
Version
2.1.0
Version published
Weekly downloads
61
-29.89%
Maintainers
2
Weekly downloads
 
Created
Source

BeBlob

A lightweight, open-source comment widget that adds GitLab-backed discussions to any website. No backend or database required.

Live Demo | npm | GitLab

Quick Start

1. Create a GitLab OAuth app — Go to GitLab > Settings > Applications. Set the redirect URI to your site URL, enable api and read_user scopes, and ensure "Confidential" is unchecked. Copy the Application ID.

2. Add the script and container to your page:

<script
  id="beblob-script"
  src="https://unpkg.com/beblob@1.6.0/dist/beblob.js"
  data-client-id="YOUR_GITLAB_APPLICATION_ID"
  data-redirect-uri="https://your-site.com/"
  data-project-name="your-gitlab-project"
  data-issue-mapping-strategy="pageTitle"
  data-dev-mode="false"
  data-beblob-version="1.6.0"
  data-theme="light"
></script>

<div id="beblob_thread"></div>

3. Done! Visitors can authenticate with GitLab and leave comments stored as GitLab issues.

How It Works

BeBlob uses GitLab OAuth (Authorization Code flow) to authenticate users. Comments are stored as notes on GitLab issues, with each page mapped to an issue. This means you get GitLab's built-in moderation, notifications, and markdown support for free.

Features

  • Markdown comments with live preview and syntax highlighting
  • Emoji reactions (thumbsup, thumbsdown, heart, tada, confused)
  • Four built-in themes — dark, white, light (default), classic — matching Hexo Cactus themes
  • Custom themes via CSS variables — override any color without touching source code
  • Mobile responsive — touch-friendly buttons, flexible layouts
  • XSS protection — all user content sanitized with DOMPurify
  • GitLab OAuth — secure authentication with proper token management
  • Zero backend — everything runs client-side with GitLab as the data store

Configuration Options

OptionRequiredDescription
clientIdYesGitLab OAuth Application ID
redirectUriYesYour site URL (must match GitLab app setting)
projectNameYesGitLab project name for storing issues
issueMappingStrategyYesHow pages map to issues: url, pageTitle, or issueId
issueIdOnly with issueId strategySpecific issue ID to use
devModeNo"true" loads assets locally; "false" (default) uses CDN
beblobVersionNoVersion for CDN URLs (e.g., "1.6.0")
themeNoBuilt-in theme: dark, white, light (default), classic
gitlabUrlNoGitLab instance URL (default: https://gitlab.com). Use for self-managed GitLab.

Themes

Built-in Themes

Set via data-theme attribute: dark, white, light, classic. These are designed to match Hexo Cactus theme color schemes.

Custom Themes

BeBlob uses CSS custom properties, so you can create your own theme by overriding variables:

.beblob-widget {
  --beblob-bg: #1a1a2e;
  --beblob-text: #e0e0e0;
  --beblob-accent: #e94560;
  --beblob-border: #e94560;
  --beblob-link: #ff6b81;
  --beblob-comment-bg: #16213e;
  --beblob-comment-border: #e94560;
  --beblob-button-bg: #16213e;
  --beblob-button-text: #e0e0e0;
  --beblob-button-border: #e94560;
  --beblob-button-hover-bg: #e94560;
  --beblob-tab-active-bg: #e94560;
  --beblob-tab-active-text: #fff;
  --beblob-editor-bg: #16213e;
  --beblob-editor-border: #e94560;
  --beblob-editor-text: #e0e0e0;
}

Available CSS variables:

VariablePurpose
--beblob-bgWidget background
--beblob-textPrimary text color
--beblob-accentAccent/highlight color
--beblob-borderDefault border color
--beblob-linkLink color
--beblob-comment-bgComment card background
--beblob-comment-borderComment card border
--beblob-button-bgButton background
--beblob-button-textButton text
--beblob-button-borderButton border
--beblob-button-hover-bgButton hover background
--beblob-tab-active-bgActive tab background
--beblob-tab-active-textActive tab text
--beblob-reaction-bgReaction button background
--beblob-popup-bgReaction popup background
--beblob-editor-bgMarkdown editor background
--beblob-editor-borderEditor border
--beblob-editor-textEditor text
--beblob-font-familyFont stack
--beblob-radiusBorder radius

Mobile Support

BeBlob is mobile-friendly out of the box:

  • Touch-friendly button sizes (44px minimum tap targets)
  • Responsive comment layout that stacks on narrow screens
  • Full-width action buttons on mobile
  • Horizontal-scrolling editor toolbar

Ensure your page includes the viewport meta tag:

<meta name="viewport" content="width=device-width, initial-scale=1">

Hexo / Cactus Integration

Add to your _config.yml:

beblob:
  enabled: true
  client_id: "<your-gitlab-application-id>"
  redirect_uri: "https://yourwebsite.com"
  project_name: "<your-gitlab-project-name>"
  issue_mapping_strategy: "pageTitle"
  version: "1.6.0"
  theme: "light"

Example comments.ejs:

<% if (page.comments && config.beblob.enabled) { %>
  <div class="blog-post-comments">
    <div id="beblob_thread">
      <noscript>Please enable JavaScript to view comments.</noscript>
    </div>
    <% if (config.beblob.dev_mode) { %>
      <script id="beblob-script" src="/js/beblob.js"
              data-client-id="<%= config.beblob.client_id %>"
              data-redirect-uri="<%= config.beblob.redirect_uri %>"
              data-project-name="<%= config.beblob.project_name %>"
              data-issue-mapping-strategy="<%= config.beblob.issue_mapping_strategy %>"
              data-dev-mode="true"
              data-beblob-version="<%= config.beblob.version %>"
              data-theme="<%= config.beblob.theme %>"
              defer>
      </script>
    <% } else { %>
      <script id="beblob-script" src="https://unpkg.com/beblob@<%= config.beblob.version %>/dist/beblob.js"
              data-client-id="<%= config.beblob.client_id %>"
              data-redirect-uri="<%= config.beblob.redirect_uri %>"
              data-project-name="<%= config.beblob.project_name %>"
              data-issue-mapping-strategy="<%= config.beblob.issue_mapping_strategy %>"
              data-dev-mode="false"
              data-beblob-version="<%= config.beblob.version %>"
              data-theme="<%= config.beblob.theme %>"
              defer>
      </script>
    <% } %>
  </div>
<% } %>

For a working example, see antonbelev.gitlab.io.

Sites Using BeBlob

Inspiration

BeBlob was inspired by giscus and utterances — similar tools for GitHub. This project brings the same experience to GitLab.

Roadmap

  • Comment management (edit, delete, moderate)
  • Configurable reactions (opt-in/out)
  • Multiple themes and customizable UI
  • CSS custom properties for custom themes
  • Mobile responsive design
  • Hexo plugin for direct integration
  • Threaded/nested replies

Support

Found a bug or have a feature request? Open an issue.

License

MIT — see LICENSE for details.

FAQs

Package last updated on 24 Feb 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing Repository Access Permissions and Custom Roles

Product

Introducing Repository Access Permissions and Custom Roles

Socket now supports Custom Roles and Repository Access Permissions so organizations can control who can access specific repositories and actions.

By Joe Werle  -  Jun 19, 2026