Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
bem-md-renderer
Advanced tools
The builder markdown to html with custom renderer, which generates the html headlines like github
Markdown renderer for Github like anchors. Use on bem-sites with npm module https://github.com/chjj/marked
Minimal usage:
var bmdr = require('bem-md-renderer');
bmdr.render('I am using __markdown__.', function(err, result) {
if(err) throw err;
console.log('result', result);
});
// Outputs: <p>I am using <strong>markdown</strong>.</p>
Type: string
Required. String of markdown source to be compiled.
Type: object
Hash of options. All available options can be viewed in marked
module docs https://github.com/chjj/marked
Type: function
Required. Function called when the markdownString
has been fully parsed when using
async highlighting. If the options
argument is omitted, this can be used as
the second argument.
Return an instance of custom marked renderer.
Example:
var marked = require('marked'),
bmdr = required('bem-md-renderer');
var html = marked('## Some title\n## Some title', {
gfm: true,
pedantic: false,
sanitize: false,
renderer: bmdr.getRenderer() // get custom renderer
});
console.log(html);
/**
* Outputs:
* <h2 id="some-title"><a href="#some-title"></a>some-title</h2>
* <h2 id="some-title-1"><a href="#some-title-1"></a>some-title</h2>
*/
Note #1: The titles are identical, but both has a different anchors
Note #2: You can make possible a copy anchor by click on <a>
inside headline, when you hover it
Note #3: Work good with TOC https://github.com/eGavr/toc-md
Return an anchor, create in Github styles
Type: string
Required. String of headline text. Work with latin and cyrilic symbols
Example:
var bmdr = require('bem-md-renderer');
console.log(bmdr.getAnchor('Create a decl for a "heavy" block requested by demand'));
// Outputs: create-a-decl-for-a-heavy-block-requested-by-demand
FAQs
The builder markdown to html with custom renderer, which generates the html headlines like github
The npm package bem-md-renderer receives a total of 10 weekly downloads. As such, bem-md-renderer popularity was classified as not popular.
We found that bem-md-renderer demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.