Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Declarative template engine for the browser and server with regular JS syntax.
You can redefine or extend just a particular part of output not only by simple redefinition via new templates but also using ‘modes’. E.g. it may be a tag name or its content.
block('link')({ tag: 'span' });
// The template sets tag to `span` for all `link` blocks.
// And tag mode can be redefined if any condition passed.
block('link').match((node, ctx) => ctx.url)({ tag: 'a' });
// The template sets tag to `a` only if block `link` have `url` field.
// Otherwise tag will be ‘span’ as previous template says.
Templates are written using pattern matching for the values and structure of input data
block('list')({ tag: 'ul' });
block('item')({ tag: 'li' });
We can apply these two declarative-style templates templates to data:
{
block: 'list',
content: [
{
block: 'item',
content: {
block: 'list',
content: [
{ block: 'item', content: 'CSS' },
{ block: 'item', content: 'HTML' }
]
}
},
{
block: 'item',
content: {
block: 'list',
content: { block: 'item', content: 'JS' }
}
}
]
}
The result is:
<ul class="list">
<li class="item">
<ul class="list">
<li class="item">CSS</li>
<li class="item">HTML</li>
</ul>
</li>
<li class="item">
<ul class="list">
<li class="item">JS</li>
</ul>
</li>
</ul>
As you can see templates are as simple as CSS.
In the example above you may have noticed that bem-xjst automaticaly traverses input data by content
fields. This behaviour is default feature of bem-xjst.
Built-in rendering behavior is used by default, even if the user didn’t add templates. Even without templates. For example from above it will be:
<div class="list">
<div class="item">
<div class="list">
<div class="item">CSS</div>
<div class="item">HTML</div>
</div>
</div>
<div class="item">
<div class="list">
<div class="item">JS</div>
</div>
</div>
</div>
That is more than half of the work ;) You will add the salt (couple of templates for tags) and the HTML-soup is very tasty!
Written in JavaScript, so the entire JavaScript infrastructure is available for checking code quality and conforming to best practices.
Since templates is a regular JavaScript code you can use automatic syntax validator from your editor and tools like JSHint/ESLint.
You can use bem-xjst in any browser as well as in any JavaScript VM. We support Node.JS v0.10 and higher.
See documentation:
Online demo allows you to share code snippets, change versions and etc. Happy templating!
To compile bem-xjst, you need Node.js v0.10 or later, and npm.
npm install bem-xjst
Copy-paste example from quick start or see simple example from repository. Then read documentation and start experimenting with bem-xjst.
Yes. A lot of projects in Yandex and Alfa-Bank, also in opensource projects based on bem-core and bem-components.
See readme.
See readme.
See readme.
FAQs
Declarative Template Engine for the browser and server
We found that bem-xjst demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 7 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.