Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Syntax highlights JavaScript code with ANSI colors to be printed to the terminal.
The cardinal npm package is a syntax highlighter for JavaScript code. It can be used to display JavaScript code with syntax highlighting in terminal applications. It uses the redeyed package to handle the actual syntax highlighting.
Syntax highlighting for JavaScript code
This feature allows you to pass JavaScript code as a string to the `highlight` function, which returns the code with terminal-compatible syntax highlighting.
const cardinal = require('cardinal');
const highlightedCode = cardinal.highlight('const x = 123;');
console.log(highlightedCode);
Syntax highlighting from a file
This feature allows you to read JavaScript code from a file and then use the `highlight` function to display it with syntax highlighting in the terminal.
const cardinal = require('cardinal');
const fs = require('fs');
fs.readFile('example.js', 'utf8', function(err, code) {
if (err) throw err;
const highlightedCode = cardinal.highlight(code);
console.log(highlightedCode);
});
Custom theme support
Cardinal allows you to specify a custom theme for syntax highlighting by passing a theme object as an option to the `highlight` function.
const cardinal = require('cardinal');
const customTheme = require('./myCustomTheme.json');
const highlightedCode = cardinal.highlight('const x = 123;', { theme: customTheme });
console.log(highlightedCode);
Chalk is a popular npm package for styling terminal strings. Unlike cardinal, which is focused on syntax highlighting, chalk provides a more general approach to styling strings with colors, background colors, and text styles. It does not parse code for syntax highlighting.
Highlight.js is a syntax highlighter for the web, but it can also be used in Node.js environments. It supports a wide range of languages and has many themes available. It is more versatile than cardinal as it is not limited to JavaScript and can be used in both browser and server contexts.
Prism is another syntax highlighting library that works both in the browser and on the server. It is similar to highlight.js in terms of functionality and also supports a wide range of programming languages and comes with a variety of themes.
car·di·nal (kärdn-l, kärdnl) - crested thick-billed North American finch having bright red plumage in the male.
cdl
).cardinalrc
config to customize settingsTable of Contents generated with DocToc
npm install cardinal
[sudo] npm install -g cardinal
Note:
When installed globally, cardinal exposes itself as the cdl
command.
cdl <file.js> [options]
options:
--nonum
: turns off line number printing (relevant if it is turned on inside ~/.cardinalrc
cat file.js | grep console | cdl
Note:
Not all code lines may be parsable JavaScript. In these cases the line is printed to the terminal without highlighting it.
The default theme will be used for highlighting.
To use a different theme, include a .cardinalrc
file in your HOME
directory.
This is a JSON file of the following form:
{
"theme": "hide-semicolons",
"linenos": true|false
}
theme
can be the name of any of the built-in themes or the
full path to a custom theme anywhere on your computer.callback
({Function}) has the following signature: function (err, highlighted) { .. }
opts is an {Object} with the following properties:
theme
{Object} is used to optionally override the theme used to highlightlinenos
{Boolean} if true
line numbers are included in the highlighted codefirstline
{Integer} sets line number of the first line when line numbers are printedjsx
{Boolean} if true
JSX syntax is supported, otherwise cardinal will raise an error
when encountering JSX (default: false
)Note The json
option is obsoleted and not necessary anymore as cardinal properly understands both JSON and JavaScript.
FAQs
Syntax highlights JavaScript code with ANSI colors to be printed to the terminal.
The npm package cardinal receives a total of 3,103,377 weekly downloads. As such, cardinal popularity was classified as popular.
We found that cardinal demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.