Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

cf-marky-markdown

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

cf-marky-markdown

npm's markdown parser

  • 1.1.0
  • unpublished
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
0
Maintainers
1
Weekly downloads
 
Created
Source

marky-markdown

Build Status Code Climate Dependency Status Pull Requests Issues Conventional Commits

marky-markdown is a markdown parser, written in NodeJS, that aims for parity with GitHub-style markdown. It is built on top of markdown-it, a CommonMark markdown parser. You can use marky-markdown:

marky-markdown is the thing that parses package READMEs on http://www.npmjs.com. If you see a markdown parsing bug there, file an issue here!

Node Version Support

marky-markdown strives to support all LTS, current, and maintenance versions of Node.js. When a version of Node.js is EOL, we will EOL support for that version for marky-markdown.

For more information on Node.js LTS and support, click here.

  • marky-markdown < 9.0.0 supports 0.10, 0.12, iojs, 4, 5
  • marky-markdown >= 9.0.0 supports 0.12, 4, 6

Installation

npm install marky-markdown --save

Programmatic Usage

marky-markdown exports a single function. For basic use, that function takes a single argument: a string to convert.

var marky = require("marky-markdown")
var html = marky("# hello, I'm markdown")

Options

The exported function takes an optional options object as its second argument:

marky("some trusted string", {sanitize: false})

The default options are as follows:

{
  sanitize: true,               // remove script tags and stuff
  nofollow: true,               // add rel=nofollow to all links
  linkify: true,                // turn orphan URLs into hyperlinks
  highlightSyntax: true,        // run highlights on fenced code blocks
  prefixHeadingIds: true,       // prevent DOM id collisions
  enableHeadingLinkIcons: true, // render icons inside generated section links
  serveImagesWithCDN: false,    // use npm's CDN to proxy images over HTTPS
  debug: false,                 // console.log() all the things
  package: null,                // npm package metadata,
  headingAnchorClass: 'anchor', // the classname used for anchors in headings.
  headingSvgClass: ['octicon']  // the class used for svg icon in headings.
}

Low Level Parser Access

If you need lower level access to the markdown-it parser (to add your own markdown-it plugins, for example), you can call the getParser method:

var parser = marky.getParser()
parser.use(someMarkdownItPlugin)
var html = parser.render("# markdown string")

getParser takes an optional options argument, the same format as the main marky-markdown export function. If you omit it, it uses the same default options described above.

When you're done customizing the parser, call parser.render(markdown) to render to HTML.

Command-line Usage

You can use marky-markdown to parse markdown files in the shell. The easiest way to do this is to install globally:

npm i -g marky-markdown
marky-markdown some.md > some.html

In the Browser

This module mostly works in the browser, with the exception of the highlights module.

You can require('marky-markdown') in scripts you browserify yourself, or just use the standalone file in [dist/marky-markdown.js].

Here is an example using HTML5 to render text inside <marky-markdown> tags.

<script src="marky-markdown.js"></script>

<marky-markdown>**Here** _is_ some [Markdown](https://github.com/)</marky-markdown>

<script>
  for (el of document.getElementsByTagName('marky-markdown')) {
    el.innerHTML = markyMarkdown(el.innerHTML, {highlightSyntax: false})
  }
</script>

Note: Usage with webpack requires that your webpack.config.js configure a loader (such as json-loader) for .json files. Also, you need to config process.browser in webpack.config.js when you target browser:

  plugins: [
    new webpack.DefinePlugin({
      'process.browser': true
    })
  ],

Tests

npm install
npm test

What it does

  • Parses markdown with markdown-it, a fast and commonmark-compliant parser.
  • Removes broken and malicious user input with sanitize-html
  • Applies syntax highlighting to GitHub-flavored code blocks using the highlights library from Atom.
  • Converts :emoji:-style shortcuts to unicode emojis.
  • Converts headings (h1, h2, etc) into anchored hyperlinks.
  • Converts relative GitHub links to their absolute equivalents.
  • Converts relative GitHub images sources to their GitHub raw equivalents.
  • Converts insecure Gravatar URLs to HTTPS.
  • Converts list items with leading [ ] and [x] into GitHub-style task lists
  • Wraps embedded YouTube videos so they can be styled.
  • Parses and sanitizes package.description as markdown.
  • Applies CSS classes to redundant content that closely matches npm package name and description.

npm packages

Pass in an npm package object to do stuff like rewriting relative URLs to their absolute equivalent on GitHub, normalizing package metadata with redundant readme content, etc

var package = {
  name: "foo",
  description: "foo is a thing",
  repository: {
    type: "git",
    url: "https://github.com/kung/foo"
  }
}

marky(
  "# hello, I am the foo readme",
  {package: package}
)

Dependencies

Extra syntax highlighting, in addition to what comes with highlights:

License

ISC

Keywords

FAQs

Package last updated on 07 May 2018

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc