Security News
The Changelog Podcast: Practical Steps to Stay Safe on npm
Learn the essential steps every developer should take to stay secure on npm and reduce exposure to supply chain attacks.
By Sarah Gooding -  Oct 31, 2025
🚀 DAY 5 OF LAUNCH WEEK: Introducing Socket Firewall Enterprise.Learn more →
character-entities
Advanced tools
character-entities
Map of named character references.
Contents
- What is this?
- When should I use this?
- Install
- Use
- API
- Types
- Compatibility
- Security
- Related
- Contribute
- License
What is this?
This is a map of named character references in HTML (latest) to the characters they represent.
When should I use this?
Maybe when you’re writing an HTML parser or minifier, but otherwise probably
never!
Even then, it might be better to use parse-entities or
stringify-entities.
Install
This package is ESM only. In Node.js (version 12.20+, 14.14+, 16.0+, 18.0+), install with npm:
npm install character-entities
In Deno with esm.sh:
import {characterEntities} from 'https://esm.sh/character-entities@2'
In browsers with esm.sh:
<script type="module">
import {characterEntities} from 'https://esm.sh/character-entities@2?bundle'
</script>
Use
import {characterEntities} from 'character-entities'
console.log(characterEntities.AElig) // => 'Æ'
console.log(characterEntities.aelig) // => 'æ'
console.log(characterEntities.amp) // => '&'
API
This package exports the identifier characterEntities.
There is no default export.
characterEntities
Mapping between (case-sensitive) character entity names to replacements.
See html.spec.whatwg.org for more info.
Types
This package is fully typed with TypeScript.
Compatibility
This package is at least compatible with all maintained versions of Node.js. As of now, that is Node.js 12.20+, 14.14+, 16.0+, and 18.0+. It also works in Deno and modern browsers.
Security
This package is safe.
Related
wooorm/parse-entities— parse (decode) character referenceswooorm/stringify-entities— serialize (encode) character referenceswooorm/character-entities-html4— info on named character references in HTML 4character-reference-invalid— info on invalid numeric character referencescharacter-entities-legacy— info on legacy named character references
Contribute
Yes please! See How to Contribute to Open Source.
License
MIT © Titus Wormer
Other packages similar to character-entities
he
The 'he' package is a robust HTML entity encoder/decoder written in JavaScript. Unlike character-entities, which primarily provides a list of character entities, 'he' offers functions to encode and decode HTML entities, making it more versatile for handling HTML content.
entities
Similar to 'he', the 'entities' package offers encoding and decoding functionalities for HTML entities. It supports a wide range of entities and provides more comprehensive parsing and serialization options compared to character-entities, which is more focused on providing a list of entities.
FAQs
Map of named character references
The npm package character-entities receives a total of 15,502,172 weekly downloads. As such, character-entities popularity was classified as popular.
We found that character-entities demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 22 Jun 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Security Community Slams MIT-linked Report Claiming AI Powers 80% of Ransomware
Experts push back on new claims about AI-driven ransomware, warning that hype and sponsored research are distorting how the threat is understood.
By Sarah Gooding -  Oct 30, 2025
Security News
Ruby Core Team Assumes Stewardship of RubyGems and Bundler, Former Maintainers Offer to Transfer All Rights to Matz
Ruby's creator Matz assumes control of RubyGems and Bundler repositories while former maintainers agree to step back and transfer all rights to end the dispute.
By Sarah Gooding -  Oct 29, 2025