Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
code-excerpt
Advanced tools
The code-excerpt npm package is designed to extract and highlight excerpts from code snippets. It is particularly useful for creating documentation, tutorials, or any content that requires displaying code with specific lines highlighted.
Extracting Code Excerpts
This feature allows you to extract a specific range of lines from a code snippet. The `start` and `end` options specify the range of lines to be extracted.
const codeExcerpt = require('code-excerpt');
const code = `
function add(a, b) {
return a + b;
}
console.log(add(2, 3));
`;
const excerpt = codeExcerpt(code, { start: 2, end: 4 });
console.log(excerpt);
// Output:
// {
// value: ' return a + b;\n}\n\nconsole.log(add(2, 3));\n',
// start: 2,
// end: 4
// }
Highlighting Specific Lines
This feature allows you to highlight specific lines within the extracted code excerpt. The `highlight` option takes an array of line numbers to be highlighted.
const codeExcerpt = require('code-excerpt');
const code = `
function add(a, b) {
return a + b;
}
console.log(add(2, 3));
`;
const excerpt = codeExcerpt(code, { start: 2, end: 4, highlight: [3] });
console.log(excerpt);
// Output:
// {
// value: ' return a + b;\n}\n\nconsole.log(add(2, 3));\n',
// start: 2,
// end: 4,
// highlight: [3]
// }
highlight.js is a popular library for syntax highlighting of code snippets. Unlike code-excerpt, which focuses on extracting and highlighting specific lines, highlight.js is designed to apply syntax highlighting to entire code blocks. It supports a wide range of programming languages and is highly customizable.
Prism is a lightweight, extensible syntax highlighter. It is similar to highlight.js in that it focuses on syntax highlighting for entire code blocks. Prism is known for its performance and ease of use, and it also supports a wide range of languages and plugins for additional functionality.
CodeMirror is a versatile text editor implemented in JavaScript for the browser. It is more than just a syntax highlighter; it provides a full-featured code editor with features like autocompletion, linting, and more. While it can be used to highlight code, its primary use case is as an in-browser code editor.
Extract code excerpts
$ npm install --save code-excerpt
const codeExcerpt = require('code-excerpt');
const source = `
'use strict';
function someFunc() {}
module.exports = () => {
const a = 1;
const b = 2;
const c = 3;
someFunc();
};
`.trim();
const excerpt = codeExcerpt(source, 5);
//=> [
// {line: 2, value: ' '},
// {line: 3, value: 'function someFunc() {} '},
// {line: 4, value: ' '},
// {line: 5, value: 'module.exports = () => {'},
// {line: 6, value: ' const a = 1; '},
// {line: 7, value: ' const b = 2; '},
// {line: 8, value: ' const c = 3; '}
// ]
All lines in the output have equal width for convenience (customizable via options.equalLength
).
For example, if a line needs to be highlighted, the highlight will be full-width, just like in editors.
Type: string
Source code.
Type: number
Line number to extract excerpt for.
Type: number
Default: 3
Number of surrounding lines to extract.
Type: boolean
Default: true
Extend lines to the same length. Useful for highlighting lines.
MIT © vdemedes
FAQs
Extract code excerpts
The npm package code-excerpt receives a total of 698,363 weekly downloads. As such, code-excerpt popularity was classified as popular.
We found that code-excerpt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.