Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
comment-parser
Advanced tools
The comment-parser npm package is a tool designed to parse comments from source code files into a structured format. It primarily focuses on extracting JSDoc-like comment blocks and converting them into a JSON object, making it easier to analyze and manipulate documentation embedded within code.
Parsing JSDoc comments
This feature allows the extraction of JSDoc comments from a string of source code. The output is an array of objects, each representing a parsed comment block with details about parameters, return types, and descriptions.
const parse = require('comment-parser');
const sourceCode = `/**
* This is a description of the function
* @param {string} name - The name of the person
* @return {string} - Greeting message
*/
function greet(name) { return 'Hello ' + name; }`;
const parsedComments = parse(sourceCode);
console.log(parsedComments);
Custom tags parsing
This feature supports parsing custom tags within comments. Users can configure the parser to handle specific tag formats and preserve spacing, allowing for more flexible documentation styles.
const parse = require('comment-parser');
const options = { dotted_names: false, spacing: 'preserve' };
const sourceCode = `/**
* @customTag Here is some custom information
*/`;
const parsedComments = parse(sourceCode, options);
console.log(parsedComments);
JSDoc is a popular tool similar to comment-parser but with a broader scope. It not only parses comments but also generates entire websites of documentation from the parsed data. JSDoc supports a wide range of tags and offers more extensive configuration options compared to comment-parser.
Doctrine is another npm package that parses JSDoc comments. It is somewhat similar to comment-parser but focuses more on the syntactic structure of the comments rather than converting them into a structured format. Doctrine is often used for linting tools and other development utilities.
comment-parser
is a library helping to handle Generic JSDoc-style comments. It is
/** */
source comments.d.ts
data definitions since written in TypeScriptnpm install comment-parser
💡 Check out the Playground
💡 Previous version lives in 0.x branch
Lib mainly provides two pieces Parser and Stringifier.
Let's go over string parsing:
const { parse } = require('comment-parser/lib')
const source = `
/**
* Description may go
* over few lines followed by @tags
* @param {string} name the name parameter
* @param {any} value the value of any type
*/`
const parsed = parse(source)
Lib source code is written in TypeScript and all data shapes are conveniently available for your IDE of choice. All types described below can be found in primitives.ts
The input source is first parsed into lines, then lines split into tokens, and finally, tokens are processed into blocks of tags
/**
* Description may go
* over multiple lines followed by @tags
* @param {string} name the name parameter
* @param {any} value the value parameter
*/
/**
* Description may go
* over multiple lines followed by @tags
* @param {string} name the name parameter
* @param {any} value the value parameter
*/
|line|start|delimiter|postDelimiter|tag |postTag|name |postName|type |postType|description |end|
|----|-----|---------|-------------|------|-------|-----|--------|--------|--------|--------------------------------|---|
| 0|{2} |/** | | | | | | | | | |
| 1|{3} |* |{1} | | | | | | |Description may go | |
| 2|{3} |* |{1} | | | | | | |over few lines followed by @tags| |
| 3|{3} |* |{1} |@param|{1} |name |{1} |{string}|{1} |the name parameter | |
| 4|{3} |* |{1} |@param|{1} |value|{1} |{any} |{1} |the value of any type | |
| 5|{3} | | | | | | | | | |*/ |
The result is an array of Block objects, see the full output on the playground
[{
// uppper text of the comment, overall block description
description: 'Description may go over multiple lines followed by @tags',
// list of block tags: @param, @param
tags: [{
// tokens.tag without "@"
tag: 'param',
// unwrapped tokens.name
name: 'name',
// unwrapped tokens.type
type: 'string',
// true, if tokens.name is [optional]
optional: false,
// default value if optional [name=default] has one
default: undefined,
// tokens.description assembled from a siongle or multiple lines
description: 'the name parameter',
// problems occured while parsing this tag section, subset of ../problems array
problems: [],
// source lines processed for extracting this tag, "slice" of the ../source item reference
source: [ ... ],
}, ... ],
// source is an array of `Line` items having the source
// line number and `Tokens` that can be assembled back into
// the line string preserving original formatting
source: [{
// source line number
number: 1,
// source line string
source: "/**",
// source line tokens
tokens: {
// indentation
start: "",
// delimiter, either '/**', '*/', or ''. Mid lines may have no delimiters
delimiter: "/**",
// space between delimiter and tag
postDelimiter: "",
// tag starting with "@"
tag: "",
// space between tag and type
postTag: "",
// name with no whitespaces or "multiple words" wrapped into quotes. May occure in [name] and [name=default] forms
name: "",
// space between name and type
postName: "",
// type is has to be {wrapped} into curlies otherwise will be omitted
type: "",
// space between type and description
postType: "",
// description is basicaly rest of the line
description: "",
// closing */ marker if present
end: ""
}
}, ... ],
// problems occured while parsing the block
problems: [],
}];
While .source[].tokens
are not providing readable annotation information, they are essential for tracing data origins and assembling string blocks with stringify
interface Options {
// start count for source line numbers
startLine: number;
// escaping chars sequence marking wrapped content literal for the parser
fence: string;
// block and comment description compaction strategy
spacing: 'compact' | 'preserve';
// tokenizer functions extracting name, type, and description out of tag, see Tokenizer
tokenizers: Tokenizer[];
}
examples
The stringifier is an important piece used by other tools updating the source code. It goes over Block.source[].tokens
items and assembles them back to the string. It might be used with various transforms applied before stringifying.
const { parse, stringify, transforms: {flow, align, indent} } = require('comment-parser');
const source = `
/**
* Description may go
* over multiple lines followed by @tags
*
* @my-tag {my.type} my-name description line 1
description line 2
* description line 3
*/`;
const parsed = parse(source);
const transform = flow(align(), indent(0))
console.log(stringify(transform(parsed[0])));
/**
* Description may go
* over multiple lines followed by @tags
*
* @my-tag {my.type} my-name description line 1
description line 2
* description line 3
*/
examples
Code of pre-1.0 version is forked into 0.x and will phase out eventually. Please file the issue if you find some previously existing functionality can't be achieved with 1.x API. Check out migration notes.
v1.1.0
FAQs
Generic JSDoc-like comment parser
The npm package comment-parser receives a total of 1,222,005 weekly downloads. As such, comment-parser popularity was classified as popular.
We found that comment-parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.