Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
datocms-structured-text-utils
Advanced tools
A set of Typescript types and helpers to work with DatoCMS Structured Text fields.
datocms-structured-text-utils
A set of Typescript types and helpers to work with DatoCMS Structured Text fields.
Using npm:
npm install datocms-structured-text-utils
Using yarn:
yarn add datocms-structured-text-utils
dast
document validationYou can use the validate()
function to check if an object is compatible with the dast
specification:
import { validate } from 'datocms-structured-text-utils';
const structuredText = {
value: {
schema: 'dast',
document: {
type: 'root',
children: [
{
type: 'heading',
level: 1,
children: [
{
type: 'span',
value: 'Hello!',
marks: ['foobar'],
},
],
},
],
},
},
};
const result = validate(structuredText);
if (!result.valid) {
console.error(result.message); // "span has an invalid mark "foobar"
}
dast
format specsThe package exports a number of constants that represents the rules of the dast
specification.
Take a look a the definitions.ts file for their definition:
const blockquoteNodeType = 'blockquote';
const blockNodeType = 'block';
const codeNodeType = 'code';
const headingNodeType = 'heading';
const inlineItemNodeType = 'inlineItem';
const itemLinkNodeType = 'itemLink';
const linkNodeType = 'link';
const listItemNodeType = 'listItem';
const listNodeType = 'list';
const paragraphNodeType = 'paragraph';
const rootNodeType = 'root';
const spanNodeType = 'span';
const allowedNodeTypes = [
'paragraph',
'list',
// ...
];
const allowedChildren = {
paragraph: 'inlineNodes',
list: ['listItem'],
// ...
};
const inlineNodeTypes = [
'span',
'link',
// ...
];
const allowedAttributes = {
heading: ['level', 'children'],
// ...
};
const allowedMarks = [
'strong',
'code',
// ...
];
The package exports Typescript types for all the different nodes that a dast
document can contain.
Take a look a the types.ts file for their definition:
type Node
type BlockNode
type InlineNode
type RootType
type Root
type ParagraphType
type Paragraph
type HeadingType
type Heading
type ListType
type List
type ListItemType
type ListItem
type CodeType
type Code
type BlockquoteType
type Blockquote
type BlockType
type Block
type SpanType
type Mark
type Span
type LinkType
type Link
type ItemLinkType
type ItemLink
type InlineItemType
type InlineItem
type WithChildrenNode
type Document
type NodeType
type StructuredText
type Record
It also exports all a number of type guards that you can use to guarantees the type of a node in some scope.
Take a look a the guards.ts file for their definition:
function hasChildren(node: Node): node is WithChildrenNode {}
function isInlineNode(node: Node): node is InlineNode {}
function isHeading(node: Node): node is Heading {}
function isSpan(node: Node): node is Span {}
function isRoot(node: Node): node is Root {}
function isParagraph(node: Node): node is Paragraph {}
function isList(node: Node): node is List {}
function isListItem(node: Node): node is ListItem {}
function isBlockquote(node: Node): node is Blockquote {}
function isBlock(node: Node): node is Block {}
function isCode(node: Node): node is Code {}
function isLink(node: Node): node is Link {}
function isItemLink(node: Node): node is ItemLink {}
function isInlineItem(node: Node): node is InlineItem {}
function isStructuredText(object: any): object is StructuredText {}
FAQs
A set of Typescript types and helpers to work with DatoCMS Structured Text fields.
The npm package datocms-structured-text-utils receives a total of 59,915 weekly downloads. As such, datocms-structured-text-utils popularity was classified as popular.
We found that datocms-structured-text-utils demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.