Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
diff2html
Advanced tools
The diff2html npm package is a tool that allows you to convert unified diff output into HTML. It is useful for visualizing differences between files in a human-readable format, making it easier to review changes in code.
Generating HTML from Diff
This feature allows you to convert a unified diff string into an HTML string. The HTML output can then be embedded into a web page for visual representation of the differences.
const Diff2Html = require('diff2html');
const diffString = 'diff --git a/file1 b/file1\nindex 83db48f..f7353a0 100644\n--- a/file1\n+++ b/file1\n@@ -1 +1 @@\n-Hello World\n+Hello Diff2Html';
const outputHtml = Diff2Html.html(diffString);
console.log(outputHtml);
Generating JSON from Diff
This feature allows you to parse a unified diff string into a JSON object. The JSON output can be used for further processing or custom rendering.
const Diff2Html = require('diff2html');
const diffString = 'diff --git a/file1 b/file1\nindex 83db48f..f7353a0 100644\n--- a/file1\n+++ b/file1\n@@ -1 +1 @@\n-Hello World\n+Hello Diff2Html';
const outputJson = Diff2Html.parse(diffString);
console.log(outputJson);
Styling the Diff Output
This feature allows you to customize the HTML output with various options such as drawing a file list and matching lines. This makes the diff output more informative and easier to navigate.
const Diff2Html = require('diff2html');
const diffString = 'diff --git a/file1 b/file1\nindex 83db48f..f7353a0 100644\n--- a/file1\n+++ b/file1\n@@ -1 +1 @@\n-Hello World\n+Hello Diff2Html';
const outputHtml = Diff2Html.html(diffString, { drawFileList: true, matching: 'lines' });
console.log(outputHtml);
The 'diff' package provides a set of tools to compare strings, arrays, and objects. It is more focused on providing the raw differences rather than visualizing them, making it suitable for backend processing and custom diff algorithms.
The 'jsdiff' package is another tool for comparing text differences. It offers a variety of diff algorithms and can output differences in several formats, including JSON. However, it does not provide built-in HTML rendering like diff2html.
The 'git-diff' package is designed to generate diffs in the same format as the git diff command. It is useful for applications that need to integrate with git repositories but does not offer HTML rendering capabilities.
Diff to Html generates pretty HTML diffs from git diff output.
line-by-line
and side-by-side
diff
new and old line numbers
inserted and removed lines
GitHub like style
Code syntax highlight
Line similarity matching
Go to Diff2HTML
Manually download and import dist/diff2html.min.js
into your page
Pretty HTML diff
Diff2Html.getPrettyHtml(exInput, configuration)
Intermediate Json From Git Word Diff Output
Diff2Html.getJsonFromDiff(exInput)
Check out the
index.html
for a complete example.
The HTML output accepts a Javascript object with configuration. Possible options:
inputFormat
: the format of the input data: 'diff'
or 'json'
, default is 'diff'
outputFormat
: the format of the output data: 'line-by-line'
or 'side-by-side'
, default is 'line-by-line'
showFiles
: show a file list before the diff: true
or false
, default is false
matching
: matching level: 'lines'
for matching lines, 'words'
for matching lines and words or 'none'
, default is none
matchWordsThreshold
: similarity threshold for word matching, default is 0.25Add the dependencies. Choose one color scheme, and add the main highlight code. If your favourite language is not included in the default package also add its javascript highlight file.
<!-- Stylesheet -->
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/8.6/styles/github.min.css">
<!-- Javascripts -->
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/8.6/highlight.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/8.6/languages/scala.min.js"></script>
Invoke the highlightjs plugin
document.addEventListener("DOMContentLoaded", function () {
// parse the diff to json
var diffJson = Diff2Html.getJsonFromDiff(lineDiffExample);
// collect all the file extensions in the json
var allFileLanguages = diffJson.map(function (line) {
return line.language;
});
// remove duplicated languages
var distinctLanguages = allFileLanguages.filter(function (v, i) {
return allFileLanguages.indexOf(v) == i;
});
// pass the languages to the highlightjs plugin
hljs.configure({languages: distinctLanguages});
// generate and inject the diff HTML into the desired place
document.getElementById("line-by-line").innerHTML = Diff2Html.getPrettyHtml(diffJson, { inputFormat: 'json' });
document.getElementById("side-by-side").innerHTML = Diff2Html.getPrettyHtml(diffJson, { inputFormat: 'json', outputFormat: 'side-by-side' });
// collect all the code lines and execute the highlight on them
var codeLines = document.getElementsByClassName("d2h-code-line-ctn");
[].forEach.call(codeLines, function (line) {
hljs.highlightBlock(line);
});
});
All the contributions are welcome.
To contribute just send a pull request with your changes and I will review it asap.
Copyright 2014 Rodrigo Fernandes. Released under the terms of the MIT license.
This project is inspired in pretty-diff by Scott González.
FAQs
Fast Diff to colorized HTML
The npm package diff2html receives a total of 199,442 weekly downloads. As such, diff2html popularity was classified as popular.
We found that diff2html demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.