Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

edge-lexer

Package Overview
Dependencies
Maintainers
1
Versions
62
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

edge-lexer

Parses raw markup files to converts them to Edge tokens

  • 4.0.10
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
16K
decreased by-17.59%
Maintainers
1
Weekly downloads
 
Created
Source

Edge lexer

Generating high level tokens from Edge whitelisted markup

gh-workflow-image npm-image license-image synk-image

Edge lexer produces a list of tokens by scanning for Edge whitelisted syntax.

This module is a blend of a lexer and an AST generator, since Edge doesn't need a pure lexer that scans for each character. Edge markup is written within other markup languages like HTML or Markdown and walking over each character is waste of resources.

Instead, this module starts by detecting for the Edge whitelisted syntax and then starts the lexical analysis within the detected markup.

Table of contents

Highlights

  • Zero dependencies (Actually one dependency that is also to standardize edge errors).
  • Just uses one regex statement. That also tested against safe-regex for ReDOS
  • Allows multiline expressions
  • Collects line and columns for accurate stack traces.
  • Detects for unclosed tags.
  • Detects for unwrapped expressions and raises appropriate errors.

Performance

Following measures are taken to keep the analysis performant.

  1. Only analyse markup that is detected as Edge whitelisted syntax.
  2. Only analyse tags, that are passed to the tokenizer. Which means even if the syntax for tags is whitelisted, the tokeniser will analyse them if they are used by your app.
  3. Do not analyse Javascript expression and leave that for edge-parser.
  4. Only uses one Regular expression.

Usage

import { Tokenizer } from 'edge-lexer'

const template = `Hello {{ username }}`
const tags = {
  if: {
    block: true,
    seekable: true,
  },
}

// Filename is required to add it to error messages
const options = {
  filename: 'welcome.edge',
}

const tokenizer = new Tokenizer(template, tags, options)

tokenizer.parse()
console.log(tokenizer.tokens)

Pre-processing lines

You can also pre-process lines before the tokenizer tokenizes them.

const options = {
  filename: 'welcome.edge',
  onLine: (line: string) => {
    // transform here and return new string value
    return line
  },
}

const tokenizer = new Tokenizer(template, {}, options)

Terms used

This guide makes use of the following terms to identify core pieces of the tokenizer.

TermToken TypeDescription
TagtagTags are used to define logical blocks in the template engine. For example if tag or include tag.
Escaped Tage__tagEscaped tag, Edge will not evaluate it at runtime.
MustachemustacheJavascript expression wrapped in curly braces. {{ }}
Safe Mustaches__mustacheSafe mustache, that doesn't escape the output {{{ }}}
Escaped Mustachee__mustacheMustache tag that is escaped
Escaped Safe Mustachees__mustacheSafe Mustache tag that is escaped
RawrawA raw string, which has no meaning for the template engine
NewLinenewlineNewline
CommentcommentEdge specific comment block. This will be ripped off in the output.

Tokens

Following is the list of Nodes returned by the tokenizer.

Tag Token
{
  type: 'tag'
  filename: 'eval.edge',
  loc: {
    start: {
      line: 1,
      col: 4
    },
    end: {
      line: 1,
      col: 13
    }
  },
  properties: BlockProp,
  children: []
}
Escaped Tag Token
{
- type: 'tag',
+ type: 'e__tag',
  filename: 'eval.edge',
  loc: {
    start: {
      line: 1,
      col: 4
    },
    end: {
      line: 1,
      col: 13
    }
  },
  properties: BlockProp,
  children: []
}
Raw Token
{
  type: 'raw',
  filename: 'eval.edge',
  line: number,
  value: string
}
Comment Token
{
  type: 'comment',
  filename: 'eval.edge',
  line: number,
  value: string
}
NewLine Token
{
  type: 'newline',
  line: number
}
Mustache Token
{
  type: 'mustache',
  filename: 'eval.edge',
  loc: {
    start: {
      line: 1,
      col: 4
    },
    end: {
      line: 1,
      col: 13
    }
  },
  properties: Prop
}
Safe Mustache Token
{
- type: 'mustache',
+ type: 's__mustache',
  filename: 'eval.edge',
  loc: {
    start: {
      line: 1,
      col: 4
    },
    end: {
      line: 1,
      col: 13
    }
  },
  properties: Prop
}
Escaped Mustache Token
{
- type: 'mustache',
+ type: 'e__mustache',
  filename: 'eval.edge',
  loc: {
    start: {
      line: 1,
      col: 4
    },
    end: {
      line: 1,
      col: 13
    }
  },
  properties: Prop
}
Escaped Safe Mustache Token
{
- type: 'mustache',
+ type: 'es__mustache',
  filename: 'eval.edge',
  loc: {
    start: {
      line: 1,
      col: 4
    },
    end: {
      line: 1,
      col: 13
    }
  },
  properties: Prop
}
KeyValueDescription
typestringThe type of node determines the behavior of node
locobjectloc is only present for tags and mustache tokens
linenumberline is not present for tags and mustache tokens
propertiesPropMeta data for the node. See Properties to more info
valuestringIf token is a raw or comment token, then value is the string in the source file
childrenarrayArray of recursive nodes. Only exists, when token is a tag

Properties

The properties Prop is used to define meta data for a given Node. Nodes like raw, comment and newline, doesn't need any metadata.

BlockProp

The block prop is used by the Block node. The only difference from the regular Prop is the addition of selfclosed attribute.

{
  name: string
  jsArg: string,
  selfclosed: boolean
}
Prop
{
  jsArg: string,
}
KeyDescription
jsArgThe jsArg is the Javascript expression to evaluate. Whitespaces and newlines are preserved inside the jsArg
selfclosedWhether or not the tag was selfclosed during usage.

Mustache expressions

For mustache nodes props, the name is the type of mustache expressions. The lexer supports 4 mustache expressions.

mustache

{{ username }}

e__mustache (Escaped mustache)

The following expression is ignored by edge. Helpful when you want this expression to be parsed by a frontend template engine

@{{ username }}

s__mustache (Safe mustache)

The following expression output is considered HTML safe.

{{{ '<p> Hello world </p>' }}}

es__mustache (Escaped safe mustache)

@{{{ '<p> Not touched </p>' }}}

Errors

Errors raised by the lexer are always an instance of edge-error and will contain following properties.

error.message
error.line
error.col
error.filename
error.code

Example

{{-- Show username when exists --}} @if(username) {{-- Wrap inside h2 --}}
<h2>Hello {{ username }}</h2>
@endif

The output of the above text will be

[
  {
    "type": "comment",
    "filename": "eval.edge",
    "value": " Show username when exists ",
    "loc": {
      "start": {
        "line": 1,
        "col": 4
      },
      "end": {
        "line": 1,
        "col": 35
      }
    }
  },
  {
    "type": "tag",
    "filename": "eval.edge",
    "properties": {
      "name": "if",
      "jsArg": "username",
      "selfclosed": false
    },
    "loc": {
      "start": {
        "line": 2,
        "col": 4
      },
      "end": {
        "line": 2,
        "col": 13
      }
    },
    "children": [
      {
        "type": "newline",
        "filename": "eval.edge",
        "line": 2
      },
      {
        "type": "comment",
        "filename": "eval.edge",
        "value": " Wrap inside h2 ",
        "loc": {
          "start": {
            "line": 3,
            "col": 4
          },
          "end": {
            "line": 3,
            "col": 24
          }
        }
      },
      {
        "type": "newline",
        "filename": "eval.edge",
        "line": 3
      },
      {
        "type": "raw",
        "value": "<h2> Hello ",
        "filename": "eval.edge",
        "line": 4
      },
      {
        "type": "mustache",
        "filename": "eval.edge",
        "properties": {
          "jsArg": " username "
        },
        "loc": {
          "start": {
            "line": 4,
            "col": 13
          },
          "end": {
            "line": 4,
            "col": 25
          }
        }
      },
      {
        "type": "raw",
        "value": " </h2>",
        "filename": "eval.edge",
        "line": 4
      }
    ]
  }
]

Raised exceptions

Following the links to documented error codes raised by the lexer.

Maintainers

Harminder virk

Keywords

FAQs

Package last updated on 08 Apr 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc