Security News
NVD Backlog Tops 20,000 CVEs Awaiting Analysis as NIST Prepares System Updates
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
edge-parser
Advanced tools
Parser to convert edge template to invokable functions
This repo is the parser to convert edge templates to a self invoked Javascript function. Later you can invoke this function by providing a context.
Install the package from npm registry as follows:
npm i edge-parser
# yarn
yarn add edge-parser
and then use it as follows
import { Parser } from 'edge-parser'
const tagsIfAny = {}
const parser = new Parser(tagsIfAny, { filename: 'foo.edge' })
parser.parse(`Hello {{ username }}`)
Output
let out = ''
let $lineNumber = 1
let $filename = 'eval.edge'
try {
out += 'Hello '
out += `${ctx.escape(state.username)}`
} catch (error) {
ctx.reThrow(error, $filename, $lineNumber)
}
return out
Notice of use of
ctx
in the function body. Parser doesn't provide the implementation ofctx
, the runtime of template engine should provide it.
Along with parsing the main template, the parser also exposes the API, that tags can use to selectively parse the content of a tag.
Parses a string as a Javascript expression. The output is a valid Estree expression
The following example returns a BinaryExpression
const loc = {
start: { line: 1, col: 1 },
end: { line: 1, col: 1 },
}
const filename = 'eval.edge'
parser.utils.generateAST('2 + 2', loc, filename)
Transform the acorn AST and make it compatible with Edge runtime. This method mutates the inner nodes of the original AST.
const loc = {
start: { line: 1, col: 1 },
end: { line: 1, col: 1 },
}
const filename = 'eval.edge'
parser.utils.transformAst(parser.utils.generateAST('2 + 2', loc, filename), filename)
Returns an array of lexer tokens for the given template. The method is a shortcut to self import the lexer module and then generating tokens.
const tokens = parser.tokenize('Hello {{ username }}')
Output
[
{
"type": "raw",
"line": 1,
"value": "Hello "
},
{
"type": "mustache",
"filename": "eval.edge",
"loc": {
"start": {
"line": 1,
"col": 8
},
"end": {
"line": 1,
"col": 20
}
},
"properties": {
"jsArg": " username "
}
}
]
Convert edge or acorn expression back to a string. This is helpful, when you mutate some nodes inside the expression and now want a valid Javascript string out of it.
const expression = parser.utils.generateAST(
'2 + 2',
{
start: { line: 1, col: 1 },
end: { line: 1, col: 1 },
},
'eval.edge'
)
expression.left.value = 3
parser.utils.stringify(expression) // returns 3 + 2
Parse a template to an IIFE
. This is what you will use most of the time.
parser.parse('Hello {{ username }}')
Output
let out = ''
let $lineNumber = 1
let $filename = 'eval.edge'
try {
out += 'Hello '
out += `${ctx.escape(state.username)}`
} catch (error) {
ctx.reThrow(error, $filename, $lineNumber)
}
return out
You will often find yourself using this method as a tag author, when you want to recursively process all children of your tag
const byPass = {
block: true,
seekable: false,
name: 'bypass',
compile(parser, buffer, token) {
token.children.forEach((child) => parser.processToken(child, buffer))
},
}
and then use it as
@bypass
Hello {{ username }}
@endbypass
The following expressions are supported by the parser. Can you also access the list of supported expressions as
import { expressions } from 'edge-parser'
The identifier are prefixed with state.
In following statement username
is the identifier
Hello {{ username }}
A string literal
Hello {{ 'Guest' }}
The [1, 2, 3, 4]
is an array expression.
Evens are {{
[1, 2, 3, 4].filter((num) => num % 2 === 0)
}}
The { username: 'virk' }
is an Object expression
{{ toJSON({ username: 'virk' }) }}
Following are examples of UnaryExpression
.
{{ typeof(username) }}
{{ !!username }}
Here {{ 2 + 2 }}
is the binary expression
{{ 2 + 2 }} = 4
Following is the example of LogicalExpression
.
{{ username || admin.username }}
{{ username.toUpperCase() }}
{{ username ? username : 'Guest' }}
{{ upper(username) }}
Sequence is not supported in mustache blocks and instead used inside tags. For example:
Everything inside ()
is a sequence expression.
@component('button', text = 'Submit', type = 'Primary')
{{ Hello `${username}` }}
{{
users.map((user) => {
return user.username
})
}}
{{ await foo() }}
{{ function foo () {} }}
You must define a context object with escape
and reThrow
methods when executing the parser compiled function
const ctx = {
escape(value) {
if (typeof value === 'string') {
return escapedValue
}
return value
},
reThrow(error, fileName, lineNumber) {},
}
Following are the auto generated files via Type doc
FAQs
Parser for edge template engine
The npm package edge-parser receives a total of 12,574 weekly downloads. As such, edge-parser popularity was classified as popular.
We found that edge-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.