Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
endpoint-ei
Advanced tools
ejs intermediate is a build environment for nodejs it simply compiles a folder of ejs fun stuff. but this is used in every project.
By Syonfox
A simple build tooling to compile ejs files to a directory -with some context
then some helper scripts that use this in cloudflare pages context.
cat package.json
Fancy example bootstrap script:
If you are reading this and understand it all ask us for a job. we are loo9king for deticated partners who want to colaberate on new projects. for fun and profit (postman)[https://app.getpostman.com/join-team?invite_code=ae56402b69bf9790d65960d149958896]
mkdir myapp ; cd myapp ;
npm init
npm install endpoint-ei -g
npm install endpoint-ei --save-dev
npx eisg ; # this builds ./src/*.ejs -> ./ ignorein partials folders and copying all other filse. ejs has global.json from execution folder available
mkdir functions
mkdir public
mkdir ./src/
midir ./src/functions
mkdir ./src/public
echo {"FOO":"BAR"}
npx ei ./src . global.json; # if installed
node build src . global.json # to run locally in this repo
npx endpoint-ei@1.2.17 --server /path/to/static/assets
https://sgol.pub/JS_EVERYWHERE_EVERYTHING_ALL_AT_ONCE
https://freemap.sgol.pub/fm/yolobud
This publishes only build.js
everything else is a demo app
ei uses itself as a dev dependency to show you how you could use it
essential we have an folder of build assets this can be anything.
so we start with a folder
mkdir ./app
mkdir ./app/src
nano ./app/package.json
nano ./app/.gitignore
nano ./app/README.md
bash ./app/build.sh
bash ./app/publish.sh
echo "Generally the main build outputs are"
ls ./app/public ; # Static assets that are usually free to host
ls ./app/function ; # pages worker function
let everything be relative to the execution root i hope lol
from now own we are going inside the app folder this is the project we are recusivaly building.
There are some assumptions:
source
is a folderdestPath
dest is a path we will try and create the folderpartials
folder these are ignoredejs_dir_context.json
compleate/path/to/mydoc.html.ejs
.replace('.ejs', '.context.json');npm install endpoint-ei
# npx ei source destPath global.json
#Cloudflari pages
mkdir src # a src directory
mkdir src/function # a directory for all static assets
mkdir src/public # a directory for all pages worker functions.
echo '{"FOO":"BAR"}' > global.json # define global context
npx ei src . global.json # build src into current director recursively ignoring partials folders
# If you trust cloud-flare otherwise just push to git
npx wrangler pages dev ./public
# otherwise
git add *
git commit -m "publish"
git push
#
se the shell lib_ejs.sh
It seems like you want to build a command-line tool that compiles EJS templates from a source folder to a destination folder while taking context information from JSON files and applying it to the templates. Here's an example of how you could achieve this using Node.js and the ejs
package:
Project Setup:
First, make sure you have Node.js installed and set up in your project folder. Run the following command to install the required packages:
npm install ejs fs-extra minimist
Project Structure:
Your project structure might look like this:
project/
├── source/
│ ├── index.html.ejs
│ ├── about.html.ejs
│ ├── partials/
│ │ ├── header.ejs
│ │ ├── footer.ejs
│ ├── ...
├── dest/
├── global.json
├── build.js
build.js:
Create a build.js
script to compile the EJS templates:
const ejs = require('ejs');
const fs = require('fs-extra');
const minimist = require('minimist');
async function build(source, dest, globalContext) {
// Read global context
const globalData = require(globalContext);
// Process files
const files = await fs.readdir(source);
for (const file of files) {
if (file.endsWith('.ejs')) {
const contextPath = file.replace('.ejs', '.context.json');
const filePath = `${source}/${file}`;
const context = fs.existsSync(contextPath) ? require(contextPath) : {};
const compiled = await ejs.renderFile(filePath, { ...globalData, ...context });
const outputPath = `${dest}/${file.replace('.ejs', '')}`;
await fs.writeFile(outputPath, compiled);
console.log(`Compiled: ${filePath} -> ${outputPath}`);
} else {
const inputPath = `${source}/${file}`;
const outputPath = `${dest}/${file}`;
await fs.copy(inputPath, outputPath);
console.log(`Copied: ${inputPath} -> ${outputPath}`);
}
}
}
// Parse command-line arguments
const args = minimist(process.argv.slice(2));
const source = args._[0];
const dest = args._[1];
const globalContext = args._[2];
build(source, dest, globalContext)
.then(() => console.log('Build completed successfully'))
.catch(error => console.error('Error:', error));
Usage:
To compile the EJS templates, run the following command:
mkdir functions ; # The ouput serverles cloudflare function
mkdir public ; # The output statec pages assets
mkdir src ; # The input src this should contain a src/function and src/public
nano global.json ; # The global json contect for any ejs files to build
node build.js src . global.json
theoretically
Replace source
with the path to your source folder, dest
with the path to the destination folder, and global.json
with the path to your global context JSON file.
This script should read EJS templates from the source
folder, apply context data from corresponding JSON files, and generate the compiled HTML files in the dest
folder. Other non-EJS files will be copied directly to the destination folder. The script uses the ejs
, fs-extra
, and minimist
packages to achieve this functionality.
I think we can theoretically build the projects like this on the fly in a cloud flare worker under 10 mb
FAQs
ejs intermediate is a build environment for nodejs it simply compiles a folder of ejs fun stuff. but this is used in every project.
The npm package endpoint-ei receives a total of 0 weekly downloads. As such, endpoint-ei popularity was classified as not popular.
We found that endpoint-ei demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.