Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Eta is a fast, lightweight, and highly configurable embedded JavaScript template engine. It is designed to be simple and easy to use, while also being powerful enough to handle complex templating needs.
Basic Template Rendering
This feature allows you to render a basic template with embedded JavaScript expressions. The `render` function takes a template string and a data object, and returns the rendered string.
const eta = require('eta');
const template = 'Hello, <%= it.name %>!';
const data = { name: 'World' };
const result = eta.render(template, data);
console.log(result); // Output: Hello, World!
Template Caching
Eta supports template caching, which allows you to define and reuse templates by name. This can improve performance by avoiding the need to recompile templates on each render.
const eta = require('eta');
eta.templates.define('greeting', 'Hello, <%= it.name %>!');
const data = { name: 'World' };
const result = eta.render('greeting', data);
console.log(result); // Output: Hello, World!
Custom Filters
Eta allows you to define custom filters that can be used within templates to transform data. In this example, a custom filter `shout` is defined to convert a string to uppercase and add exclamation marks.
const eta = require('eta');
eta.configure({
filters: {
shout: (str) => str.toUpperCase() + '!!!'
}
});
const template = 'Hello, <%= it.name | shout %>!';
const data = { name: 'World' };
const result = eta.render(template, data);
console.log(result); // Output: Hello, WORLD!!!
EJS (Embedded JavaScript) is a simple templating language that lets you generate HTML markup with plain JavaScript. It is similar to Eta in terms of syntax and functionality, but Eta is generally faster and more lightweight.
Pug (formerly known as Jade) is a high-performance template engine heavily influenced by Haml. It is known for its clean and minimal syntax. Compared to Eta, Pug offers a more concise syntax but has a steeper learning curve.
Handlebars is a popular templating engine that provides a more logic-less approach to templates. It uses a Mustache-like syntax and is known for its simplicity and ease of use. Unlike Eta, Handlebars enforces a separation of logic and presentation.
Documentation - Chat - RunKit Demo - Playground
You're viewing the source for Eta v3, which we just released! For v2, visit the old branch.
Eta is a lightweight and blazing fast embedded JS templating engine that works inside Node, Deno, and the browser. It's written in TypeScript and emphasizes great performance, configurability, and small bundle size.
<%= someval + "string %>" %>
compiles correctly, while it fails with doT or EJSFor more thorough documentation, visit https://eta.js.org
Install Eta
npm install eta
In the root of your project, create templates/simple.eta
Hi <%= it.name %>!
Then, in your JS file:
import { Eta } from "eta";
// import { Eta } from "https://deno.land/x/eta@v3.1.0/src/index.ts";
const eta = new Eta({ views: path.join(__dirname, "templates") });
// Render a template
const res = eta.render("./simple", { name: "Ben" });
console.log(res); // Hi Ben!
"Eta" means tiny in Esperanto. Plus, it can be used as an acronym for all sorts of cool phrases: "ECMAScript Template Awesomeness", "Embedded Templating Alternative", etc....
Additionally, Eta is a letter of the Greek alphabet (it stands for all sorts of cool things in various mathematical fields, including efficiency) and is three letters long (perfect for a file extension).
@shadowtime2000 created eta-vscode.
eslint-plugin-eta was created to provide an ESLint processor so you can lint your Eta templates.
Currently there is no official Webpack integration but @clshortfuse shared the loader he uses:
{
loader: 'html-loader',
options: {
preprocessor(content, loaderContext) {
return eta.render(content, {}, { filename: loaderContext.resourcePath });
},
},
}
To operate with Eta templates in Node-RED: @ralphwetzel/node-red-contrib-eta
To render Eta templates in Koa web framework: @cedx/koa-eta
eta
Made with ❤ by @nebrelbug and all these wonderful contributors (emoji key):
Ben Gubler 💻 💬 📖 ⚠️ | Clite Tailor 🤔 💻 | Ioan CHIRIAC 💻 🤔 | Craig Morten 💻 | Rajan Tiwari 💡 | shadowtime2000 💻 🤔 ⚠️ | Hamza Hamidi 📖 |
Calum Knott 🤔 | nhaef 💻 | Gün 💻 |
This project follows the all-contributors specification. Contributions of any kind are welcome!
FAQs
Lightweight, fast, and powerful embedded JS template engine
The npm package eta receives a total of 549,080 weekly downloads. As such, eta popularity was classified as popular.
We found that eta demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.