Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
express-notebook
Advanced tools
A drop-in markdown blogging framework for Express applications that takes 60 seconds to set up.
A simple, drop-in markdown blogging framework for Express applications.
$ yarn add express-notebook
or
$ npm install express-notebook --save
express-notebook
with your application.const Notebook = require('express-notebook');
const notebook = new Notebook({
// Your Express app object.
app,
/**
* The directory in your project where you'll keep your post markdown files and `data.json`
* (explained below).
*/
postsDir: 'src/posts',
// The URL path prefix where your posts will be accessed (eg example.com/posts/foo-bar).
urlPath: '/posts',
/**
* The template with which your posts will be rendered. Should render a `post` variable that's
* rendered unescaped since `post` will be an HTML string.
*/
template: 'post'
});
notebook.setPostRoutes();
data.json
with your post data like this:eg, src/posts/data.json
{
"posts": [{
// The name of the markdown file corresponding to this post. This markdown file should live in the same directory as data.json
"filename": "foo.md",
// The URL slug for this post.
"slug": "my-blog-post",
// Any metadata want to pass to your post template.
"metadata": {
"title": "My blog post title",
"date": "3/14/2017",
"location": "San Francisco, California"
}
}, {
...
}]
}
express-notebook
also exposes the post data read from data.json
. This is useful for creating a post index, for example.
...
const posts = notebook.getPostData();
res.render('/posts', {
posts
});
...
FAQs
A drop-in markdown blogging framework for Express applications that takes 60 seconds to set up.
The npm package express-notebook receives a total of 3 weekly downloads. As such, express-notebook popularity was classified as not popular.
We found that express-notebook demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.