Security News
PyPI’s New Archival Feature Closes a Major Security Gap
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
expressive-code
Advanced tools
A text marking & annotation engine for presenting source code on the web.
A framework-agnostic wrapper package that provides convenient access to the key packages of Expressive Code, an engine for presenting source code on the web.
Instead of having to install and manage multiple Expressive Code packages separately, this package includes both the core engine and all default plugins as dependencies and exports them.
Included packages:
Using this package directly is only recommended for advanced use cases, e.g. to create integrations of Expressive Code into other tools and frameworks.
If you just want to render code blocks on your website, you should use one of the higher-level packages instead, e.g. astro-expressive-code
or rehype-expressive-code
for code blocks in markdown / MDX documents.
Read the Expressive Code docs to learn more about the features provided by Expressive Code.
npm install expressive-code
// File: generate-html.mjs
import { ExpressiveCode } from 'expressive-code'
import { toHtml } from 'expressive-code/hast'
import fs from 'fs'
const ec = new ExpressiveCode()
// Get base styles that should be included on the page
// (they are independent of the rendered code blocks)
const baseStyles = await ec.getBaseStyles()
const themeStyles = await ec.getThemeStyles()
const jsModules = await ec.getJsModules()
// Render some example code to AST
const { renderedGroupAst, styles: blockStyles } = await ec.render({
code: 'console.log("Hello world!")',
language: 'js',
meta: '',
})
// Convert the rendered AST to HTML
let htmlContent = toHtml(renderedGroupAst)
// Collect styles and add them before the HTML content
const stylesToPrepend = []
stylesToPrepend.push(baseStyles)
stylesToPrepend.push(themeStyles)
stylesToPrepend.push(...blockStyles)
const styleContent = `<style> ${[...stylesToPrepend].join('')} </style>`
const jsContent = `<script type="module"> ${[...jsModules].join('')} </script>`
const htmlDocument = `
<!doctype html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta http-equiv="X-UA-Compatible" content="ie=edge">
<title>Document</title>
${styleContent}
${jsContent}
</head>
<body>
${htmlContent}
</body>
</html>
`
// Output HTML to the console
console.log(htmlDocument)
// Run `node generate-html.mjs` to generate the HTML file
// and open it in the browser
fs.writeFileSync('index.html', htmlDocument)
FAQs
A text marking & annotation engine for presenting source code on the web.
The npm package expressive-code receives a total of 35,986 weekly downloads. As such, expressive-code popularity was classified as popular.
We found that expressive-code demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
Research
Security News
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.
Security News
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.