Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
gatsby-rehype-inline-images
Advanced tools
Downloads remote inline images and processes them with the Gatsby image tool chain. This plugin is part of the rehype collection and intended to be used with gatsby-transformer-rehype.
yarn add gatsby-plugin-sharp gatsby-transformer-rehype gatsby-rehype-inline-images
// In your gatsby-config.js
plugins: [
{
resolve: `gatsby-plugin-sharp`,
},
{
resolve: `gatsby-transformer-rehype`,
options: {
filter: node => (
// this is an example (any node type can be selected)
node.internal.type === `GhostPost`
),
plugins: [
{
resolve: `gatsby-rehype-inline-images`,
// all options are optional and can be omitted
options: {
// all images larger are scaled down to maxWidth (default: maxWidth = imageWidth)
// maxWidth: 2000,
withWebp: true,
// disable, if you need to save memory
useImageCache: true,
}
},
],
},
},
]
This plugin walks the htmlAst
syntax tree and extracts all img
tags. For each image found, the remote image data is fetched and put into a new file node. If the image format is supported by gatsby-plugin-sharp
, the image is transformed into a fluid image. The fluid image is attached to the htmlAst
coming from gatsby-transformer-rehype
and the img
tag is replaced by img-sharp-inline
. That way, transformed images can be easily detected later and picked up by React components.
Unsupported image formats are directly copied to the /static
folder and the image src
attribute is updated to the new local image location. Both the file node and the processed images are cached in order to speed up build times on subsequent runs.
As this plugin mutates the htmlAst
all changes are included in this syntax tree and in the transformed html
:
{
allGhostPost {
edges {
node {
childHtmlRehype {
htmlAst
html
}
}
}
}
}
img-sharp-inline
propertiesAn image that is transformed gets additional properties:
<img-sharp-inline htmlTag="" htmlClearProps="" parentClassName="" className="" fluidImg="" alt="" maxWidth="" />
where
img
)fluid-image
img
These properties give you the needed flexibility in your React components.
CSS flexbox layouts need a little help in order to be able to display images with correct aspect ratios. For that reason, the following style property is added to the parent of the img
tag:
style="flex: ${image.aspectRatio} 1 0"
where the image.aspectRatio
is computed directly from the image. If you do not use CSS flexbox styles, the added style instruction won't have any effect.
In addition, the attribute fluid-image
is added to the parent's class
property, which you can use in your style sheets.
Instead of using the html
it is highly recommended start from the htmlAst
and compile it directly into a React component:
import React from 'react'
import rehypeReact from 'rehype-react'
import { ImgSharpInline } from '.'
const renderAst = new rehypeReact({
Fragment: React.Fragment,
createElement: React.createElement,
components: { "img-sharp-inline": ImgSharpInline },
}).Compiler
const RenderContent = ({ htmlAst }) => (
<div>
{ renderAst(htmlAst) }
</div>
)
export default RenderContent
A minimal ImgSharpInline
component may look like:
import React from 'react'
import Img from 'gatsby-image'
const ImgSharpInline = ({ parentClassName, className, fluidImg, alt }) => (
<Img
className={className}
fluid={fluidImg && JSON.parse(fluidImg)}
alt={alt}
/>
)
export default ImgSharpInline
This will make your inline images fully responsive and plays nicely with all gatsby-image
features such as the blur-up effect.
If your site contains many inline images, your build times may be considerably increased by using this plugin. Every image needs to be downloaded and processed which are network and computationally heavy tasks. This plugin utilizes the cache, so subsequent builds will be fast. Property injection into the parent has been hard-coded -- this could be made configurable. If that limits your use case, let me know.
Please always clear the cache with yarn clean
before reporting a bug to this project.
Copyright (c) 2020 styxlab - Released under the MIT license.
FAQs
Gatsby plugin to download external images
We found that gatsby-rehype-inline-images demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.