Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
gulp-inject-partials
Advanced tools
Readme
A recursive injection of partials based on their path name for gulp.
Gulp-inject-partials parses target file, located defined placeholders and injects file contents based on their relative path. See Basic usage and More examples below.
Gulp-inject-partials is based/inspired by gulp-inject
.
Note: NodeJs v4 or above is required.
Install gulp-inject-partials
as a development dependancy:
npm install --save-dev gulp-inject-partials
Each pair of comments are the injection placeholders (aka. tags, see options.start
and options.end
).
index.html
<!DOCTYPE html>
<html>
<head>
<title>My index</title>
</head>
<body>
<!-- partial:partial/_mypartial.html -->
<!-- partial -->
</body>
</html>
partial/_mypartial.html
<div>
This text is in partial
</div>
gulpfile.js
var gulp = require('gulp');
var injectPartials = require('gulp-inject-partials');
gulp.task('index', function () {
return gulp.src('./src/index.html')
.pipe(injectPartials())
.pipe(gulp.dest('./src'));
});
Results in
<!DOCTYPE html>
<html>
<head>
<title>My index</title>
</head>
<body>
<!-- partial:views/_mypartial.html -->
<div>
This text is in partial
</div>
<!-- partial -->
</body>
</html>
Nesting partials works same way as single level injection. When injecting partials, gulp-inject-partials
will parse parent file in search for partials to inject. Once it finds a partial will then recursively parse child partial.
index.html
<!DOCTYPE html>
<html>
<head>
<title>My index</title>
</head>
<body>
<!-- partial:views/_mypartial.html -->
<!-- partial -->
</body>
</html>
views/_mypartial.html
<div>
This is in partial
<!-- partial:_mypartial2.html -->
<!-- partial -->
<!-- partial:_mypartial3.html -->
<!-- partial -->
</div>
views/_mypartial2.html
<div>
This text is in partial 2
</div>
views/_mypartial3.html
<div>
This text is in partial 3
</div>
gulpfile.js
var gulp = require('gulp');
var injectPartials = require('gulp-inject-partials');
gulp.task('index', function () {
return gulp.src('./src/index.html')
.pipe(injectPartials())
.pipe(gulp.dest('./src'));
});
Results in
<!DOCTYPE html>
<html>
<head>
<title>My index</title>
</head>
<body>
<!-- partial:views/_mypartial.html -->
<div>
This is in partial
<!-- partial:_mypartial2.html -->
<div>
This text is in partial 2
</div>
<!-- partial -->
<!-- partial:_mypartial3.html -->
<div>
This text is in partial 3
</div>
<!-- partial -->
</div>
<!-- partial -->
</body>
</html>
start
and/or end
tagIt's possible to change start and end tag by setting option.start
and options.end
respectivelly.
index.html
<!DOCTYPE html>
<html>
<head>
<title>My index</title>
</head>
<body>
<## partial/_mypartial.html>
</##>
</body>
</html>
partial/_mypartial.html
<div>
This text is in partial
</div>
gulpfile.js
var gulp = require('gulp');
var injectPartials = require('gulp-inject-partials');
gulp.task('index', function () {
return gulp.src('./src/index.html')
.pipe(injectPartials({
start: '<## {{path}}>',
end: '</##>'
}))
.pipe(gulp.dest('./src'));
});
Results in
<!DOCTYPE html>
<html>
<head>
<title>My index</title>
</head>
<body>
<!-- partial:views/_mypartial.html -->
<div>
This text is in partial
</div>
<!-- partial -->
</body>
</html>
For production purposes we would like inject tags to be removed and have a clean html. This is possible with options.removeTags
.
index.html
<!DOCTYPE html>
<html>
<head>
<title>My index</title>
</head>
<body>
<!-- partial:partial/_mypartial.html -->
<!-- partial -->
</body>
</html>
partial/_mypartial.html
<div>
This text is in partial
</div>
gulpfile.js
var gulp = require('gulp');
var injectPartials = require('gulp-inject-partials');
gulp.task('index', function () {
return gulp.src('./src/index.html')
.pipe(injectPartials({
removeTags: true
}))
.pipe(gulp.dest('./src'));
});
Results in
<!DOCTYPE html>
<html>
<head>
<title>My index</title>
</head>
<body>
<div>
This text is in partial
</div>
</body>
</html>
Type: String
Param (optional):
path
- relative path to source fileDefault: <!-- partial:{{path}} -->
Used to dynamically set starting placeholder tag, which might contain relative path
to source file. Even thou this parameter is optional, whithout it no file would be injected.
Type: String
Param (optional):
path
- relative path to source fileDefault: <!-- partial -->
Used to dynamically set ending placeholder tag, which might contain relative path
to source file.
Type: Boolean
Default: false
When true
the start and end tags will be removed when injecting files.
Type: Boolean
Default: false
When true
gulp task will not render any information to console.
FAQs
A recursive injection of partials based on their path name for gulp
The npm package gulp-inject-partials receives a total of 466 weekly downloads. As such, gulp-inject-partials popularity was classified as not popular.
We found that gulp-inject-partials demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.