Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
gulp-xml-transformer
Advanced tools
Transform xml documents gulp plugin
$ npm install --save-dev gulp-xml-transformer
import xmlTransformer from "gulp-xml-transformer";
/*
* edit XML document by using user specific object
*/
gulp.src("./manifest.xml")
.pipe(xmlTransformer([
{ path: '//name', text: 'new names' },
{ path: '//version', attr: { 'major': '2' } }
]))
.pipe(gulp.dest("./dest"));
/*
* attributes can be functions too
*/
gulp.src("./manifest.xml")
.pipe(xmlTransformer([
{ path: '//version', attr: { 'major': val => parseInt(val, 10) + 1 } }
])
.pipe(gulp.dest("./dest"));
/*
* edit XML document by using user specific object using a namespace
*/
gulp.src("./manifest.xml")
.pipe(xmlTransformer([
{ path: '//xmlns:name', text: 'new names' },
{ path: '//xmlns:version', attr: { 'major': '2' } }
], 'http://www.w3.org/ns/widgets'))
.pipe(gulp.dest("./dest"));
/*
* edit XML document by using user specific object using a custom namespace
*/
gulp.src("./manifest.xml")
.pipe(xmlTransformer([
{ path: '//a:name', text: 'new names' },
{ path: '//a:version', attr: { 'major': '2' } }
], { a: 'http://www.w3.org/ns/widgets' }))
.pipe(gulp.dest("./dest"));
/*
* edit XML document by using user specific function
*/
gulp.src("./manifest.xml")
.pipe(xmlTransformer((xml, libxmljs) => {
// 'xml' is libxmljs Document object.
xml.get('//key[./text()="Version"]').nextElement().text('2.0.0');
// 'libxmljs' is libxmljs object. you can call any libxmljs function.
const child = new libxmljs.Element(xml, 'note');
child.text('some text');
xml.get('//description').addChild(child);
// must return libxmljs Document object.
return xml;
}))
.pipe(gulp.dest("./dest"));
/*
* edit XML document with an async function
*/
gulp.src("./manifest.xml")
.pipe(xmlTransformer((xml, libxmljs) => {
// 'xml' is libxmljs Document object.
xml.get('//key[./text()="Version"]').nextElement().text('2.0.0');
// 'libxmljs' is libxmljs object. you can call any libxmljs function.
const child = new libxmljs.Element(xml, 'note');
child.text('some text');
xml.get('//description').addChild(child);
// must return libxmljs Document object.
return Promise.resolve(xml);
}))
.pipe(gulp.dest("./dest"));
Please see libxmljs wiki page to get more information about libxmljs API.
Based on gulp-xml-editor.
Type: Object | Array<Object> | Function
The objects must be one of following.
// to modify(or add) the text of the element
{ path: 'xpath to the element', text: 'new text value' }
// to modify(or add) a attribute of the element
{ path: 'xpath to the element', attr: { 'attrName': 'attrValue' } }
// to modify(or add) some attributes of the element
{
path: 'xpath to the element',
attrs: [
{ 'attrName1': 'attrValue1' },
{ 'attrName2': 'attrValue2' }
]
}
// alternatively
{
path: 'xpath to the element',
attrs: {
'attrName1': 'attrValue1',
'attrName2': 'attrValue2',
}
}
// if the new value of the attribute depends on the old value, pass in a function
{
path: 'xpath to the element',
attrs: {
'foo': oldVal => oldVal.replace('bar', 'baz'),
}
}
// if you don't want an error to be thrown when the xpath doesn't match
{
path: 'xpath that doesn\'t match',
isMandatory: false,
attrs: {
'attrName1': 'attrValue1',
'attrName2': 'attrValue2',
}
}
The if a function is supplied, it must have the following signature: function (doc, [libxmljs]) {}
, and must return a libxmljs Document object. The doc
argument is a libxmljs Document object, and the libxmljs
argument is libxmljs object.
Type: Object | string
A string representing the Namespace URI of the elements to transform, or an object literal with namespaces.
See the LICENSE file for license rights and limitations (MIT).
FAQs
Gulp plugin for transforming xml content
We found that gulp-xml-transformer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.