Security News
Crates.io Users Targeted by Phishing Emails
The Rust Security Response WG is warning of phishing emails from rustfoundation.dev targeting crates.io users.
By Sarah Gooding - Sep 12, 2025
handledom
An HTML template engine for DOM lovers.
How to use with Webpack
Handledom templates will be compiled at build time by Webpack.
Install:
# Install Handledom and its webpack plugin
npm i handledom
npm i -D @handledom/in-template-string-loader
# Install classic webpack packages
npm i -D webpack webpack-cli
In webpack.config.js:
module.exports = {
// …
module: {
rules: [
{
test: /\.js$/,
exclude: /node_modules/,
use: ["@handledom/in-template-string-loader"]
},
]
}
}
In a source file:
import handledom from "handledom"
const template = handledom`<p>Hello, {{ name }}!</p>`
const { root, update } = template({
name: "Steve"
})
document.body.append(root)
Configure Webpack to use Handledom with TypeScript
In webpack.config.js:
module.exports = {
// …
resolve: {
extensions: [".ts"],
},
module: {
rules: [
{
test: /\.ts$/,
exclude: /node_modules/,
use: ["@handledom/in-template-string-loader", "ts-loader"]
},
]
}
}
How to use with compilation on the browser
Handledom templates can be compiled at runtime on the browser. Here is how to do:
Install handledom:
npm i handledom
In a source file:
import handledom from "handledom/browser"
const template = handledom`<p>Hello, {{ name }}!</p>`
const { root, update } = template({
name: "Steve"
})
document.body.append(root)
Contribute
Install and Build
We need a JVM (Java Virtual Machine) to build the parser because we use ANTLR, which is a Java program. So, at first, install a JVM on your system.
In a terminal, open the cloned handledom/handledom/ repository. Then:
# Download once the ANTLR JAR file in the project's root directory
wget https://www.antlr.org/download/antlr-4.7.2-complete.jar
# Install once all Node.js dependencies
npm install
Development environment
With VS Code, our recommanded plugins are:
- ANTLR4 grammar syntax support -
mike-lischke.vscode-antlr4 - ESLint -
dbaeumer.vscode-eslint - Prettier -
esbenp.prettier-vscode
FAQs
An HTML template engine for DOM lovers.
We found that handledom demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 01 Aug 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Pull Request Alert Comment Headers
Socket now lets you customize pull request alert headers, helping security teams share clear guidance right in PRs to speed reviews and reduce back-and-forth.
By André Staltz - Sep 12, 2025
Product
Rust Support Now in Beta
Socket's Rust support is moving to Beta: all users can scan Cargo projects and generate SBOMs, including Cargo.toml-only crates, with Rust-aware supply chain checks.
By Mikola Lysenko, Trevor Norris - Sep 11, 2025