Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
hexo-related-posts
Advanced tools
hexo-related-posts
is a plugin for Hexo static site generator that generates related posts list with TF/IDF algorithm.
ASP.NET
will not be split into ASP
and NET
).word → count
for every post.related_posts
property added to every post so you can use it the template and display related posts 🎉.$ npm install hexo-related-posts --save-dev
related_posts
to Hexo config file (see details below).related_posts
property will appear in the page
variable.The example of post layout that generates list of related post:
<% if (page.related_posts && page.related_posts.length > 0) { %>
<section>
<h2>Related posts</h2>
<ul>
<% for (const path of page.related_posts) { %>
<% const url = url_for(path) %>
<% if (url) { %>
<li><a href="<%= url %>"><%= url %></a></li>
<% } %>
<% } %>
</ul>
</section>
<% } %>
To configure the plugin add related_posts
to Hexo config file. Example:
related_posts:
enabled: true
enable_env_name: prod
filter_threshold: 0.3
related_count: 3
weight:
title: 0.05
description: 0.05
keywords: 0.01
tags: 0.005
categories: 0.005
text: 1
stemmers:
- en
- ru
reserved:
- asp.net
- vs.net
- ado.net
- .net
Key | Required | Default value | Description |
---|---|---|---|
enabled | no | true | Flag to disable plugin execution. |
enable_env_name | no | It's possible to disable plugin execution depending on env variable. For example, if you want to calculate related post only for production build, you can set this parameter to prod . In this case, related post will be generated only if you put prod key during running Hexo, i.e. hexo generate -- --prod | |
filter_threshold | no | 0.2 | During related posts calculation some number is going to be calculated. The more value means that the posts more similar. So, if you see that it calculates "unrelated" posts, you can slightly increase this value. |
related_count | no | 5 | Number of posts that will be included into final list of related posts. |
weight | no | The plugin compares title, description, keywords, tags, categories and text. You can adjust each component value in final estimate by increasing/descreasing corresponding value. | |
weight.title | no | 0.05 | Weight for post's title. |
weight.description | no | 0.05 | Weight for post's description. |
weight.keywords | no | 0.01 | Weight for post's keywords. |
weight.tags | no | 0.005 | Weight for post's tags. |
weight.categories | no | 0.005 | Weight for post's categories. |
weight.text | no | 1 | Weight for post's content. |
stemmers | no | [en, ru] | Before final comparision plugin "normailze" the text by clearing symbols from initial text. One of the technique is stemming. This param defines which languages should be used to stem the words. Possible values: nl , en , fr , id , it , jp , no /nb /nn , pt , ru , sv . Check Natural library for more details. |
reserved | no | [] | The array of the reserved words that won't be processed during words normalization. For example, ASP.NET will be splitted into ASP and NET by default. If you want to preserve this, you need to add this to reserved config. |
FAQs
Hexo plugin that generates related posts list with TF/IDF algorithm
We found that hexo-related-posts demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.