Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Utilities for Hexo.
$ npm install hexo-util --save
var util = require('hexo-util');
Caches contents piped to the stream.
var stream = new CacheStream();
fs.createReadStream('/path/to/file').pipe(stream);
stream.on('finish', function(){
// Read cache piped to the stream
console.log(stream.getCache());
// Destroy cache
stream.destroy();
});
Convert object keys to camelCase. Original keys will be converted to getter/setter and sync to the camelCase keys.
camelCaseKeys({
foo_bar: 'test'
});
// { fooBar: 'test', foo_bar: 'test' }
Escapes special characters in a regular expression.
Escapes diacritic characters in a string.
Escapes HTML entities in a string.
Generates SHA1 hash.
hash('123456');
// <Buffer 7c 4a 8d 09 ca 37 62 af 61 e5 95 20 94 3d c2 64 94 f8 94 1b>
[deprecated] use createSha1Hash()
.
Generates SHA1 hash with a transform stream.
var stream = new HashStream();
fs.createReadStream('/path/to/file')
.pipe(stream)
.on('finish', function(){
console.log(stream.read());
});
return SHA1 hash object.
This is the same as calling createHash('utf8')
in the node.js native module crypto.
const sha1 = createSha1Hash();
fs.createReadStream('/path/to/file')
.pipe(sha1)
.on('finish', () => {
console.log(sha1.read());
});
Syntax highlighting for a code block.
Option | Description | Default |
---|---|---|
gutter | Whether to show line numbers | true |
wrap | Whether to wrap the code block | true |
firstLine | First line number | 1 |
hljs | Whether to use the hljs-* prefix for CSS classes | false |
lang | Language | |
caption | Caption | |
tab | Replace tabs | |
autoDetect | Detect language automatically | false |
Creates a html tag.
htmlTag('img', {src: 'example.png'})
// <img src="example.png">
htmlTag('a', {href: 'http://hexo.io/'}, 'Hexo')
// <a href="http://hexo.io/">Hexo</a>
Parses the string and tests if the string matches the rule. rule
can be a string, a regular expression or a function.
var pattern = new Pattern('posts/:id');
pattern.match('posts/89');
// {0: 'posts/89', 1: '89', id: '89'}
var pattern = new Pattern('posts/*path');
pattern.match('posts/2013/hello-world');
// {0: 'posts/2013/hello-world', 1: '2013/hello-world', path: '2013/hello-world'}
Parses a permalink.
Option | Description |
---|---|
segments | Customize the rule of a segment in the permalink |
var permalink = new Permalink(':year/:month/:day/:title', {
segments: {
year: /(\d{4})/,
month: /(\d{2})/,
day: /(\d{2})/
}
});
permalink.parse('2014/01/31/test');
// {year: '2014', month: '01', day: '31', title: 'test'}
permalink.test('2014/01/31/test');
// true
permalink.stringify({year: '2014', month: '01', day: '31', title: 'test'})
// 2014/01/31/test
Transforms a string into a clean URL-friendly string.
Option | Description | Default |
---|---|---|
separator | Separator | - |
transform | Transform the string into lower case (1 ) or upper case (2 ) |
slugize('Hello World') = 'Hello-World'
slugize('Hellô Wòrld') = 'Hello-World'
slugize('Hello World', {separator: '_'}) = 'Hello_World'
slugize('Hello World', {transform: 1}) = 'hello-world'
slugize('Hello World', {transform: 2}) = 'HELLO-WORLD'
Launches a new process with the given command
. This method returns a promise.
Option | Description | Default |
---|---|---|
cwd | Current working directory of the child process | |
env | Environment key-value pairs | |
stdio | Child's stdio configuration | |
detached | The child will be a process group leader | |
uid | Sets the user identity of the process | |
gid | Sets the group identity of the process | |
verbose | Display messages on the console | false |
encoding | Sets the encoding of the output string | utf8 |
spawn('cat', 'test.txt').then(function(content){
console.log(content);
});
Removes HTML tags in a string.
Wraps the string no longer than line width. This method breaks on the first whitespace character that does not exceed line width.
Option | Description | Default |
---|---|---|
width | Line width | 80 |
wordWrap('Once upon a time')
// Once upon a time
wordWrap('Once upon a time, in a kingdom called Far Far Away, a king fell ill, and finding a successor to the throne turned out to be more trouble than anyone could have imagined...')
// Once upon a time, in a kingdom called Far Far Away, a king fell ill, and finding\na successor to the throne turned out to be more trouble than anyone could have\nimagined...
wordWrap('Once upon a time', {width: 8})
// Once\nupon a\ntime
wordWrap('Once upon a time', {width: 1})
// Once\nupon\na\ntime
Truncates a given text after a given length
if text is longer than length
. The last characters will be replaced with the omission
option for a total length not exceeding length
.
Option | Description | Default |
---|---|---|
length | Max length of the string | 30 |
omission | Omission text | ... |
separator | truncate text at a natural break |
truncate('Once upon a time in a world far far away')
// "Once upon a time in a world..."
truncate('Once upon a time in a world far far away', {length: 17})
// "Once upon a ti..."
truncate('Once upon a time in a world far far away', {length: 17, separator: ' '})
// "Once upon a..."
truncate('And they found that many people were sleeping better.', {length: 25, omission: '... (continued)'})
// "And they f... (continued)"
MIT
FAQs
Utilities for Hexo.
The npm package hexo-util receives a total of 33,054 weekly downloads. As such, hexo-util popularity was classified as popular.
We found that hexo-util demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.