Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Langium is a tool for developing domain-specific languages (DSLs) and language servers. It provides a framework for creating custom languages with a focus on language design, parsing, and tooling support.
Language Definition
Langium allows you to define a custom language using a grammar syntax. This code sample demonstrates how to define a simple DSL with a model and elements using Langium's grammar services.
const { createLangiumGrammarServices } = require('langium');
const services = createLangiumGrammarServices();
const grammar = `grammar MyDSL
entry Model:
'model' name=ID '{'
(elements+=Element)*
'}';
Element:
'element' name=ID;`;
services.GrammarParser.parse(grammar);
Language Server
Langium can be used to create a language server that provides IDE features like auto-completion and error checking for your custom language. This code sample shows how to start a language server for a simple DSL.
const { startLanguageServer } = require('langium');
startLanguageServer({
grammar: `grammar MyDSL
entry Model:
'model' name=ID '{'
(elements+=Element)*
'}';
Element:
'element' name=ID;`,
port: 5000
});
ANTLR (Another Tool for Language Recognition) is a powerful parser generator for reading, processing, executing, or translating structured text or binary files. It is similar to Langium in that it allows you to define grammars and generate parsers, but it is more focused on parsing and less on providing language server features.
PEG.js is a simple parser generator for JavaScript that produces fast parsers with excellent error reporting. It is similar to Langium in terms of grammar definition and parsing capabilities, but it does not provide built-in support for language servers or IDE features.
Lezer is a parser system for JavaScript that is designed to be small and fast. It is similar to Langium in that it allows you to define grammars and create parsers, but it is more lightweight and does not include language server capabilities.
Langium is a language engineering tool with built-in support for the Language Server Protocol. It has a simple and direct integration with the VS Code extension API.
More information: 🌍 https://langium.org
Langium offers a Yeoman generator to create a new language extension for VS Code. The only prerequisite for the following terminal commands is NodeJS version 16 or higher.
npm install -g yo generator-langium
yo langium
hello-world
with the extension name you chose).code hello-world
Press F5 to launch the extension in a new Extension Development Host window.
Open a folder, create a file with your chosen file name extension (.hello
is the default), and see that validation and completion (ctrl+space) works:
Follow the instructions in langium-quickstart.md
(in your extension folder) and the documentation on the website to go further.
The core of Langium is a grammar declaration language in which you describe multiple aspects of your language:
Please follow the Langium documentation to learn how to use this language.
Langium features a command line interface (langium-cli) that reads a grammar declaration and generates TypeScript type declarations for the AST and more.
Integration with the Language Server Protocol (LSP) is done with vscode-languageserver. You have full access to the LSP API in Langium, so you can register additional message handlers or extend the protocol in a breeze.
The main code of Langium consists of a set of services that are connected via dependency injection (DI). You can override the default functionality and add your own service classes by specifying a DI module.
The source repository of Langium includes examples that demonstrate different use cases.
FAQs
A language engineering tool for the Language Server Protocol
The npm package langium receives a total of 246,016 weekly downloads. As such, langium popularity was classified as popular.
We found that langium demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.