
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
legal-markdown-js
Advanced tools
Node.js implementation of LegalMarkdown for processing legal documents with markdown and YAML - Complete feature parity with Ruby version
A Node.js and TypeScript implementation of the original Ruby LegalMarkdown project. Legal Markdown JS processes legal markdown documents with advanced features and PDF/HTML exports.
Process markdown with YAML front matter, conditional clauses
[text]{condition}
, cross-references |reference|
, mixins {{variable}}
,
imports @import
, and generate professional PDFs ready to be shared.
npm install legal-markdown-js
After installation, you'll have access to these commands:
legal-md
- Standard command-line interface with options and flagslegal-md-ui
- Interactive CLI with guided prompts and smart defaultslegal-md-setup
- Configuration setup script for easy environment setuplegal-md-playground
- Local playground server for testing and
explorationLive Playground - Try Legal Markdown JS directly in your browser with live examples and real-time processing.
You can also run the playground locally for offline use or testing:
# Start local playground server (when installed globally)
legal-md-playground
# Or with custom port
legal-md-playground --port=3000
# Or if installed locally in a project
npm run web:serve
The playground provides the same interactive experience as the online version, including real-time processing, syntax highlighting, and example templates.
For the best experience, especially if you're new to Legal Markdown JS, run the setup script to configure your environment:
# Configure paths and directories (when installed globally)
legal-md-setup
# Or if installed locally in a project
npm run setup-config
This creates a personalized configuration file that the tool will automatically find and use.
# Basic document processing
legal-md input.md output.md
# Generate PDF with highlighting
legal-md document.md --pdf --highlight
# Process with custom CSS and archive source
legal-md document.md --html --css styles.css --archive-source
# Archive to custom directory
legal-md document.md --archive-source ./processed
For a guided, user-friendly experience, use the interactive CLI:
# Launch interactive mode
legal-md-ui
The interactive CLI provides:
.md
, .markdown
, .rst
, .tex
, .latex
, .txt
)import {
processLegalMarkdown,
processLegalMarkdownAsync,
} from 'legal-markdown-js';
// Synchronous processing
const result = processLegalMarkdown(content, {
basePath: './documents',
exportMetadata: true,
exportFormat: 'json',
});
// Asynchronous processing with remark pipeline (recommended)
const asyncResult = await processLegalMarkdownAsync(content, {
basePath: './documents',
exportMetadata: true,
exportFormat: 'json',
enableFieldTracking: true,
});
console.log(asyncResult.content);
console.log(asyncResult.metadata);
console.log(asyncResult.fieldReport); // Enhanced field tracking
All original Legal Markdown features are fully implemented:
l.
, ll.
,
lll.
)[text]{condition}
)|reference|
) syntax@import
)Additional features available only in the Node.js version:
{{variable}}
syntax{{#items}}...{{/items}}
syntaxLegal Markdown JS features a completely rewritten processing pipeline that provides:
The new pipeline ensures correct processing order to prevent conflicts:
// Use the remark-based async API for best performance
const result = await processLegalMarkdownAsync(content, options);
// Comprehensive error handling and validation
// Full remark-based processing for all documents
# Run all tests
npm test
# Run specific test types
npm run test:unit
npm run test:integration
npm run test:e2e
# Run with coverage
npm run test:coverage
Legal Markdown JS supports environment-based configuration for customizing file paths and directories.
For easy configuration setup, especially for non-technical users:
# Run the setup script (when installed globally)
legal-md-setup
# Or if installed locally in a project
npm run setup-config
This script will:
~/.config/legal-markdown-js/
If you prefer manual setup, create a .env
file in one of these locations (in
order of precedence):
./.env
~/.env
~/.config/legal-markdown-js/.env
# Copy the example configuration
cp .env.example .env
# Edit the configuration
nano .env
# Custom asset organization
IMAGES_DIR=assets/media
STYLES_DIR=assets/css
# Separate project structure
DEFAULT_INPUT_DIR=documents/source
DEFAULT_OUTPUT_DIR=documents/generated
ARCHIVE_DIR=documents/archive
# Absolute paths (useful for CI/CD)
IMAGES_DIR=/var/lib/legal-markdown/images
DEFAULT_OUTPUT_DIR=/var/lib/legal-markdown/output
ARCHIVE_DIR=/var/lib/legal-markdown/archive
import { PATHS, RESOLVED_PATHS } from 'legal-markdown-js';
// Access configured paths
console.log(PATHS.STYLES_DIR); // Relative path from .env
console.log(RESOLVED_PATHS.STYLES_DIR); // Absolute resolved path
We welcome contributions! Please see our Contributing Guide for:
git checkout -b feature/amazing-feature
)npm test
)MIT License - see LICENSE file for details.
FAQs
Node.js implementation of LegalMarkdown for processing legal documents with markdown and YAML - Complete feature parity with Ruby version
The npm package legal-markdown-js receives a total of 64 weekly downloads. As such, legal-markdown-js popularity was classified as not popular.
We found that legal-markdown-js demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.