Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
The marked npm package is a markdown parser and compiler built for speed. It converts markdown syntax to HTML, and it is designed to be as extensible and fast as possible.
Markdown Parsing
This feature allows you to parse markdown text and convert it to HTML. The code sample shows how to use marked to convert a simple markdown string into HTML.
const marked = require('marked');
console.log(marked('# Marked in Node.js\n\nRendered by **marked**.'));
Options Customization
This feature allows you to customize the behavior of the marked parser by setting options such as GitHub Flavored Markdown (GFM), breaks, pedantic, sanitize, smart lists, and smartypants.
const marked = require('marked');
marked.setOptions({
renderer: new marked.Renderer(),
gfm: true,
breaks: false,
pedantic: false,
sanitize: false,
smartLists: true,
smartypants: false
});
console.log(marked('I am using __markdown__.'));
Synchronous Parsing
This feature allows you to parse markdown synchronously, which is useful when you don't need to handle asynchronous operations.
const marked = require('marked');
const html = marked('## Synchronous markdown to HTML');
console.log(html);
Asynchronous Parsing
This feature allows you to parse markdown asynchronously, which can be useful when dealing with file systems or network requests.
const marked = require('marked');
marked('# Asynchronous markdown to HTML', function(err, content) {
if (err) throw err;
console.log(content);
});
Lexer and Parser
This feature exposes the lexer and parser, allowing you to generate tokens from markdown and then parse those tokens into HTML. This can be useful for advanced use-cases where you need to manipulate the tokens before parsing.
const marked = require('marked');
const tokens = marked.lexer('# Lexing markdown');
console.log(tokens);
const html = marked.parser(tokens);
console.log(html);
Remarkable is an npm package that offers similar markdown parsing and rendering capabilities. It provides a full-featured markdown parser and compiler, and it emphasizes extensibility and performance, much like marked.
Showdown is another markdown to HTML converter that can be used both in the browser and on the server. It has a similar feature set to marked but also includes extensions which allow for additional syntax and features beyond the standard markdown.
Markdown-it is a modern markdown parser with a focus on speed and extensibility. It supports the CommonMark specification and has a similar feature set to marked, but it also includes a plugin system for extending its capabilities.
A full-featured markdown parser and compiler implemented in ~430 lines of JS.
Built for speed.
$ node test/bench
marked: 6260ms
showdown: 21665ms
markdownjs: 69168ms
The point of marked was to create a markdown compiler where it was possible to frequently parse huge chunks of markdown without having to worry about caching the compiled output somehow...or blocking for an unnecesarily long time.
marked lingers around 430 (may vary) lines long and still implements all markdown features. It is also now fully compatible with the client-side.
$ npm install marked
var marked = require('marked');
console.log(marked('i am using __markdown__.'));
You also have direct access to the lexer and parser if you so desire.
var tokens = marked.lexer(str);
console.log(marked.parser(tokens));
This parser was written in one night, so there's still a lot on the todo list. There may also be some bugs.
I've still just begun to write this. I expect I will be updating it frequently.
FAQs
A markdown parser built for speed
The npm package marked receives a total of 6,338,424 weekly downloads. As such, marked popularity was classified as popular.
We found that marked demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.