Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
The marked npm package is a markdown parser and compiler built for speed. It converts markdown syntax to HTML, and it is designed to be as extensible and fast as possible.
Markdown Parsing
This feature allows you to parse markdown text and convert it to HTML. The code sample shows how to use marked to convert a simple markdown string into HTML.
const marked = require('marked');
console.log(marked('# Marked in Node.js\n\nRendered by **marked**.'));
Options Customization
This feature allows you to customize the behavior of the marked parser by setting options such as GitHub Flavored Markdown (GFM), breaks, pedantic, sanitize, smart lists, and smartypants.
const marked = require('marked');
marked.setOptions({
renderer: new marked.Renderer(),
gfm: true,
breaks: false,
pedantic: false,
sanitize: false,
smartLists: true,
smartypants: false
});
console.log(marked('I am using __markdown__.'));
Synchronous Parsing
This feature allows you to parse markdown synchronously, which is useful when you don't need to handle asynchronous operations.
const marked = require('marked');
const html = marked('## Synchronous markdown to HTML');
console.log(html);
Asynchronous Parsing
This feature allows you to parse markdown asynchronously, which can be useful when dealing with file systems or network requests.
const marked = require('marked');
marked('# Asynchronous markdown to HTML', function(err, content) {
if (err) throw err;
console.log(content);
});
Lexer and Parser
This feature exposes the lexer and parser, allowing you to generate tokens from markdown and then parse those tokens into HTML. This can be useful for advanced use-cases where you need to manipulate the tokens before parsing.
const marked = require('marked');
const tokens = marked.lexer('# Lexing markdown');
console.log(tokens);
const html = marked.parser(tokens);
console.log(html);
Remarkable is an npm package that offers similar markdown parsing and rendering capabilities. It provides a full-featured markdown parser and compiler, and it emphasizes extensibility and performance, much like marked.
Showdown is another markdown to HTML converter that can be used both in the browser and on the server. It has a similar feature set to marked but also includes extensions which allow for additional syntax and features beyond the standard markdown.
Markdown-it is a modern markdown parser with a focus on speed and extensibility. It supports the CommonMark specification and has a similar feature set to marked, but it also includes a plugin system for extending its capabilities.
Checkout the demo page to see marked in action ⛹️
Our documentation pages are also rendered using marked 💯
Also read about:
Node.js: Only current and LTS Node.js versions are supported. End of life Node.js versions may become incompatible with Marked at any point in time.
Browser: Not IE11 :)
CLI: npm install -g marked
In-browser: npm install marked
CLI
$ marked -o hello.html
hello world
^D
$ cat hello.html
<p>hello world</p>
Browser
<!doctype html>
<html>
<head>
<meta charset="utf-8"/>
<title>Marked in the browser</title>
</head>
<body>
<div id="content"></div>
<script src="https://cdn.jsdelivr.net/npm/marked/marked.min.js"></script>
<script>
document.getElementById('content').innerHTML =
marked('# Marked in the browser\n\nRendered by **marked**.');
</script>
</body>
</html>
Copyright (c) 2011-2018, Christopher Jeffrey. (MIT License)
FAQs
A markdown parser built for speed
The npm package marked receives a total of 1,866,419 weekly downloads. As such, marked popularity was classified as popular.
We found that marked demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.