Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
mdast-comment-marker
Advanced tools
Readme
mdast utility to parse comment markers.
This package is a utility that tries to parse a structured marker from a comment.
Comments are a hidden part of markdown, so they can be used as processing
instructions.
For example, this utility is used in remark-lint
to control
whether lint rules are turned on or ignored, and by mdast-zone
to replace sections between two markers.
This package is ESM only. In Node.js (version 16+), install with npm:
npm install mdast-comment-marker
In Deno with esm.sh
:
import {commentMarker} from 'https://esm.sh/mdast-comment-marker@3'
In browsers with esm.sh
:
<script type="module">
import {commentMarker} from 'https://esm.sh/mdast-comment-marker@3?bundle'
</script>
import {commentMarker} from 'mdast-comment-marker'
console.log(commentMarker({type: 'html', value: '<!--foo-->'}));
console.log(commentMarker({
type: 'html',
value: '<!--foo bar baz=12.4 qux="test test" quux=\'false\'-->'
}));
console.log(commentMarker({type: 'html', value: '<!doctype html>'}));
// Also supports MDX expressions:
console.log(commentMarker({
type: 'mdxFlowExpression',
value: '/* lint disable heading-style */'
}));
Yields:
{
name: 'foo',
attributes: '',
parameters: {},
node: { type: 'html', value: '<!--foo-->' }
}
{
name: 'foo',
attributes: `bar baz=12.4 qux="test test" quux='false'`,
parameters: { bar: true, baz: 12.4, qux: 'test test', quux: false },
node: {
type: 'html',
value: `<!--foo bar baz=12.4 qux="test test" quux='false'-->`
}
}
undefined
{
name: 'lint',
attributes: 'disable heading-style',
parameters: { disable: true, 'heading-style': true },
node: {
type: 'mdxFlowExpression',
value: '/* lint disable heading-style */'
}
}
This package exports the identifier commentMarker
.
There is no default export.
commentMarker(value)
Parse a comment marker.
value
(unknown
)
— thing to parse, typically Node
Info (Marker
) when applicable or undefined
.
Marker
Comment marker (TypeScript type).
name
(string
)
— name of markerattributes
(string
)
— value after nameparameters
(MarkerParameters
)
— parsed attributesnode
(Node
)
— reference to given nodeMarkerParameters
Parameters (TypeScript type).
type MarkerParameters = Record<string, MarkerParameterValue>
MarkerParameterValue
Value (TypeScript type).
If it looks like a number (to JavaScript), it’s cast as number.
The strings true
and false
are turned into their corresponding
booleans.
The empty string is also considered the true
boolean.
type MarkerParameterValue = number | string | boolean
This package is fully typed with TypeScript.
This package exports the types Marker
,
MarkerParameters
, and
MarkerParameterValue
Projects maintained by the unified collective are compatible with maintained versions of Node.js.
When we cut a new major release, we drop support for unmaintained versions of
Node.
This means we try to keep the current release line, mdast-comment-marker@^3
,
compatible with Node.js 16.
Use of mdast-comment-marker
does not involve hast, user content, or change
the tree, so there are no openings for cross-site scripting (XSS)
attacks.
mdast-zone
— change or replace a section marked by commentsSee contributing.md
in syntax-tree/.github
for
ways to get started.
See support.md
for ways to get help.
This project has a code of conduct. By interacting with this repository, organization, or community you agree to abide by its terms.
FAQs
mdast utility to parse a comment marker
The npm package mdast-comment-marker receives a total of 155,841 weekly downloads. As such, mdast-comment-marker popularity was classified as popular.
We found that mdast-comment-marker demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.