Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
metalsmith-cloudinary
Advanced tools
A metalsmith plugin for retrieving data from the cloudinary api.
A metalsmith plugin for retrieving data from the Cloudinary api
Cloudinary is a CDN that allows you to upload images and apply transformations when retrieving them. This is immensely useful when working with responsive images, because now you no longer have to process images during your build process.
Just add parameters to your images' url, and Cloudinary will supply the image at the correct dimensions via their CDN. I recommend cloudinate to automate the uploading of your images to Cloudinary. That being said, Cloudinary accepts all kinds of files, so this plugin and cloudinate can of course be used for all kinds of other purposes as well.
For support questions please use stack overflow or our slack channel. For questions about Cloudinary try the aforementioned channels, as well as their documentation. Specifically the list resources part of the admin api, which is what this plugin provides access to.
$ npm install metalsmith-cloudinary
Configuration in metalsmith.json
:
{
"plugins": {
"metalsmith-cloudinary": {
"cloud_name": "your_cloud_name_here",
"api_key": "your_api_key_here",
"api_secret": "your_api_secret_here",
}
}
}
metalsmith-cloudinary will query the Cloudinary api and store the results in the global metadata under cloudinary
, indexed by your assets' public_id
. The contents will of course differ depending on what you've uploaded, but will resemble:
// images/1 is the public_id
'images/1': {
"format": "jpg",
"version": 1333013579,
"resource_type": "image",
"type": "upload",
"created_at": "2012-03-29T09:32:59Z",
"bytes": 128891,
"width": 283,
"height": 424,
"url": "http://res.cloudinary.com/demo/image/upload/v1333013579/1.jpg",
"secure_url": "https://res.cloudinary.com/demo/image/upload/v1333013579/1.jpg"
},
// images/2 is the public_id
'images/2': {
"format": "jpg",
"version": 1333013579,
"resource_type": "image",
"type": "upload",
"created_at": "2012-03-29T09:32:59Z",
"bytes": 128891,
"width": 283,
"height": 424,
"url": "http://res.cloudinary.com/demo/image/upload/v1333013579/2.jpg",
"secure_url": "https://res.cloudinary.com/demo/image/upload/v1333013579/2.jpg"
},
Which means that in your templates you could use (with something like swig and metalsmith-in-place):
{{ cloudinary['images/1'].secure_url }}
{{! would be rendered to: https://res.cloudinary.com/demo/image/upload/v1333013579/1.jpg }}
You can pass options to metalsmith-cloudinary
with the Javascript API or CLI. The options are:
Your Cloudinary API credentials. So this metalsmith.json
:
{
"plugins": {
"metalsmith-cloudinary": {
"cloud_name": "your_cloud_name_here",
"api_key": "your_api_key_here",
"api_secret": "your_api_secret_here",
}
}
}
Would retrieve all files you've uploaded to Cloudinary and store them in your metadata
.
An object of optional parameters to pass to the Cloudinary API. By default the max_results
option is set to the maximum (500). So this metalsmith.json
:
{
"plugins": {
"metalsmith-cloudinary": {
"cloud_name": "your_cloud_name_here",
"api_key": "your_api_key_here",
"api_secret": "your_api_secret_here",
"params": {
"max_results": 10
}
}
}
}
Would retrieve 10 results at maximum and store them in your metadata
.
npm run babel:node6
to build
npm run test
or npm run test:watch
for tests, no global dependencies required
MIT
FAQs
A metalsmith plugin for retrieving data from the cloudinary api.
The npm package metalsmith-cloudinary receives a total of 5 weekly downloads. As such, metalsmith-cloudinary popularity was classified as not popular.
We found that metalsmith-cloudinary demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.