Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
MJML is a markup language designed to reduce the pain of coding responsive emails. It abstracts away the complexity of responsive design by providing a simple syntax that translates into responsive HTML.
Responsive Email Design
MJML allows you to create responsive email designs easily. The above code creates a simple responsive email with a 'Hello World' text.
<mjml>
<mj-body>
<mj-section>
<mj-column>
<mj-text>Hello World</mj-text>
</mj-column>
</mj-section>
</mj-body>
</mjml>
Custom Components
MJML provides a variety of built-in components like buttons, images, and text blocks. The above code demonstrates how to create a button that links to a URL.
<mjml>
<mj-body>
<mj-section>
<mj-column>
<mj-button href="https://www.example.com">Click Me</mj-button>
</mj-column>
</mj-section>
</mj-body>
</mjml>
Conditional Rendering
MJML supports conditional rendering for different email clients. The above code shows how to include content specifically for Microsoft Outlook.
<mjml>
<mj-body>
<mj-raw>
<!--[if mso]>
<mj-section>
<mj-column>
<mj-text>Microsoft Outlook specific content</mj-text>
</mj-column>
</mj-section>
<![endif]-->
</mj-raw>
</mj-body>
</mjml>
Handlebars is a popular templating engine that can be used to create dynamic HTML content, including emails. Unlike MJML, Handlebars does not provide built-in responsive design features, so you would need to handle the CSS and media queries yourself.
Pug (formerly Jade) is another templating engine that can be used to generate HTML. While it is powerful and flexible, it does not offer the same level of abstraction for responsive email design as MJML does.
Nunjucks is a templating engine inspired by Jinja2. It is highly extensible and can be used to generate HTML for emails. However, like Handlebars and Pug, it does not provide built-in support for responsive email design.
| Introduction | Installation | Usage | Contribute |
MJML
is a markup language created by Mailjet and designed to reduce the pain of coding a responsive email. Its semantic syntax makes it easy and straightforward while its rich standard components library fastens your development time and lightens your email codebase. MJML’s open-source engine takes care of translating the MJML
you wrote into responsive HTML.
You can install MJML
with NPM
to use it with NodeJS or the Command Line Interface. If you're not sure what those are, head over to Usage for other ways to use MJML.
npm install mjml
Don't want to install anything? Use the free online editor!
MJML comes with an ecosystem of tools and plugins, check out:
For more tools, check the Community page.
Compiles the file and outputs the HTML generated in
output.html
mjml input.mjml -o output.html
You can pass optional arguments
to the CLI and combine them.
argument | description | default value |
---|---|---|
mjml -m [input] | Migrates a v3 MJML file to the v4 syntax | NA |
mjml [input] -o [output] | Writes the output to [output] | NA |
mjml [input] -s | Writes the output to stdout | NA |
mjml -w [input] | Watches the changes made to [input] (file or folder) | NA |
mjml [input] --config.beautify | Beautifies the output (true or false ) | true |
mjml [input] --config.minify | Minifies the output (true or false ) | false |
See mjml-cli documentation for more information about config options.
import mjml2html from 'mjml'
/*
Compile an mjml string
*/
const htmlOutput = mjml2html(`
<mjml>
<mj-body>
<mj-section>
<mj-column>
<mj-text>
Hello World!
</mj-text>
</mj-column>
</mj-section>
</mj-body>
</mjml>
`, options)
/*
Print the responsive HTML generated and MJML errors if any
*/
console.log(htmlOutput)
You can pass optional options
as an object to the mjml2html
function:
option | unit | description | default value |
---|---|---|---|
fonts | object | Default fonts imported in the HTML rendered by MJML | See in index.js |
keepComments | boolean | Option to keep comments in the HTML output | true |
ignoreIncludes | boolean | Option to ignore mj-includes | false |
beautify | boolean | Option to beautify the HTML output | false |
minify | boolean | Option to minify the HTML output | false |
validationLevel | string | Available values for the validator: 'strict', 'soft', 'skip' | 'soft' |
filePath | string | Path of file, used for relative paths in mj-includes | '.' |
preprocessors | array of functions | Preprocessors applied to the xml before parsing. Input must be xml, not json. Functions must be (xml: string) => string | [] |
juicePreserveTags | Preserve some tags when inlining css, see mjml-cli documentation for more info | NA | |
minifyOptions | Options for html minifier, see mjml-cli documentation for more info | NA | |
mjmlConfigPath | string | The path or directory of the .mjmlconfig file (for custom components use) | process.cwd() |
useMjmlConfigOptions | Allows to use the options attribute from .mjmlconfig file | false |
Note that it's also possible to define preprocessors in your mjmlconfig file. For this, you need to use a .mjmlconfig.js
file. This js file needs to export an Object with the same structure as a standard JSON .mjmlconfig file.
A free-to-use MJML API is available to make it easy to integrate MJML in your application. Head over here to learn more about the API.
MJML wouldn't be as cool without its amazing community. Head over the Community Slack to meet fellow MJML'ers.
FAQs
MJML: the only framework that makes responsive-email easy
The npm package mjml receives a total of 402,492 weekly downloads. As such, mjml popularity was classified as popular.
We found that mjml demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.