Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The mjml-cli package is a command-line interface for MJML, a markup language designed to reduce the pain of coding responsive emails. It allows you to easily convert MJML files into responsive HTML emails.
Convert MJML to HTML
This command converts an MJML file (input.mjml) into an HTML file (output.html).
mjml input.mjml -o output.html
Watch Mode
This command watches the input MJML file for changes and automatically converts it to HTML whenever the file is modified.
mjml -w input.mjml -o output.html
Minify Output
This command converts an MJML file to a minified HTML file, reducing the file size for better performance.
mjml input.mjml -o output.html --config.minify true
Validate MJML
This command validates the MJML file for any syntax errors or warnings.
mjml -v input.mjml
Juice is a package that inlines CSS into HTML for email templates. While it doesn't convert MJML to HTML, it is useful for making sure your CSS is properly inlined for email clients.
Pug-CLI is a command-line interface for compiling Pug templates to HTML. It is similar in that it converts a template language to HTML, but it is not specifically designed for email templates.
Handlebars-CLI is a command-line tool for compiling Handlebars templates. Like MJML-CLI, it converts a template language to HTML, but it is more general-purpose and not focused on email.
We recommend installing and using MJML locally, in a project folder where you'll use MJML:
npm install mjml
In the folder where you installed MJML you can now run:
./node_modules/.bin/mjml input.mjml
To avoid typing ./node_modules/.bin/
, add it to your PATH:
export PATH="$PATH:./node_modules/.bin"
You can now run MJML directly, in that folder:
mjml input.mjml
MJML is written with NodeJS You can download and install the MJML engine from NPM.
In addition to the translation engine, which converts MJML to email HTML, we've bundled a Command Line Interface (CLI) helping you to achieve the basic features it offers and integrate it seamlessly in your development flow.
mjml input.mjml
It will output a HTML file called input.html
.
Input can also be a directory.
$> mjml -m input.mjml -o result.mjml
It will output a MJML file called result.mjml
.
$> mjml -v input.mjml
It will log validation errors. If there are errors, exits with code 1. Otherwise, exits with code 0.
mjml -s input.mjml
# or
mjml --stdout input.mjml
mjml input.mjml -o my-email.html
# or
mjml input.mjml --output my-email.html
You can output the resulting email responsive HTML in a file.
If the output file does not exist it will be created, but output directories must already exist.
If output is a directory, output file(s) will be output/input-file-name.html
mjml -l skip -r input.mjml
Accepted values are
mjml -w input.mjml
# or
mjml --watch input.mjml
If you like live-coding, you might want to use the -w
option that enables you to re-render your file every time you save it.
It can be time-saving when you can just split you screen and see the HTML output modified when you modify your MJML.
Of course, the -w
option can be used with an --output
option too.
mjml input.mjml --config.optionName value
# or
mjml input.mjml -c.optionName value
All the options that can be passed to mjml2html (see general documentation) can be provided. The most common ones are detailed below.
$> mjml input.mjml --config.beautify true --config.minify false
These are the default options.
$> mjml input.mjml --config.minifyOptions='{"minifyCSS": true, "removeEmptyAttributes": false}'
The defaults are "collapseWhitespace": true, "minifyCSS": false, "removeEmptyAttributes": true
See html-minifier documentation for more available options
$> mjml input.mjml --config.juiceOptions='{"preserveImportant": true}'
The defaults are "applyStyleTags": false, "insertPreservedExtraCss": false, "removeStyleTags": false
See juice documentation for more available options
$> mjml input.mjml --config.juicePreserveTags='{"myTag": { "start": "<#", "end": "</#" }}'
When using <mj-style inline="inline">
the css will be inlined using the juice library. As a side effect, juice will convert all tags' attributes into lower case. If you need to preserve some cases (i.e. for a templating lib) you can specify the tags to preserve. With the example above, all tags of the form <# myVar="" >
or </# myVar="" >
will be left untouched. By default juice already ignores <% EJS %>
and {{ HBS }}
tags.
$> mjml ./my-project/input.mjml --config.filePath ./my-partials/
If you like to keep your partials together and you want to be able to mj-include them without having to change the relative path of the includes depending on the compiled file path, you can use this option. In this exemple, <mj-include path="./header.mjml" />
will include ./my-partials/header.mjml
, ignoring the actual path of input.mjml
.
$> mjml input.mjml --config.stack true
FAQs
MJML: the only framework that makes responsive-email easy
The npm package mjml-cli receives a total of 576,912 weekly downloads. As such, mjml-cli popularity was classified as popular.
We found that mjml-cli demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.