Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
mustache-prestatic
Advanced tools
Node.js module that turns mustache files, partials and data into static HTML pages. Making mustache.js usable through a simple CLI and JavaScript API by allowing multiple files as input. mustache-prestatic automatically maps the passed partial files to their file names and populates the template files from passed data files with the same name.
npm install mustache-prestatic --save-dev
This will take all files in the 'views', 'data' and 'partials' directories and use those together to write HTML files to the 'dist' directory.:
mustache-prestatic ./views/* --data ./data/* --partials ./partials/* --output dist
const mustachePrestatic = require('mustache-prestatic');
const templateFiles = ['views/blog.mustache', 'views/home.mustache'];
const dataFiles = ['data/home.json'];
const partialFiles = ['partials/article.mustache', 'partials/header.mustache'];
mustachePrestatic(templateFiles, dataFiles, partialFiles)
.then(console.log);
Usage: mustache-prestatic templateFiles [options]
Compile pages of static HTML from mustache templates, data and partials.
Options:
--help, -h Show help text.
--version, -v Show version number.
--data, -d Input mustache template data files.
--partials, -p Input mustache partial files.
--output, -o Output directory, defaults to current directory.
--verbose Log extra information about the process to stdout.
Compile HTML from provided mustache files.
Type: Array
The files that contain the mustache templates, or often called views.
Type: Array
The files that contain the mustache template data, this data will populate the template files.
Type: Array
The files that contain the mustache partials, these are re-usable parts of views that get included.
FAQs
Compile pages of static HTML based on partials, views and data.
The npm package mustache-prestatic receives a total of 1 weekly downloads. As such, mustache-prestatic popularity was classified as not popular.
We found that mustache-prestatic demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.