Security News
PyPI Introduces Digital Attestations to Strengthen Python Package Security
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Lightning fast server-side rendering with tagged template literals
A tiny library that enables lightning fast server-side rendering with hyperx-like libraries such as bel
, yo-yo
and choo/html
. It replaces the tag function of those libraries and just renders string without creating intermediate objects.
npm install pelo
ssr.js
: Call pelo.replace(moduleId)
before you require any view module, bel
in this case.
const pelo = require('pelo')
pelo.replace('bel')
const view = require('./view')
const renderedString = view('pelo').toString()
view.js
: You don't need to change your view files at all. You can use them for client-side rendering and server-side rendering.
const html = require('bel')
module.exports = function helloView(name) {
return html`<p>Hello, ${name}</p>`
}
Rendering a simple view 10,000 times:
node benchmark.js
tag | time (ms) |
---|---|
pelo | 193.871 |
bel | 2522.082 |
Server-side rendering with modern JavaScript frameworks is slow. In general, they focus on the client-side, and generate virtual/real DOMs for efficient DOM updates from templates. However, this approach is a bit overkill when we focus on server-side rendering. Because the templates already look like HTML, it should be faster if they directly render HTML strings without creating intermediate object representations.
With bel
, we can write HTML with tagged template literals and use them to create declarative views on browser. If we can use the same template also for directly generating HTML string on server-side, it will be a huge win.
Thanks @yoshuawuyts for lots of advice!
FAQs
Lightning fast server-side rendering with tagged template literals
The npm package pelo receives a total of 97 weekly downloads. As such, pelo popularity was classified as not popular.
We found that pelo demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI now supports digital attestations, enhancing security and trust by allowing package maintainers to verify the authenticity of Python packages.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.