Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
pug-parser
Advanced tools
The pug parser (takes an array of tokens and converts it to an abstract syntax tree)
The pug-parser npm package is a parser for the Pug templating language. It takes a Pug template and converts it into an Abstract Syntax Tree (AST) that can be further processed or transformed. This is useful for tasks such as template compilation, syntax analysis, and code generation.
Parsing Pug Templates
This feature allows you to parse a Pug template into an Abstract Syntax Tree (AST). The code sample demonstrates how to use the pug-parser along with pug-lexer to convert a simple Pug template into its AST representation.
const pugParser = require('pug-parser');
const lex = require('pug-lexer');
const template = 'p Hello, World!';
const tokens = lex(template);
const ast = pugParser(tokens);
console.log(JSON.stringify(ast, null, 2));
Custom AST Transformations
This feature allows you to perform custom transformations on the AST generated from a Pug template. The code sample shows how to add a class attribute to all 'p' tags in the AST.
const pugParser = require('pug-parser');
const lex = require('pug-lexer');
const template = 'p Hello, World!';
const tokens = lex(template);
let ast = pugParser(tokens);
// Custom transformation: Add a class to all 'p' tags
function transformAST(node) {
if (node.type === 'Tag' && node.name === 'p') {
node.attrs.push({ name: 'class', val: 'greeting', mustEscape: true });
}
if (node.block) {
node.block.nodes.forEach(transformAST);
}
}
transformAST(ast);
console.log(JSON.stringify(ast, null, 2));
The 'pug' package is the main package for the Pug templating language. It includes both the parser and the compiler, allowing you to convert Pug templates directly into HTML. Unlike pug-parser, which only handles parsing, the 'pug' package provides a complete solution for working with Pug templates.
The 'jade' package is the former name of the Pug templating language. It provides similar functionality to the 'pug' package, including parsing and compiling templates. However, it has been deprecated in favor of 'pug'.
The 'ejs' package is another templating language for JavaScript. It allows you to embed JavaScript code within your templates. While it does not use the same syntax as Pug, it provides similar functionality for generating HTML from templates.
The pug parser (takes an array of tokens and converts it to an abstract syntax tree)
npm install pug-parser
var parse = require('pug-parser');
parse(tokens, options)
Convert Pug tokens to an abstract syntax tree (AST).
options
can contain the following properties:
filename
(string): The name of the Pug file; it is included in the produced AST nodes and error handling, if provided.plugins
(array): An array of plugins, in the order they should be applied.src
(string): The source of the Pug file; it is used in error handling if provided.var lex = require('pug-lexer');
var filename = 'my-file.pug';
var src = 'div(data-foo="bar")';
var tokens = lex(src, {filename});
var ast = parse(tokens, {filename, src});
console.log(JSON.stringify(ast, null, ' '))
{
"type": "Block",
"nodes": [
{
"type": "Tag",
"name": "div",
"selfClosing": false,
"block": {
"type": "Block",
"nodes": [],
"line": 1,
"filename": "my-file.pug"
},
"attrs": [
{
"name": "data-foo",
"val": "\"bar\"",
"line": 1,
"column": 5,
"filename": "my-file.pug",
"mustEscape": true
}
],
"attributeBlocks": [],
"isInline": false,
"line": 1,
"column": 1,
"filename": "my-file.pug"
}
],
"line": 0,
"filename": "my-file.pug"
}
new parse.Parser(tokens, options)
Constructor for a Parser class. This is not meant to be used directly unless you know what you are doing.
options
may contain the following properties:
filename
(string): The name of the Pug file; it is included in the produced AST nodes and error handling, if provided.plugins
(array): An array of plugins, in the order they should be applied.src
(string): The source of the Pug file; it is used in error handling if provided.MIT
FAQs
The pug parser (takes an array of tokens and converts it to an abstract syntax tree)
The npm package pug-parser receives a total of 885,829 weekly downloads. As such, pug-parser popularity was classified as popular.
We found that pug-parser demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.