Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

remark-validate-links

Package Overview
Dependencies
Maintainers
2
Versions
35
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

remark-validate-links

remark plugin to validate links to headings and files

  • 12.1.1
  • Source
  • npm
  • Socket score

Version published
Maintainers
2
Created
Source

Build Coverage Downloads Size Sponsors Backers Chat

remark plugin to check that markdown links and images point to existing local files and headings in a Git repo.

For example, this document does not have a heading named Hello. So if we’d link to it ([welcome](#hello)), we’d get a warning. Links to headings in other markdown documents (examples/foo.md#hello) and links to files (license or index.js) are also checked.

Contents

What is this?

This package is a unified (remark) plugin to check local links in a Git repo.

unified is a project that transforms content with abstract syntax trees (ASTs). remark adds support for markdown to unified. mdast is the markdown AST that remark uses. This is a remark plugin that inspects mdast.

When should I use this?

This project is useful if you have a Git repo, such as this one, with docs in markdown and links to headings and other files, and want to check whether they’re correct. Compared to other links checkers, this project can work offline (making it fast en prone to fewer false positives), and is specifically made for local links in Git repos. This plugin does not check external URLs (see remark-lint-no-dead-urls) or undefined references (see remark-lint-no-undefined-references).

Install

This package is ESM only. In Node.js (version 14.14+, or 16.0+), install with npm:

npm install remark-validate-links

In Deno with esm.sh:

import remarkValidateLinks from 'https://esm.sh/remark-validate-links@11'

In browsers with esm.sh:

<script type="module">
  import remarkValidateLinks from 'https://esm.sh/remark-validate-links@11?bundle'
</script>

Use

Say we have the following file, example.md:

# Alpha

Links are checked:

This [exists](#alpha).
This [one does not](#does-not).

# Bravo

Headings in `readme.md` are [checked](readme.md#no-such-heading).
And [missing files are reported](missing-example.js).

Definitions are also checked:

[alpha]: #alpha
[charlie]: #charlie

References w/o definitions are not checked: [delta]

And a module, example.js:

import {read} from 'to-vfile'
import {remark} from 'remark'
import remarkValidateLinks from 'remark-validate-links'

main()

async function main() {
  const file = await remark()
    .use(remarkValidateLinks)
    .process(await read('example.md'))

  console.log(reporter(file))
}

Now, running node example yields:

example.md
    6:6-6:31  warning  Link to unknown heading: `does-not`         missing-heading  remark-validate-links
  11:5-11:53  warning  Link to unknown file: `missing-example.js`  missing-file     remark-validate-links
  16:1-16:20  warning  Link to unknown heading: `charlie`          missing-heading  remark-validate-links

⚠ 3 warnings

(Note that readme.md#no-such-heading is not warned about, because the API does not check headings in other Markdown files).

API

This package exports no identifiers. The default export is remarkValidateLinks.

Check that markdown links and images point to existing local files and headings in a Git repo.

⚠️ Important: The API in Node.js checks links to headings and files but does not check whether headings in other files exist. The API in browsers only checks links to headings in the same file. The CLI can check everything.

options

Typically, you don’t need to configure remark-validate-links, as it detects local Git repositories.

options.repository

URL to hosted Git (string? or false). If repository is nullish, the Git origin remote is detected. If the repository resolves to something npm understands as a Git host such as GitHub, GitLab, or Bitbucket, then full URLs to that host (say, https://github.com/remarkjs/remark-validate-links/readme.md#install) can also be checked. If you’re not in a Git repository, you must pass repository: false explicitly.

options.root

A root (string?) can also be passed, referencing the local Git root directory (the folder that contains .git). If both root and repository are nullish, the Git root is detected. If root is not given but repository is, file.cwd is used.

options.urlConfig

If your project is hosted on github.com, gitlab.com, or bitbucket.org, this plugin can automatically detect the url configuration. Otherwise, use urlConfig to specify this manually. For this repository (remarkjs/remark-validate-links on GitHub) urlConfig looks as follows:

{
  // Domain of URLs:
  hostname: 'github.com',
  // Path prefix before files:
  prefix: '/remarkjs/remark-validate-links/blob/',
  // Prefix of headings:
  headingPrefix: '#',
  // Hash to top of markdown documents:
  topAnchor: '#readme',
  // Whether lines in files can be linked:
  lines: true
}

If this project were hosted on Bitbucket, it would be:

{
  hostname: 'bitbucket.org',
  prefix: '/remarkjs/remark-validate-links/src/',
  headingPrefix: '#markdown-header-',
  lines: false
}

Examples

Example: CLI

It’s recommended to use remark-validate-links on the CLI with remark-cli. Install both with npm:

npm install remark-cli remark-validate-links --save-dev

Let’s say we have a readme.md (this current document) and an example.md with the following text:

# Hello

Read more [whoops, this does not exist](#world).

This doesn’t exist either [whoops!](readme.md#foo).

But this does exist: [license](license).

So does this: [readme](readme.md#install).

Now, running ./node_modules/.bin/remark --use remark-validate-links . yields:

example.md
  3:11-3:48  warning  Link to unknown heading: `world`               missing-heading          remark-validate-links
  5:27-5:51  warning  Link to unknown heading in `readme.md`: `foo`  missing-heading-in-file  remark-validate-links

readme.md: no issues found

⚠ 2 warnings

Example: CLI in npm scripts

You can use remark-validate-links and remark-cli in an npm script to check and format markdown in your project. Install both with npm:

npm install remark-cli remark-validate-links --save-dev

Then, add a format script and configuration to package.json:

{
  // …
  "scripts": {
    // …
    "format": "remark . --quiet --frail --output",
    // …
  },
  "remarkConfig": {
    "plugins": [
      "remark-validate-links"
    ]
  },
  // …
}

💡 Tip: Add other tools such as prettier or ESLint to check and format other files.

💡 Tip: Run ./node_modules/.bin/remark --help for help with remark-cli.

Now you check and format markdown in your project with:

npm run format

Integration

remark-validate-links can detect anchors on nodes through several properties on nodes:

  • node.data.hProperties.name — Used by mdast-util-to-hast to create a name attribute, which anchors can link to
  • node.data.hProperties.id — Used by mdast-util-to-hast to create an id attribute, which anchors can link to
  • node.data.id — Used potentially in the future by other tools to signal unique identifiers on nodes

Types

This package is fully typed with TypeScript. It exports an Options type, which specifies the interface of the accepted options, and an UrlConfig type, which specifies the interface of its corresponding option.

Compatibility

Projects maintained by the unified collective are compatible with all maintained versions of Node.js. As of now, that is Node.js 14.14+, and 16.0+. Our projects sometimes work with older versions, but this is not guaranteed.

This plugin works with unified version 6+, remark version 7+, and remark-cli version 8+.

Security

remark-validate-links, in Node, accesses the file system based on user content, and this may be dangerous. In Node git remote and git rev-parse also runs for processed files.

The tree is not modified, so there are no openings for cross-site scripting (XSS) attacks.

Contribute

See contributing.md in remarkjs/.github for ways to get started. See support.md for ways to get help.

This project has a code of conduct. By interacting with this repository, organization, or community you agree to abide by its terms.

License

MIT © Titus Wormer

Keywords

FAQs

Package last updated on 01 May 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc