Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Showdown is a JavaScript Markdown to HTML converter, based on the original works by John Gruber. It allows you to easily convert Markdown text into HTML, making it useful for web applications, documentation, and other text processing tasks.
Convert Markdown to HTML
This feature allows you to convert Markdown text into HTML. The code sample demonstrates how to create a new Showdown converter instance and use it to convert a Markdown string into HTML.
const showdown = require('showdown');
const converter = new showdown.Converter();
const markdown = '# Hello, Showdown!';
const html = converter.makeHtml(markdown);
console.log(html);
Customize Output
Showdown allows you to customize the output by enabling or disabling various options. The code sample shows how to enable the 'tables' and 'strikethrough' options to enhance the Markdown to HTML conversion.
const showdown = require('showdown');
const converter = new showdown.Converter({ tables: true, strikethrough: true });
const markdown = '~~Strikethrough~~ and a table:
| h1 | h2 |
| --- | --- |
| cell1 | cell2 |';
const html = converter.makeHtml(markdown);
console.log(html);
Extension Support
Showdown supports extensions, allowing you to add custom functionality to the conversion process. The code sample demonstrates how to create a simple extension that converts '@text' into bold HTML text.
const showdown = require('showdown');
showdown.extension('myextension', function() {
return [{
type: 'lang',
regex: /@( ext)/g,
replace: '<strong>$1</strong>'
}];
});
const converter = new showdown.Converter({ extensions: ['myextension'] });
const markdown = 'This is @text.';
const html = converter.makeHtml(markdown);
console.log(html);
Marked is a fast, lightweight Markdown parser and compiler. It is designed for speed and offers a high level of customization. Compared to Showdown, Marked is often preferred for its performance and flexibility in handling large Markdown files.
Markdown-it is a powerful Markdown parser that offers a wide range of features, including plugins and high-speed performance. It is known for its extensibility and ability to handle complex Markdown syntax. Markdown-it provides more advanced features and customization options compared to Showdown.
Remark is a Markdown processor powered by plugins. It is part of the unified collective and offers a highly modular and extensible approach to Markdown processing. Remark is suitable for users who need a highly customizable and plugin-based solution, whereas Showdown is more straightforward and easier to use out of the box.
Showdown is a Javascript Markdown to HTML converter, based on the original works by John Gruber. Showdown can be used client side (in the browser) or server side (with NodeJs).
Check a live Demo here http://demo.showdownjs.com/
As you know, ShowdownJS is a free library and it will remain free forever. However, maintaining and improving the library costs time and money.
If you like our work and find our library useful, please donate through paypal!! Your contribution will be greatly appreciated and help us continue to develop this awesome library.
ShowdownJS v 2.0 is release under the MIT version. Previous versions are release under BSD.
You can download the latest release tarball directly from releases
bower install showdown
npm install showdown
PM> Install-Package showdownjs
The NuGet Packages can be found here.
You can also use one of several CDNs available:
jsDelivr
https://cdn.jsdelivr.net/npm/showdown@<version tag>/dist/showdown.min.js
cdnjs
https://cdnjs.cloudflare.com/ajax/libs/showdown/<version tag>/showdown.min.js
unpkg
https://unpkg.com/showdown/dist/showdown.min.js
Note: replace <version tag>
with an actual full length version you're interested in e.g. 1.9.0
Showdown has been tested successfully with:
In theory, Showdown will work in any browser that supports ECMA 262 3rd Edition (JavaScript 1.5). The converter itself might even work in things that aren't web browsers, like Acrobat. No promises.
Showdown supports node versions in the "Current", "Active" and "Maintenance" phases. Currently this includes Node 12.x, 14.x, 16.x and 17.x. See the [node release roadmap for more details](12.x, 14.x, 16.x, 17.x).
Other versions of node may likely work, but they are not tested regularly.
If you're looking for showdown v<1.0.0, you can find it in the legacy branch.
If you are looking for showdown 1.* you can find it in the [version_1.x][version_1.x] branch.
You can check the full changelog
Check our wiki pages for examples and a more in-depth documentation.
Markdown to HTML
var showdown = require('showdown'),
converter = new showdown.Converter(),
text = '# hello, markdown!',
html = converter.makeHtml(text);
HTML to Markdown
var showdown = require('showdown'),
converter = new showdown.Converter(),
html = '<a href="https://patreon.com/showdownjs">Please Support us!</a>',
md = converter.makeMarkdown(text);
var converter = new showdown.Converter(),
html = converter.makeHtml('# hello, markdown!'),
md = converter.makeMd('<a href="https://patreon.com/showdownjs">Please Support us!</a>');
Both examples should output...
<h1 id="hellomarkdown">hello, markdown!</h1>
[Please Support us!](https://patreon.com/showdownjs)
You can change some of showdown's default behavior through options.
Options can be set:
Setting a "global" option affects all instances of showdown
showdown.setOption('optionKey', 'value');
Setting a "local" option only affects the specified Converter object. Local options can be set:
through the constructor
var converter = new showdown.Converter({optionKey: 'value'});
through the setOption() method
var converter = new showdown.Converter();
converter.setOption('optionKey', 'value');
Showdown provides 2 methods (both local and global) to retrieve previous set options.
// Global
var myOption = showdown.getOption('optionKey');
//Local
var myOption = converter.getOption('optionKey');
// Global
var showdownGlobalOptions = showdown.getOptions();
//Local
var thisConverterSpecificOptions = converter.getOptions();
You can get showdown's default options with:
var defaultOptions = showdown.getDefaultOptions();
omitExtraWLInCodeBlocks: (boolean) [default false] Omit the trailing newline in a code block. Ex:
This:
<code><pre>var foo = 'bar';
</pre></code>
Becomes this:
<code><pre>var foo = 'bar';</pre></code>
noHeaderId: (boolean) [default false] Disable the automatic generation of header ids. Setting to true overrides prefixHeaderId
customizedHeaderId: (boolean) [default false] Use text in curly braces as header id. (since v1.7.0) Example:
## Sample header {real-id} will use real-id as id
ghCompatibleHeaderId: (boolean) [default false] Generate header ids compatible with github style (spaces are replaced with dashes and a bunch of non alphanumeric chars are removed) (since v1.5.5)
prefixHeaderId: (string/boolean) [default false] Add a prefix to the generated header ids.
Passing a string will prefix that string to the header id. Setting to true
will add a generic 'section' prefix.
rawPrefixHeaderId: (boolean) [default false] Setting this option to true will prevent showdown from modifying the prefix. This might result in malformed IDs (if, for instance, the " char is used in the prefix). Has no effect if prefixHeaderId is set to false. (since v 1.7.3)
rawHeaderId: (boolean) [default false] Remove only spaces, ' and " from generated header ids (including prefixes), replacing them with dashes (-). WARNING: This might result in malformed ids (since v1.7.3)
parseImgDimensions: (boolean) [default false] Enable support for setting image dimensions from within markdown syntax. Examples:
![foo](foo.jpg =100x80) simple, assumes units are in px
![bar](bar.jpg =100x*) sets the height to "auto"
![baz](baz.jpg =80%x5em) Image with width of 80% and height of 5em
headerLevelStart: (integer) [default 1] Set the header starting level. For instance, setting this to 3 means that
# foo
will be parsed as
<h3>foo</h3>
simplifiedAutoLink: (boolean) [default false] Turning this option on will enable automatic linking to urls. This means that:
some text www.google.com
will be parsed as
<p>some text <a href="www.google.com">www.google.com</a>
excludeTrailingPunctuationFromURLs: (boolean) [default false] This option excludes trailing punctuation from autolinking urls.
Punctuation excluded: . ! ? ( )
. Only applies if simplifiedAutoLink option is set to true
.
check this link www.google.com!
will be parsed as
<p>check this link <a href="www.google.com">www.google.com</a>!</p>
literalMidWordUnderscores: (boolean) [default false] Turning this on will stop showdown from interpreting
underscores in the middle of words as <em>
and <strong>
and instead treat them as literal underscores.
Example:
some text with__underscores__in middle
will be parsed as
<p>some text with__underscores__in middle</p>
literalMidWordAsterisks: (boolean) [default false] Turning this on will stop showdown from interpreting asterisks
in the middle of words as <em>
and <strong>
and instead treat them as literal asterisks.
Example:
some text with**underscores**in middle
will be parsed as
<p>some text with**underscores**in middle</p>
strikethrough: (boolean) [default false] Enable support for strikethrough syntax.
~~strikethrough~~
as <del>strikethrough</del>
tables: (boolean) [default false] Enable support for tables syntax. Example:
| h1 | h2 | h3 |
|:------|:-------:|--------:|
| 100 | [a][1] | ![b][2] |
| *foo* | **bar** | ~~baz~~ |
See the wiki for more info
tablesHeaderId: (boolean) [default false] If enabled adds an id property to table headers tags.
ghCodeBlocks: (boolean) [default true] Enable support for GFM code block style.
tasklists: (boolean) [default false] Enable support for GFM tasklists. Example:
- [x] This task is done
- [ ] This is still pending
smoothLivePreview: (boolean) [default false] Prevents weird effects in live previews due to incomplete input
smartIndentationFix: (boolean) [default false] Tries to smartly fix indentation problems related to es6 template strings in the midst of indented code.
disableForced4SpacesIndentedSublists: (boolean) [default false] Disables the requirement of indenting sublists by 4 spaces for them to be nested, effectively reverting to the old behavior where 2 or 3 spaces were enough. (since v1.5.0)
simpleLineBreaks: (boolean) [default false] Parses line breaks as <br>
, like GitHub does, without
needing 2 spaces at the end of the line (since v1.5.1)
a line
wrapped in two
turns into:
<p>a line<br>
wrapped in two</p>
requireSpaceBeforeHeadingText: (boolean) [default false] Makes adding a space between #
and the header text mandatory (since v1.5.3)
ghMentions: (boolean) [default false] Enables github @mentions, which link to the username mentioned (since v1.6.0)
ghMentionsLink: (string) [default https://github.com/{u}
] Changes the link generated by @mentions.
Showdown will replace {u}
with the username. Only applies if ghMentions option is enabled.
Example: @tivie
with ghMentionsOption set to //mysite.com/{u}/profile
will result in <a href="//mysite.com/tivie/profile">@tivie</a>
encodeEmails: (boolean) [default true] Enable e-mail addresses encoding through the use of Character Entities, transforming ASCII e-mail addresses into its equivalent decimal entities. (since v1.6.1)
NOTE: Prior to version 1.6.1, emails would always be obfuscated through dec and hex encoding.
openLinksInNewWindow: (boolean) [default false] Open all links in new windows
(by adding the attribute target="_blank"
to <a>
tags) (since v1.7.0)
backslashEscapesHTMLTags: (boolean) [default false] Support for HTML Tag escaping. ex: \<div>foo\</div>
(since v1.7.2)
emoji: (boolean) [default false] Enable emoji support. Ex: this is a :smile: emoji
For more info on available emojis, see https://github.com/showdownjs/showdown/wiki/Emojis (since v.1.8.0)
underline: (boolean) [default false] EXPERIMENTAL FEATURE Enable support for underline.
Syntax is double or triple underscores ex: __underlined word__
. With this option enabled, underscores are no longer parses into <em>
and <strong>
.
ellipsis: (boolean) [default true] Replaces three dots with the ellipsis unicode character.
completeHTMLDocument: (boolean) [default false] Outputs a complete html document,
including <html>
, <head>
and <body>
tags' instead of an HTML fragment. (since v.1.8.5)
metadata: (boolean) [default false] Enable support for document metadata (defined at the top of the document
between «««
and »»»
or between ---
and ---
). (since v.1.8.5)
var conv = new showdown.Converter({metadata: true});
var html = conv.makeHtml(someMd);
var metadata = conv.getMetadata(); // returns an object with the document metadata
splitAdjacentBlockquotes: (boolean) [default false] Split adjacent blockquote blocks.(since v.1.8.6)
NOTE: Please note that until version 1.6.0, all of these options are DISABLED by default in the cli tool.
You can also use flavors or presets to set the correct options automatically, so that showdown behaves like popular markdown flavors.
Currently, the following flavors are available:
showdown.setFlavor('github');
converter.setFlavor('github');
Showdown also comes bundled with a Command Line Interface tool. You can check the CLI wiki page for more info
ShowdownJS project also provides seamlessly integration with AngularJS via a "plugin". Please visit https://github.com/showdownjs/ngShowdown for more information.
If you're using TypeScript you maybe want to use the types from DefinitelyTyped
Integration with SystemJS can be obtained via the third party "system-md" plugin.
To use ShowdownJS as a Vue component quickly, you can check vue-showdown.
Showdown doesn't sanitize the input. This is by design since markdown relies on it to allow certain features to be correctly parsed into HTML. This, however, means XSS injection is quite possible.
Please refer to the wiki article Markdown's XSS Vulnerability (and how to mitigate it) for more information.
Showdown allows additional functionality to be loaded via extensions. (you can find a list of known showdown extensions here) You can also find a boilerplate, to create your own extensions in this repository
<script src="showdown.js"></script>
<script src="twitter-extension.js"></script>
<script>
var converter = new showdown.Converter({ extensions: ['twitter'] });
</script>
var showdown = require('showdown'),
myExtension = require('myExtension'),
converter = new showdown.Converter({ extensions: ['myExtension'] });
A suite of tests is available which require node.js. Once node is installed, run the following command from the project root to install the dependencies:
npm install
Once installed the tests can be run from the project root using:
npm test
New test cases can easily be added. Create a markdown file (ending in .md
) which contains the markdown to test.
Create a .html
file of the exact same name. It will automatically be tested when the tests are executed with mocha
.
If you wish to contribute please read the following quick guide.
You can request a new feature by submitting an issue. If you would like to implement a new feature feel free to issue a Pull Request.
PRs are awesome. However, before you submit your pull request consider the following guidelines:
Search GitHub for an open or closed Pull Request that relates to your submission. You don't want to duplicate effort.
When issuing PRs that change code, make your changes in a new git branch based on master:
git checkout -b my-fix-branch master
Documentation (i.e: README.md) changes can be made directly against master.
Run the full test suite before submitting and make sure all tests pass (obviously =P).
Try to follow our coding style rules. Breaking them prevents the PR to pass the tests.
Refrain from fixing multiple issues in the same pull request. It's preferable to open multiple small PRs instead of one hard to review big one.
If the PR introduces a new feature or fixes an issue, please add the appropriate test case.
We use commit notes to generate the changelog. It's extremely helpful if your commit messages adhere to the AngularJS Git Commit Guidelines.
If we suggest changes then:
git rebase master -i
git push origin my-fix-branch -f
After your pull request is merged, you can safely delete your branch.
If you have time to contribute to this project, we feel obliged that you get credit for it. These rules enable us to review your PR faster and will give you appropriate credit in your GitHub profile. We thank you in advance for your contribution!
We're looking for members to help maintaining Showdown. Please see this issue to express interest or comment on this note.
Full credit list at https://github.com/showdownjs/showdown/blob/master/CREDITS.md
2.1.0 (2022-04-21)
-c
flag. To update:before:
showdown makehtml -i foo.md -o bar.html --strikethrough --emoji
after:
showdown makehtml -i foo.md -o bar.html -c strikethrough -c emoji
<a name="2.0.0"></a>
yargs
dependecy was updated to ^17.2.1
to mitigate a security issue.ellipsis
option to configure if the ellipsis unicode character is used or not. ( Thanks @VladimirV99 )<a name="1.9.1"></a>
FAQs
A Markdown to HTML converter written in Javascript
The npm package showdown receives a total of 664,839 weekly downloads. As such, showdown popularity was classified as popular.
We found that showdown demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.