Research
Security News
Malicious PyPI Package ‘pycord-self’ Targets Discord Developers with Token Theft and Backdoor Exploit
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
The slugify npm package is designed to convert strings into URL-friendly slugs. This is particularly useful for creating readable and SEO-friendly URLs from titles, names, or any text that may contain special characters, spaces, or uppercase letters. Slugify simplifies the process of generating slugs by replacing spaces and special characters with hyphens or other user-defined characters, making strings safe for URLs.
Basic slugification
This feature demonstrates the basic usage of slugify to convert a string into a lowercase slug, replacing spaces and special characters with hyphens.
"use strict"; const slugify = require('slugify'); const title = 'Some Article Title!'; const slug = slugify(title); console.log(slug); // Output: 'some-article-title'
Custom replacement character
This feature shows how to use a custom replacement character (in this case, an underscore) instead of the default hyphen.
"use strict"; const slugify = require('slugify'); const title = 'Some Article Title!'; const slug = slugify(title, '_'); console.log(slug); // Output: 'some_article_title'
Locale-specific slugification
This feature illustrates the ability to handle locale-specific characters appropriately, converting them based on the specified locale.
"use strict"; const slugify = require('slugify'); const title = 'I ♥ Dogs'; const slug = slugify(title, { locale: 'de' }); console.log(slug); // Output: 'i-liebe-dogs'
Removing characters not allowed in URLs
This feature demonstrates the removal of specific characters not allowed or desired in the final slug, using a regular expression.
"use strict"; const slugify = require('slugify'); const title = 'New! Improved! Slugify!'; const slug = slugify(title, { remove: /[!]/g }); console.log(slug); // Output: 'new-improved-slugify'
SpeakingURL is a package similar to slugify that generates human-readable, SEO-friendly URLs. It offers extensive language support and customization options, making it a strong alternative. However, slugify tends to be simpler to use for basic slugification needs.
Limax is another alternative that focuses on creating slugs from strings with support for multiple languages, including Chinese, Japanese, and Korean. It provides more extensive language support compared to slugify but might be more complex for simple use cases.
url-slug is a package that offers similar functionality to slugify, allowing for customizable and URL-friendly string transformation. It differs in its API and customization options, providing a different approach to slug generation that some users might prefer.
var slugify = require('slugify')
slugify('some string') // some-string
// if you prefer something other than '-' as separator
slugify('some string', '_') // some_string
slugify('some string', {
replacement: '-', // replace spaces with replacement character, defaults to `-`
remove: undefined, // remove characters that match regex, defaults to `undefined`
lower: false, // convert to lower case, defaults to `false`
strict: false, // strip special characters except replacement, defaults to `false`
locale: 'vi', // language code of the locale to use
trim: true // trim leading and trailing replacement chars, defaults to `true`
})
For example, to remove *+~.()'"!:@
from the result slug, you can use slugify('..', {remove: /[*+~.()'"!:@]/g})
.
remove
is a regular expression, it should be a
character class
and only a character class. It should also use the
global flag.
(For example: /[*+~.()'"!:@]/g
.) Otherwise, the remove
option might not
work as expected.remove
is a string, it should be a single character.
Otherwise, the remove
option might not work as expected.The main charmap.json
file contains all known characters and their transliteration. All new characters should be added there first. In case you stumble upon a character already set in charmap.json
, but not transliterated correctly according to your language, then you have to add those characters in locales.json
to override the already existing transliteration in charmap.json
, but for your locale only.
You can get the correct language code of your language from here.
Out of the box slugify
comes with support for a handful of Unicode symbols. For example the ☢
(radioactive) symbol is not defined in the charMap
and therefore it will be stripped by default:
slugify('unicode ♥ is ☢') // unicode-love-is
However you can extend the supported symbols, or override the existing ones with your own:
slugify.extend({'☢': 'radioactive'})
slugify('unicode ♥ is ☢') // unicode-love-is-radioactive
Keep in mind that the extend
method extends/overrides the default charMap
for the entire process. In case you need a fresh instance of the slugify's charMap
object you have to clean up the module cache first:
delete require.cache[require.resolve('slugify')]
var slugify = require('slugify')
charmap.json
npm test
index.js
and will sort the charmap.json
Originally this was a vanilla javascript port of node-slug.
Note that the original slug module has been ported to vanilla javascript too.
FAQs
Slugifies a String
The npm package slugify receives a total of 3,422,287 weekly downloads. As such, slugify popularity was classified as popular.
We found that slugify demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.
Security News
Snyk's use of malicious npm packages for research raises ethical concerns, highlighting risks in public deployment, data exfiltration, and unauthorized testing.