Security News
npm Introduces minimumReleaseAge and Bulk OIDC Configuration
npm rolls out a package release cooldown and scalable trusted publishing updates as ecosystem adoption of install safeguards grows.
By Sarah Gooding - Feb 26, 2026
Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details →
strip-markdown
Advanced tools
strip-markdown
remark plugin remove markdown formatting. This essentially removes everything but paragraphs and text nodes.
This is one of the first remark plugins, before prefixing with
remark-got cool.
Note!
This plugin is ready for the new parser in remark
(remarkjs/remark#536).
No change is needed: it works exactly the same now as it did before!
Install
This package is ESM only:
Node 12+ is needed to use it and it must be imported instead of required.
npm:
npm install strip-markdown
Use
import {remark} from 'remark'
import strip from 'strip-markdown'
remark()
.use(strip)
.process('Some *emphasis*, **importance**, and `code`.')
.then((file) => {
console.log(String(file))
})
Yields:
Some emphasis, importance, and code.
API
This package exports no identifiers.
The default export is stripMarkdown.
unified().use(stripMarkdown[, options])
Plugin remove markdown formatting.
- Removes
html(note),code,horizontalRule,table,yaml,toml, and their content - Render everything else as simple paragraphs without formatting
- Uses
alttext for images
Security
Use of strip-markdown does not involve rehype (hast)
or user content so there are no openings for cross-site scripting (XSS)
attacks.
Contribute
See contributing.md in remarkjs/.github for ways
to get started.
See support.md for ways to get help.
This project has a code of conduct. By interacting with this repository, organization, or community you agree to abide by its terms.
License
FAQs
remark plugin to remove markdown formatting
The npm package strip-markdown receives a total of 188,645 weekly downloads. As such, strip-markdown popularity was classified as popular.
We found that strip-markdown demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 04 Aug 2021
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Risky Biz Podcast: Open Source Risk Is Compounding as AI Agents Write 90% of New Code
AI agents are writing more code than ever, and that's creating new supply chain risks. Feross joins the Risky Business Podcast to break down what that means for open source security.
By Sarah Gooding - Feb 24, 2026
Research
/Security News
Four Malicious NuGet Packages Target ASP.NET Developers With JIT Hooking and Credential Exfiltration
Socket uncovered four malicious NuGet packages targeting ASP.NET apps, using a typosquatted dropper and localhost proxy to steal Identity data and backdoor apps.
By Kush Pandya - Feb 23, 2026