temper - npm Package Compare versions

Comparing version 0.1.9 to 0.2.0

CHANGELOG.md

 # CHANGELOG
 
+### 0.2
+
+- Upgraded the HTML engine to support basic replace in templates if data is
+  provided.
+- Added useful debug in formation using the `debug` library.
+
 ### 0.1.1
@@ -4,0 +10,0 @@

index.js

 'use strict';
 
-var path = require('path')
+var debug = require('debug')('temper')
+  , path = require('path')
   , fs = require('fs');
@@ -65,5 +66,7 @@
   //
-  this.timers.require = setTimeout(function cleanup() {
+  this.timers['require-'+ engine] = setTimeout(function cleanup() {
+    debug('removing cached engine (%s) to reduce memory', engine);
+
     delete temper.required[engine];
-    delete temper.timers.require;
+    delete temper.timers['require-'+ engine];
   }, 5 * 60 * 1000);
@@ -93,5 +96,7 @@
 
-  this.timers.read = setTimeout(function cleanup() {
+  this.timers['read-'+ file] = setTimeout(function cleanup() {
+    debug('removing cached template (%s) to reduce memory', file);
+
     delete temper.file[file];
-    delete temper.timers.read;
+    delete temper.timers['read-'+ file];
   }, 60 * 1000);
@@ -125,2 +130,4 @@
   if (!this.cache) return compiled;
+
+  debug('caching compiled template (%s)', file);
   return this.compiled[file] = compiled;
@@ -179,3 +186,6 @@ };
   //
-  if (!list) throw new Error('Unknown file extension. '+ extname + ' is not supported');
+  if (!list) {
+    debug('file %s required an template engine that we\'re not supporting', file);
+    throw new Error('Unknown file extension. '+ extname +' is not supported');
+  }
 
@@ -186,3 +196,6 @@ found = list.filter(function filter(engine) {
     try { compiler = temper.require(engine); }
-    catch (e) { return false; }
+    catch (e) {
+      debug('failed to require %s to compile template, searching for another', engine);
+      return false;
+    }
 
@@ -201,2 +214,3 @@ temper.required[engine] = compiler;
   //
+  debug('failed to compile template %s missing template engines %s', file, list.join());
   throw new Error('No compatible template engine installed, please run: npm install --save '+ list[0]);
@@ -297,8 +311,10 @@ };
       //
-      client = (new Function(
-        'return '+ JSON.stringify(template)
+      client = (new Function('data', [
+        Temper.html.toString(),
+        'return html('+ JSON.stringify(template) +', data || {});'
+      ].join('\n')
       )).toString().replace('function anonymous', 'function ' + name);
 
-      server = function render() {
-        return template;
+      server = function render(data) {
+        return Temper.html(template, data || {});
       };
@@ -308,2 +324,4 @@ break;
 
+  debug('compiled template %s using engine %s', filename, engine);
+
   return {
@@ -318,2 +336,20 @@ library: library ? this.read(library) : '',   // Front-end library.
 /**
+ * Minimal HTML template engine for simple placeholder replacements.
+ *
+ * @param {String} template HTML template
+ * @param {Object} data Template data
+ * @returns {String}
+ * @api private
+ */
+Temper.html = function html(template, data, key) {
+  for (key in data) {
+    if (data.hasOwnProperty(key)) {
+      template = template.replace(new RegExp('{'+ key +'}','g'), data[key]);
+    }
+  }
+
+  return template;
+};
+
+/**
  * Destroy.
@@ -320,0 +356,0 @@ *

package.json

 {
   "name": "temper",
-  "version": "0.1.9",
+  "version": "0.2.0",
   "description": "Temper compiles template for client and server side usage.",
@@ -34,3 +34,6 @@ "main": "index.js",
     "pre-commit": "0.0.x"
+  },
+  "dependencies": {
+    "debug": "0.8.x"
   }
 }

test/temper.test.js

@@ -118,14 +118,25 @@ describe('temper', function () {
 
-    it('returns surrogate compiler for HTML', function () {
-      var obj = temper.compile('<h1>regular</h1>', 'html');
+    describe('.html', function () {
+      it('returns surrogate compiler for HTML', function () {
+        var obj = temper.compile('<h1>regular</h1>', 'html');
 
-      expect(obj.client).to.be.a('string');
-      expect(obj.library).to.be.a('string');
-      expect(obj.library).to.equal('');
-      expect(obj.server).to.be.a('function');
-      expect(obj.server()).to.equal('<h1>regular</h1>');
+        expect(obj.client).to.be.a('string');
+        expect(obj.library).to.be.a('string');
+        expect(obj.library).to.equal('');
+        expect(obj.server).to.be.a('function');
+        expect(obj.server()).to.equal('<h1>regular</h1>');
 
-      var client = (new Function('return '+ obj.client))();
-      expect(client).to.be.a('function');
-      expect(client()).to.equal('<h1>regular</h1>');
+        var client = (new Function('return '+ obj.client))();
+        expect(client).to.be.a('function');
+        expect(client()).to.equal('<h1>regular</h1>');
+      });
+
+      it('supports basic replacements of data', function () {
+        var obj = temper.compile('<h1>{key}</h1>', 'html');
+
+        obj.client = (new Function('return '+ obj.client))();
+
+        expect(obj.server({ key: 'bar' })).to.equal('<h1>bar</h1>');
+        expect(obj.client({ key: 'bar' })).to.equal('<h1>bar</h1>');
+      });
     });
@@ -132,0 +143,0 @@ });

New alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Fixed alerts

Uses eval

Supply chain risk

Package uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

21789

increased by8.74%

Lines of code

430

increased by9.69%

Worsened metrics

Dependency count

1

increased byInfinity%

Number of medium supply chain risk alerts

3

increased by50%

Dependency changes

• + Addeddebug@0.8.x

• + Addeddebug@0.8.1(transitive)