Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A linting tool for Chinese text content.
You could easily install zhlint
through npm
or yarn
:
# install through npm
npm install zhlint -g
# or through yarn
yarn global add zhlint
# or through pnpm
pnpm add zhlint -g
# glob files, lint them, and print validation report,
# and exit with code `1` if there is any error found.
zhlint <file-pattern>
# glob files and fix their all possilbly found errors.
zhlint <file-pattern> --fix
# lint the file and output fixed content into another file
zhlint <input-file-path> --output=<output-file-path>
# print usage info
zhlint --help
The validation report might look like this:
const { run, report } = require('zhlint')
const value = '自动在中文和English之间加入空格'
const options = { rules: { preset: 'default' }}
const output = run(value, options)
// print '自动在中文和 English 之间加入空格''
console.log(output.result)
// print validation report
report([output])
And the format of validation report is more like this:
1:6 - 此处中英文内容之间需要一个空格
自动在中文和English之间加入空格
^
1:13 - 此处中英文内容之间需要一个空格
自动在中文和English之间加入空格
^
Invalid files:
- foo.md
Found 2 errors.
You could find a JavaScript file dist/zhlint.js
as a standalone version. To use it, for example, you can directly add it into your browser as a <script>
tag. Then there would be a global variable zhlint
for you.
run(str: string, options?: Options): Result
: Lint a certain file.
str
: The text content you want to lint.options
: Some options to config.value
and the infor of all validations
.report(results: Result[], logger?: Console): void
: Print out the validation reports for each file.
results
: An array for all linted results.logger
: The logger instance, by default it's console
in Node.js/browser.Customize your own linting config and other advanced options.
type Options = {
rules?: RuleOptions
hyperParse?: string[]
ignoredCases?: IgnoredCase[]
logger?: Console
}
rules
: customize the linting config. It could be undefined
which means linting nothing. It could be { preset: 'default' }
which just uses the default config. For more details of RuleOptions
, please see supported ruleshyperParse
: customize the hyper parser by their names. It could be undefined
which means just use default ignored cases parser, Markdown parser and the Hexo tags parser.ignoredCases
: provide exception cases which you would like to skip.
IgnoredCase
: { prefix?, textStart, textEnd?, suffix? }
logger
: same to the parameter in report(...)
.type Result = {
file?: string
origin: string
result: string
validations: Validation[]
}
type Validation = {
index: number
length: number
message: string
}
Result
file
: The file name. It's an optional field which is only used in CLI.origin
: the original text content.result
: the finally fixed text content.validations
: All the validation information.Validation
index
: The index of the target token in the input string.length
: The length of the target token in the input string.message
: The description of this validation in natural language.We support lint your text content in Markdown syntax by default. For example:
run('自动在_中文_和**English**之间加入空格')
It will analyse the Markdown syntax first and extract the pure text content and do the lint job. After that the fixed pure text content could be replaced back to the raw Markdown string and returned as the output value
in result.
Specially, we support Hexo tags syntax just because when we use Hexo to build Vue.js website, the markdown source files more or less include special tags like that so got the unpredictable result.
As a result, we additionally skip the Hexo-style tags by default. For example:
run('现在过滤器只能用在插入文本中 (`{% raw %}{{ }}{% endraw %}` tags)。')
In some real cases we have special text contents not follow the rules by reason. So we could ues ignoredCases
option to config that. For example we'd like to keep the spaces inside a pair of brackets, which is invalid by default. Then we could write one more line of HTML comment anywhere inside the file:
<!-- the good case -->
text before (text inside) text after
<!-- the bad case -->
vm.$on( event, callback )
<!-- then we could write this down below to make it work -->
<!-- zhlint ignore: ( , ) -->
or just pass it through as an option:
run(str, { ignoredCases: { textStart: '( ', textEnd: ' )' } })
ignore
: find all ignored pieces by the HTML comment <!-- zhlint ignore: ... -->
hexo
: find all Hexo tags to avoid them being parsed.markdown
: parse by markdown syntax and find all block-level texts and inline-level marks.Almost the rules come from the past translation experiences in W3C HTML Chinese interest group and Vue.js Chinese docsite.
... and this part might be controversial. So if you don't feel well at some point, we definitely would love to know and improve. Opening an issue is always welcome. Then we could discuss about the possible better option or decision.
type RuleOptions = {
/* PRESET */
// Custom preset, currently only support:
// - `'default'`
preset?: string
/* PUNCTUATIONS */
// Convert these punctuations into half-width.
// default preset: `()`
// e.g. `(文字)` -> `(文字)`
halfWidthPunctuation?: string
// Convert these punctuations into full-width.
// default preset: `,。:;?!“”‘’`
// e.g. `文字,文字.` -> `文字,文字。`
fullWidthPunctuation?: string
// Convert traditional Chinese punctuations into simplified ones or vice versa.
// default preset: `simplified`
// e.g. `「文字」` -> `“文字”`
unifiedPunctuation?: 'traditional' | 'simplified'
// Special case: skip `fullWidthPunctuation` for abbreviations.
// default preset:
// `['Mr.','Mrs.','Dr.','Jr.','Sr.','vs.','etc.','i.e.','e.g.','a.k.a']`
skipAbbrs?: string[]
/* SPACES AROUND CONTENT */
// default preset: `true`
// - `true`: one space
// - `undefined`: do nothing
// e.g. `foo bar` -> `foo bar`
spaceBetweenHalfWidthContent?: boolean
// default preset: `true`
// - `true`: zero space
// - `undefined`: do nothing
// e.g. `文 字` -> `文字`
noSpaceBetweenFullWidthContent?: boolean
// default preset: `true`
// - `true`: one space
// - `false`: zero space
// - `undefined`: do nothing
// e.g. `文字 foo文字` -> `文字 foo 文字` (`true`)
// e.g. `文字foo 文字` -> `文字foo文字` (`false`)
spaceBetweenMixedWidthContent?: boolean
// Special case: skip `spaceBetweenMixedWidthContent`
// for numbers x Chinese units.
// default preset: `年月日天号时分秒`
skipZhUnits?: string
/* SPACES AROUND PUNCTUATIONS */
// default preset: `true`
// - `true`: zero space
// - `undefined`: do nothing
// e.g. `文字 ,文字` -> `文字,文字`
noSpaceBeforePunctuation?: boolean
// default preset: `true`
// - `true`: one space
// - `false`: zero space
// - `undefined`: do nothing
// e.g. `文字,文字` -> `文字, 文字` (`true`)
// e.g. `文字, 文字` -> `文字,文字` (`false`)
spaceAfterHalfWidthPunctuation?: boolean
// default preset: `true`
// - `true`: zero space
// - `undefined`: do nothing
// e.g. `文字, 文字` -> `文字,文字`
noSpaceAfterFullWidthPunctuation?: boolean
/* SPACES AROUND QUOTES */
// default preset: `true`
// - `true`: one space
// - `false`: zero space
// - `undefined`: do nothing
// e.g. `文字 "文字"文字` -> `文字 "文字" 文字` (`true`)
// e.g. `文字"文字" 文字` -> `文字"文字"文字` (`false`)
spaceOutsideHalfQuote?: boolean
// default preset: `true`
// - `true`: zero space
// - `undefined`: do nothing
// e.g. `文字 “文字” 文字` -> `文字“文字”文字`
noSpaceOutsideFullQuote?: boolean
// default preset: `true`
// - `true`: zero space
// - `undefined`: do nothing
// e.g. `文字“ 文字 ”文字` -> `文字“文字”文字`
noSpaceInsideQuote?: boolean
/* SPACES AROUND BRACKETS */
// default preset: `true`
// - `true`: one space
// - `false`: zero space
// - `undefined`: do nothing
spaceOutsideHalfBracket?: boolean
// default preset: `true`
// - `true`: zero space
// - `undefined`: do nothing
noSpaceOutsideFullBracket?: boolean
// default preset: `true`
// - `true`: zero space
// - `undefined`: do nothing
noSpaceInsideBracket?: boolean
/* SPACES AROUND CODE */
// default preset: `true`
// - `true`: one space
// - `false`: zero space
// - `undefined`: do nothing
// e.g. '文字 `code`文字' -> '文字 `code` 文字' ('true')
// e.g. '文字`code` 文字' -> '文字`code`文字' ('false')
spaceOutsideCode?: boolean
/* SPACES AROUND MARKDOWN/HTML TAGS */
// default `true`
// - `true`: zero space
// - `undefined`: do nothing
// e.g. `文字** foo **文字` -> `文字 **foo** 文字`
noSpaceInsideMark?: boolean
/* SPACES AT THE BEGINNING/END */
// default `true`
// e.g. ` 文字 ` -> `文字`
trimSpace?: boolean
}
FAQs
A linting tool for Chinese language.
We found that zhlint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.