Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Unofficial Python port of server-side rendering from AMP Optimizer. Supports Python 3.6 and above.
AMP Renderer performs the following optimizations:
html
elementimg
tags for images with the data-hero attributeIt also makes these formatting updates:
class
and style
tags for AMP HTML elementsAMPRenderer can be used on a block of arbitrary HTML, but when used on a full document, it will insert the AMP runtime styles and, if possible, remove the AMP boilerplate styles.
Boilerplate styles can be removed except in these cases:
layout
attributeamp-audio
is usedamp-experiment
activemedia
, sizes
, or heights
amp-dynamic-css-classes
amp-story
If boilerplate styles can’t be removed, the attribute no_boilerplate
will be set to True
after calling render
; otherwise it will be False
. Until render
runs, the no_boilerplate
attribute isn’t set at all.
If using Django, you can use the Django AMP Renderer middleware.
Otherwise, install via PyPI:
pip install amp-renderer
Minimal usage:
from amp_renderer import AMPRenderer
...
RUNTIME_VERSION = "012345678" /* Current AMP runtime version number */
RUNTIME_STYLES = "..." /* Current contents of https://cdn.ampproject.org/v0.css */
renderer = AMPRenderer(
runtime_version=RUNTIME_VERSION,
runtime_styles=RUNTIME_STYLES)
original_html = """
<!doctype html>
<html ⚡>
...
</html>
"""
result = renderer.render(original_html)
print(result)
Remove comments and/or trim attributes:
renderer.should_strip_comments = True
renderer.should_trim_attributes = True
result = renderer.render(original_html)
print(result)
The AMPRenderer class inherits from HTMLParser, and can be similarly extended.
Install requrements:
make install
Sort imports (Requires Python >= 3.8):
make format
Lint (Requires Python >= 3.8):
make lint
Test:
make test
There are still some aspects of the official AMP Optimizer implementation that haven’t been addressed yet. PRs welcome.
sizes
, media
, and heights
via CSS injectionmedia
attributes by shared media queries to reduce necessary bytesheights
amp-custom
element over the byte limitimg
tag for amp-img
s with the data-hero
attributedata-hero
amp-iframe
, amp-video
, and amp-video-iframe
The Python AMP Renderer does not insert preload
links into the head
of the DOM object for hero images; This can be done by hand for more control over the critical path.
FAQs
Unofficial Python port of server-side rendering from AMP Optimizer
We found that amp-renderer demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.