Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding - Dec 12, 2025
🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
djc-core-html-parser
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
- Version
- 1.0.3
- Maintainers
- 1
djc-core-html-parser
HTML parser used by django-components. Written in Rust, exposed as a Python package with maturin.
This implementation was found to be 40-50x faster than our Python implementation, taking ~90ms to parse 5 MB of HTML.
Installation
pip install djc-core-html-parser
Usage
from djc_core_html_parser import set_html_attributes
html = '<div><p>Hello</p></div>'
result, _ = set_html_attributes(
html,
# Add attributes to the root elements
root_attributes=['data-root-id'],
# Add attributes to all elements
all_attributes=['data-v-123'],
)
To save ourselves from re-parsing the HTML, set_html_attributes returns not just the transformed HTML, but also a dictionary as the second item.
This dictionary contains a record of which HTML attributes were written to which elemenents.
To populate this dictionary, you need set watch_on_attribute to an attribute name.
Then, during the HTML transformation, we check each element for this attribute. And if the element HAS this attribute, we:
- Get the value of said attribute
- Record the attributes that were added to the element, using the value of the watched attribute as the key.
from djc_core_html_parser import set_html_attributes
html = """
<div data-watch-id="123">
<p data-watch-id="456">
Hello
</p>
</div>
"""
result, captured = set_html_attributes(
html,
# Add attributes to the root elements
root_attributes=['data-root-id'],
# Add attributes to all elements
all_attributes=['data-djc-tag'],
# Watch for this attribute on elements
watch_on_attribute='data-watch-id',
)
print(captured)
# {
# '123': ['data-root-id', 'data-djc-tag'],
# '456': ['data-djc-tag'],
# }
Development
-
Setup python env
python -m venv .venv -
Install dependencies
pip install -r requirements-dev.txtThe dev requirements also include
maturinwhich is used packaging a Rust project as Python package. -
Install Rust
-
Run Rust tests
cargo test -
Build the Python package
maturin developTo build the production-optimized package, use
maturin develop --release. -
Run Python tests
pytestNOTE: When running Python tests, you need to run
maturin developfirst.
Deployment
Deployment is done automatically via GitHub Actions.
To publish a new version of the package, you need to:
- Bump the version in
pyproject.tomlandCargo.toml - Open a PR and merge it to
main. - Create a new tag on the
mainbranch with the new version number (e.g.v1.0.0), or create a new release in the GitHub UI.
Keywords
FAQs
HTML parser used by django-components written in Rust.
We found that djc-core-html-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
New React Server Components Vulnerabilities: DoS and Source Code Exposure
New DoS and source code exposure bugs in React Server Components and Next.js: what’s affected and how to update safely.
By Sarah Gooding - Dec 12, 2025
Security News
Software Engineering Daily Podcast: Feross on AI, Open Source, and Supply Chain Risk
Socket CEO Feross Aboukhadijeh joins Software Engineering Daily to discuss modern software supply chain attacks and rising AI-driven security risks.
By Sarah Gooding - Dec 11, 2025