Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

pelican-compressor

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

pelican-compressor

Pelican plugin wrapper for 'web-compressor'

  • 0.2.1
  • PyPI
  • Socket score
Maintainers
1

Pelican plugin for web-compressor

pelican-compress optimizes any Pelican site's output - using sane defaults & insane tools.

Installation

It's available from PyPi using a package manager of your choice:

# Using 'pip'
pip install pelican-compressor

# Using 'poetry'
poetry add pelican-compressor

Getting started

Using pelican-compressor is straightforward:

Plugin

After installing it, the following features are enabled by default:

  • minification of HTML files & web assets, such as CSS/JS, JSON & XML files
  • cachebusting assets, such as CSS/JS, JSON & XML files, fonts and images
  • creating SRI hashes for link & script tags

See 'Configuration' below for full control over these processes and even more features, such as

  • optimizing all JPEG & PNG images
  • converting them to modern file formats such as AVIF/WebP
  • building CSP directives (including nonces for inline scripts & styles)

Commandline

Installing pelican-compressor also gives you access to webcompr, which might be interesting for more flexibility.

Configuration

The following settings need to be prepended by COMPRESSOR_ to work, eg for enabling AVIF/WebP generation, define COMPRESSOR_ENABLE_MODERN_FORMATS = True in your settings (most likely pelicanconf.py).

General

SettingTypeDefaultDescription
BLOCK_LISTlist[]Filenames to be excluded

Asset minification

SettingTypeDefaultDescription
ENABLE_MINIFYbooltrueEnables/disables feature
MINIFY_MEDIATYPESlist or re.PatternHTML, CSS, JS, SVGFiles to be minified
MINIFY_OPTIONSdictsee belowMinification settings

For available minification settings, see here.

Image optimizations

SettingTypeDefaultDescription
ENABLE_IMAGEOPTIMboolfalseEnables/disables feature
IMAGEOPTIM_MEDIATYPESlist or re.PatternJPG/PNGFiles to be optimized
JPEG_QUALITYint85JPEG output quality
STRIP_METADATAbooltrueWhether to remove metadata

Asset hashing / "cachebusting"

SettingTypeDefaultDescription
ENABLE_HASHINGbooltrueEnables/disables feature
HASHING_MEDIATYPESlist or re.PatternCSS/JS files, fonts & imagesFiles to be hashed
HASH_LENGTHint10Length of appended hash string
HASH_MODIFIEDboolfalseHash modified time or file contents

AVIF / WebP generation

SettingTypeDefaultDescription
ENABLE_MODERN_FORMATSboolfalseEnables/disables feature
AVIF_SETTINGSdict{"quality": 90}AVIF settings (see below)
WEBP_SETTINGSdict{"method": 6}WebP settings (see below)

Available WebP settings:

  • lossless
  • quality
  • method
  • icc_profile
  • exif

For more information, see Pillow docs.

Available AVIF settings:

  • advanced
  • alpha_premultiplied
  • append_images
  • codec
  • duration
  • exif
  • icc_profile
  • qmax
  • qmin
  • quality
  • range
  • speed
  • subsampling
  • tile_rows
  • xmp / XML:com.adobe.xmp

Note: AVIF generation is provided through a plugin, which hasn't made it into Pillow's core yet, so consider this feature as being experimental!

For more information (eg default values), check out the info.get() calls inside the _save() method, courtesy of the pillow_avif plugin.

Subresource integrity

SettingTypeDefaultDescription
ENABLE_SRIstrtrueEnables/disables feature
SRI_DIGESTstr'sha512'Cryptographic digest to use

Content security policy

SettingTypeDefaultDescription
ENABLE_CSPboolfalseEnables/disables feature
CSP_DIGESTstr'sha512'Cryptographic digest to use
CSP_NONCEstruuid.uuid4().hexRandom nonce to be used
CSP_DIRECTIVESdict{}CSP directives (see below)

When creating a content security policy, you might want to start with something restrictive and go from there:

COMPRESSOR_ENABLE_CSP = True
COMPRESSOR_CSP_DIRECTIVES = {
    "default-src": "none",
    "script-src": "'strict-dynamic'",
    "object-src": "none",
    "base-uri": "none",
},

Hooks

It's also prossible to assign functions to be called right before this plugin (PRE_HOOK) or immediately thereafter (POST_HOOK), eg for creating image variants (such as placeholders for lazyloading). Each function receives the argument asset, which is a tuple consisting of the pathlib.Path to each asset file and a str representing its MIME type:

# pelicanconf.py

COMPRESSOR_PRE_HOOK = lambda asset: (
    # Unpack asset file & mediatype
    file_path, mime_type = asset

    # If image file ..
    if mime_type == "image/jpeg":
        # .. do something
)

Roadmap

  • Update README.md
  • Add tests

Keywords

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Research

Security News

Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries

Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.

By Kirill Boychenko  -  Nov 22, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc