Gathering detailed insights and metrics for @emmetio/abbreviation
The essential toolkit for web-developers
Installations
npm install @emmetio/abbreviationDeveloper Guide
BETA
Typescript
Yes
Module System
ESM
Node Version
16.16.0
NPM Version
lerna/6.5.1/node@v16.16.0+x64 (darwin)
Score
99.7
Supply Chain
92.8
Quality
78.5
Maintenance
100
Vulnerability
100
License
Contributors
50
Unable to fetch Contributors
Languages
2
TypeScript
JavaScript
TypeScript (99.39%)
JavaScript (0.61%)
Love this project? Help keep it running โ sponsor us today! ๐
Developer
Download Statistics
Total Downloads
35,414,574
Last Day
19,097
Last Week
332,481
Last Month
1,329,350
Last Year
15,383,055
GitHub Statistics
MIT License
4,493 Stars
280 Commits
522 Forks
155 Watchers
3 Branches
50 Contributors
Updated on Feb 18, 2025
Maintainers
2
Package Meta Information
Latest Version
2.3.3
Package Id
@emmetio/abbreviation@2.3.3
Unpacked Size
160.03 kB
Size
33.83 kB
File Count
16
NPM Version
lerna/6.5.1/node@v16.16.0+x64 (darwin)
Node Version
16.16.0
Published on
May 10, 2023
Total Downloads
Cumulative downloads
Total Downloads
35,414,574
Last Day
-3.1%
19,097
Compared to previous day
Last Week
4.5%
332,481
Compared to previous week
Last Month
27.3%
1,329,350
Compared to previous month
Last Year
51.4%
15,383,055
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Emmet markup abbreviation parser
Parses given Emmet markup abbreviation into AST. Parsing is performed in two steps: first it tokenizes given abbreviation (useful for syntax highlighting in editors) and then tokens are analyzed and converted into AST nodes as plain, JSON-serializable objects.
Note that AST tree in most cases cannot be used directly for output: for example, AST node produced from .foo.bar element misses element name and contains two class attributes with foo and bar values (not a single class with foo bar value).
Usage
You can install it via npm:
1npm install @emmetio/abbreviation
Then add it into your project:
1import parse from '@emmetio/abbreviation'; 2 3const tree = parse('div#foo>span.bar*3'); 4/* { 5 type: 'Abbreviation', 6 children: [{ 7 type: 'AbbreviationNode', 8 name: 'div', 9 attributes: [...], 10 children: [...] 11 }] 12} */ 13
The returned tree contains AbbreviationNode items: a node with name, attributes and/or text content. E.g. an element that can be represented somehow. Repeated and grouped nodes like a>(b+c)*3 are automatically converted and duplicated as distinct AbbreviationNode with distinct .repeat property which identifies node in repeating sequence.
Abbreviation syntax
Emmet abbreviation element has the following basic parts:
name.class#id[attributes?, ...]{text value}*repeater/
nameโ element name, likediv,spanetc. Stored asnode.nameproperty.[attributes]โ list of attributes. Each attribute is stored asAbbreviationAttributeinstance and can be accessed bynode.getAttribute(name). Each attribute can be written in different formats:attrโ attribute with empty value.attr=valueโ attribute with value. Thevaluemay contain any character except space or].attr="value"orattr='value'โ attribute with value in quotes. Quotes are automatically removed. Expression values likeattr={value}are supported and can be identified byvalueType: "expression"property.attr.โ boolean attribute, e.g. attribute without value, likerequiredin<input>.!attrโ implicit attribute, will be outputted if its value is not empty. Used as a placeholder to preserve attribute order in output../non/attr/valueโ value for default attribute. In other words, anything that doesnโt match a attribute name characters. Can be a single- or double-quotted as well. Default attribute is stored withnullas name and should be used later, for example, to resolve predefined attributes.
.classโ shorthand forclassattribute. Note that an element can have multiple classes, like.class1.class2.class3.#idโ shorthand foridattribute.{text}โ nodeโs text content*Nโ element repeater, tells parser to createNcopies of given node./โ optional self-closing operator. Marks element withnode.selfClosing = true.
Operators
Each element of abbreviation must be separated with any of these operators:
elem1+elem2>elem3
+โ sibling operator, adds next element as a next sibling of current element in tree.>โ child operator, adds next element as a child of current element.^โ climb-up operator, adds next element as a child of current elementโs parent node. Multiple climb-up operators are allowed, each operator moves one level up by tree.
Groups
A set of elements could be grouped using (), mostly for repeating and for easier elements nesting:
a>(b>c+d)*4+(e+f)
Groups can be optionally concatenated with + operator.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
4 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 6
Reason
Found 13/30 approved changesets -- score normalized to 4
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/emmetio/emmet/node.js.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/emmetio/emmet/node.js.yml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/node.js.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 13 are checked with a SAST tool
Reason
18 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Score
3.6
/10
Last Scanned on 2025-02-10
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More