npmpackage.info

Gathering detailed insights and metrics for @nfrasser/simple-html-tokenizer

@nfrasser/simple-html-tokenizer - 0.5.11-3 | npmpackage.info

@nfrasser/simple-html-tokenizer

A lightweight JavaScript library for tokenizing non-`<script>` HTML expected to be found in the `<body>` of a document

0.5.11-3

MIT

TypeScript

2.87 kB

21,633 2.9

Installations

npm install @nfrasser/simple-html-tokenizer

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Node Version

22.11.0

NPM Version

10.9.0 Score

79.2

Supply Chain

84.5

Quality

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

0

Total

1

Closed

0

Merged

1

Issues

Open

0

Total

0

Closed

0

Releases

Unable to fetch releases

Languages

TypeScript

JavaScript

HTML

TypeScript (86.67%)

JavaScript (12.74%)

HTML (0.58%)

Developer

nfrasser

Download Statistics

Total Downloads

21,633

Last Day

203

Last Week

1,329

Last Month

5,837

Last Year

19,646

GitHub Statistics

MIT License

3 Stars

205 Commits

2 Forks

1 Watchers

5 Branches

1 Contributors

Updated on May 08, 2025

Bundle Size

16.03 kB

Minified

2.87 kB

Minified + Gzipped

Bundlephobia

Maintainers

View All 1 Contributors

Package Meta Information

Latest Version

0.5.11-3

Package Id

@nfrasser/simple-html-tokenizer@0.5.11-3

Unpacked Size

190.98 kB

Size

26.07 kB

File Count

NPM Version

10.9.0

Node Version

22.11.0

Published on

May 07, 2025

Total Downloads

Cumulative downloads

Total Downloads

21,633

Last Day

3.6%

203

Compared to previous day

Last Week

16.5%

1,329

Compared to previous week

Last Month

5,837

Compared to previous month

Last Year

3,572.1%

19,646

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

@types/qunit broccoli-concat broccoli-funnel broccoli-merge-trees broccoli-rollup broccoli-tslinter broccoli-typescript-compiler ember-cli got in-repo-commands nyc qunit release-it release-it-lerna-changelog rollup-plugin-sourcemaps symlink-self tslint typescript

Simple HTML Tokenizer

Simple HTML Tokenizer is a lightweight JavaScript library that can be used to tokenize the kind of HTML normally found in templates. It can be used to preprocess templates to change the behavior of some template element depending upon whether the template element was found in an attribute or text.

It is not a full HTML5 tokenizer. It focuses on the kind of HTML that is used in templates: content designed to be inserted into the <body> and without <script> tags.

In particular, Simple HTML Tokenizer does not handle many states from the HTML5 Tokenizer Specification:

Any states involving CDATA or RCDATA
Any states involving <script>
Any states involving <DOCTYPE>
The bogus comment state

It also passes through character references, instead of trying to tokenize and process them, because the preprocessed templates will ultimately be parsed by a real browser context.

At the moment, there are some error states specified by the tokenizer spec that are not handled by Simple HTML Tokenizer. Ultimately, I plan to support all error states, as well as provide information about tokenizer errors in debug mode.

Usage

You can tokenize HTML:

1var tokens = HTML5Tokenizer.tokenize("<div id='foo' href=bar class=\"bat\">");
2
3var token = tokens[0];
4token.tagName     //=> "div"
5token.attributes  //=> [["id", "foo"], ["href", "bar"], ["class", "bat"]]
6token.selfClosing //=> false

Building and running the tests

1npm install
2npm test

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

1

Maintained

Determines if the project is "actively maintained".

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

2.9

/10

Last Scanned on 2025-06-30

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More