Installations
npm install escaperDeveloper
kobezzza
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
14.15.1
NPM Version
6.14.8
Statistics
12 Stars
720 Commits
3 Watching
4 Branches
4 Contributors
Updated on 15 Dec 2022
Languages
JavaScript (98.51%)
HTML (1.49%)
Total Downloads
Cumulative downloads
Total Downloads
6,701,340
Last day
-67.7%
744
Compared to previous day
Last week
-21.8%
5,650
Compared to previous week
Last month
24.1%
23,543
Compared to previous month
Last year
-2.5%
219,558
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
33
Escaper
Escaper is a small JavaScript library to replace string literals, regular expressions, and comments from the JavaScript syntax.
Supports:
' ... '" ... "` ... `,` ... ${...} `/ ... /// ...,//* ...,//! ...,//# ...,//@ ...,//$ .../* ... */,/** ... */,/*! ... */,/*# ... */,/*@ ... */,/*$ ... */
Install
https://raw.githubusercontent.com/kobezzza/Escaper/master/dist/escaper.min.js
or
1npm install escaper
or
1git clone https://github.com/kobezzza/Escaper
Usage
1const 2 str = 'Hello "world" and \'friends\'', 3 content = []; 4 5// Replaces all found matches 6// 'Hello __ESCAPER_QUOT__0_ and __ESCAPER_QUOT__1_' 7Escaper.replace(str, content) 8 9// Replaces only single quotes 10// 'Hello "world" and __ESCAPER_QUOT__0_' 11Escaper.replace(str, ["'"]) 12 13// Cuts all found matches 14// 'Hello and ' 15Escaper.replace(str, -1) 16 17// Replaces all and cuts single quotes 18// 'Hello __ESCAPER_QUOT__0_ and ' 19Escaper.replace(str, {"'": -1}) 20 21// Replaces all but strings 22// 'Hello __ESCAPER_QUOT__0_ and \'friends\'' 23Escaper.replace(str, {strings: false}) 24 25// Replaces all, but strings can be only single quotes 26// 'Hello "world" and __ESCAPER_QUOT__0_' 27Escaper.replace(str, {strings: ["'"]}) 28 29// Replaces all, but strings can be only single quotes and it will be cut 30// 'Hello "world" and ' 31Escaper.replace(str, {strings: {"'": -1}}) 32 33// Replaces all found escape blocks to a real content 34// 'Hello "world" and \'friends\'' 35Escaper.paste(str, content);
API
Escaper.replace(str, how?, store?): string
Replaces all found blocks ' ... ', " ... ", ` ... `, / ... /, // ..., /* ... */ to
escape blocks from the specified string and returns a new string.
Arguments
stringstr— source string;string[] | Record<string, string[] | Record<string, boolean | -1> | false | -1> | false | -1how?— parameters:
Possible values
If a value is set to -1, then all found matches will be removed from the final string.
If the value is set to boolean it will be replaced/passed.
1// Label of replacement, by default __ESCAPER_QUOT__${pos}_ 2'label' 3 4// Singleline comment 5'singleComments' 6 7// Multiline comments 8'multComments' 9 10// All kinds of comments 11'comments' 12 13// All kinds of strings 14'strings' 15 16// All kinds of literals (except strings and comments) 17'literals' 18 19// Literals 20"'" 21'"' 22'`' 23'/' 24'//' 25'//*' 26'//!' 27'//#' 28'//@' 29'//$' 30'/*' 31'/**' 32'/*!' 33'/*#' 34'/*@' 35'/*$'
The parameters can be specified as an array (escapes only explicitly specified sequences)
or like an object (disables/excludes by a literal or group). Also, if you set the parameter value as -1,
then all found sequences will be removed from the string.
string[]store = Escaper.content— store for matches.
Escaper.paste(str, store?, rgxp?): string
Replaces all found escape blocks to real content from the specified string and returns a new string.
Arguments
stringstr— source string;string[]store = Escaper.content— store of matches;RegExprgxp?— RegExp to search, e.g./__ESCAPER_QUOT__(\d+)_/g.
License
The MIT License.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/kobezzza/Escaper/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/kobezzza/Escaper/test.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/kobezzza/Escaper/test.yml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
Found 0/20 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 10 are checked with a SAST tool
Reason
24 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-47pj-q2vm-46xc
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
2.8
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More