Gathering detailed insights and metrics for hast-util-from-parse5
Gathering detailed insights and metrics for hast-util-from-parse5
utility to transform Parse5’s AST to hast
Installations
npm install hast-util-from-parse5Developer
Developer Guide
BETA
Module System
ESM
Min. Node Version
Typescript Support
Yes
Node Version
23.1.0
NPM Version
10.9.0
Statistics
16 Stars
149 Commits
8 Forks
9 Watching
1 Branches
13 Contributors
Updated on 19 Nov 2024
Bundle Size
23.88 kB
Minified
8.26 kB
Minified + Gzipped
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
818,457,506
Last day
-0.3%
747,121
Compared to previous day
Last week
4.1%
3,889,737
Compared to previous week
Last month
12.9%
16,285,108
Compared to previous month
Last year
-17.1%
185,972,660
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
hast-util-from-parse5
hast utility to transform from parse5s AST.
Contents
- What is this?
- When should I use this?
- Install
- Use
- API
- Types
- Compatibility
- Security
- Related
- Contribute
- License
What is this?
This package is a utility that can turn a parse5 tree into a hast tree.
When should I use this?
You can use this package when using parse5 as an HTML parser and wanting to
work with hast.
The utility hast-util-to-parse5 does the inverse of
this utility.
It generates parse5s AST again.
The utility hast-util-from-html wraps this utility and
parse5 to both parse HTML and generate hast from it.
Install
This package is ESM only. In Node.js (version 16+), install with npm:
1npm install hast-util-from-parse5
In Deno with esm.sh:
1import {fromParse5} from "https://esm.sh/hast-util-from-parse5@8"
In browsers with esm.sh:
1<script type="module"> 2 import {fromParse5} from "https://esm.sh/hast-util-from-parse5@8?bundle" 3</script>
Use
Say our document example.html contains:
1<!doctype html><title>Hello!</title><h1 id="world">World!<!--after-->
…and our module example.js looks as follows:
1import {fromParse5} from 'hast-util-from-parse5' 2import {parse} from 'parse5' 3import {read} from 'to-vfile' 4import {inspect} from 'unist-util-inspect' 5 6const file = await read('example.html') 7const p5ast = parse(String(file), {sourceCodeLocationInfo: true}) 8const hast = fromParse5(p5ast, {file}) 9 10console.log(inspect(hast))
…now running node example.js yields:
1root[2] (1:1-2:1, 0-70) 2│ data: {"quirksMode":false} 3├─0 doctype (1:1-1:16, 0-15) 4└─1 element<html>[2] 5 │ properties: {} 6 ├─0 element<head>[1] 7 │ │ properties: {} 8 │ └─0 element<title>[1] (1:16-1:37, 15-36) 9 │ │ properties: {} 10 │ └─0 text "Hello!" (1:23-1:29, 22-28) 11 └─1 element<body>[1] 12 │ properties: {} 13 └─0 element<h1>[3] (1:37-2:1, 36-70) 14 │ properties: {"id":"world"} 15 ├─0 text "World!" (1:52-1:58, 51-57) 16 ├─1 comment "after" (1:58-1:70, 57-69) 17 └─2 text "\n" (1:70-2:1, 69-70)
API
This package exports the identifier fromParse5.
There is no default export.
fromParse5(tree[, options])
Transform a parse5 AST to hast.
Parameters
tree(Parse5Node) —parse5tree to transformoptions(Options, optional) — configuration
Returns
hast tree (HastNode).
Options
Configuration (TypeScript type).
Fields
file
File used to add positional info to nodes (VFile, optional).
If given, the file should represent the original HTML source.
space
Which space the document is in (Space, default: 'html').
When an <svg> element is found in the HTML space, this package already
automatically switches to and from the SVG space when entering and exiting
it.
verbose
Whether to add extra positional info about starting tags, closing tags,
and attributes to elements (boolean, default: false).
👉 Note: only used when
fileis given.
For the following HTML:
1<img src="http://example.com/fav.ico" alt="foo" title="bar">
The verbose info would looks as follows:
1{ 2 type: 'element', 3 tagName: 'img', 4 properties: {src: 'http://example.com/fav.ico', alt: 'foo', title: 'bar'}, 5 children: [], 6 data: { 7 position: { 8 opening: { 9 start: {line: 1, column: 1, offset: 0}, 10 end: {line: 1, column: 61, offset: 60} 11 }, 12 closing: null, 13 properties: { 14 src: { 15 start: {line: 1, column: 6, offset: 5}, 16 end: {line: 1, column: 38, offset: 37} 17 }, 18 alt: { 19 start: {line: 1, column: 39, offset: 38}, 20 end: {line: 1, column: 48, offset: 47} 21 }, 22 title: { 23 start: {line: 1, column: 49, offset: 48}, 24 end: {line: 1, column: 60, offset: 59} 25 } 26 } 27 } 28 }, 29 position: { 30 start: {line: 1, column: 1, offset: 0}, 31 end: {line: 1, column: 61, offset: 60} 32 } 33}
Space
Namespace (TypeScript type).
Type
1type Space = 'html' | 'svg'
Types
This package is fully typed with TypeScript.
It exports the additional types Options and
Space.
Compatibility
Projects maintained by the unified collective are compatible with maintained versions of Node.js.
When we cut a new major release, we drop support for unmaintained versions of
Node.
This means we try to keep the current release line, hast-util-from-parse5@^8,
compatible with Node.js 16.
Security
Use of hast-util-from-parse5 can open you up to a
cross-site scripting (XSS) attack if Parse5’s AST is unsafe.
Related
hast-util-to-parse5— transform hast to Parse5’s ASThast-util-to-nlcst— transform hast to nlcsthast-util-to-mdast— transform hast to mdasthast-util-to-xast— transform hast to xastmdast-util-to-hast— transform mdast to hastmdast-util-to-nlcst— transform mdast to nlcst
Contribute
See contributing.md in syntax-tree/.github for
ways to get started.
See support.md for ways to get help.
This project has a code of conduct. By interacting with this repository, organization, or community you agree to abide by its terms.
License
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: license:0
- Info: FSF or OSI recognized license: MIT License: license:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/syntax-tree/.github/security.md:1
- Info: Found linked content: github.com/syntax-tree/.github/security.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/syntax-tree/.github/security.md:1
- Info: Found text in security policy: github.com/syntax-tree/.github/security.md:1
Reason
11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9
Reason
Found 1/30 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/bb.yml:5: update your workflow using https://app.stepsecurity.io/secureworkflow/syntax-tree/hast-util-from-parse5/bb.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:6: update your workflow using https://app.stepsecurity.io/secureworkflow/syntax-tree/hast-util-from-parse5/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:7: update your workflow using https://app.stepsecurity.io/secureworkflow/syntax-tree/hast-util-from-parse5/main.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/syntax-tree/hast-util-from-parse5/main.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/main.yml:11
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/bb.yml:1
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 1 are checked with a SAST tool
Score
4.9
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More