npmpackage.info

liquidjs

A simple, expressive, safe and Shopify compatible template engine in pure JavaScript.

10.19.0

1,532

MIT

TypeScript

19.31 kB

49,412,909 4.6

Installations

npm install liquidjs

Pull Requests

Open

1

Total

293

Closed

33

Merged

259

Issues

Open

4

Total

370

Closed

366

Releases

147

v10.19.0

Published on 17 Nov 2024

v10.18.0

Published on 16 Oct 2024

v10.17.0

Published on 22 Sept 2024

v10.16.7

Published on 29 Aug 2024

v10.16.6

Published on 29 Aug 2024

v10.16.5

Published on 27 Aug 2024

View all 147 releases

Developer

harttle

Developer Guide

BETA

Module System

CommonJS, UMD

Min. Node Version

>=14

Typescript Support

Yes

Node Version

14.21.3

NPM Version

8.19.4 Statistics

1,532 Stars

1,200 Commits

236 Forks

26 Watching

13 Branches

78 Contributors

Updated on 26 Nov 2024

Bundle Size

65.97 kB

Minified

19.31 kB

Minified + Gzipped

Bundlephobia

Languages

TypeScript (93.67%)

JavaScript (4.35%)

Liquid (0.93%)

Shell (0.69%)

Handlebars (0.35%)

HTML (0.01%)

Total Downloads

Cumulative downloads

Total Downloads

49,412,909

Last day

5.4%

97,877

Compared to previous day

Last week

3.1%

497,527

Compared to previous week

Last month

9.5%

2,109,435

Compared to previous month

Last year

52.7%

19,784,584

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Versions

liquidjs

A simple, expressive and safe Shopify / GitHub Pages compatible template engine in pure JavaScript. The purpose of this repo is to provide a standard Liquid implementation for the JavaScript community so that Jekyll sites, GitHub Pages and Shopify templates can be ported to Node.js without pain.

Documentation
Please star LiquidJS on GitHub!
Financial support via GitHub Sponsors.

What's it like?

Basically there're two types of Liquid syntax: tags enclosed by {% %} and outputs enclosed by {{ }}. A Liquid template looks like:

1{% if username %}
2  {{ username | append: ", welcome to LiquidJS!" | capitalize }}
3{% endif %}

A live demo is also available and here's a quick tutorial for Liquid syntax.

Installation

Install from npm in Node.js:

1npm install liquidjs

Or use the UMD bundle from jsDelivr:

1<script src="https://cdn.jsdelivr.net/npm/liquidjs/dist/liquid.browser.min.js"></script>

Or render directly from CLI using npx:

1npx liquidjs --template 'Hello, {{ name }}!' --context '{"name": "Snake"}'

For more details, refer to the Setup Guide.

Who's Using LiquidJS?

Eleventy: Eleventy, a simpler static site generator.
Opensense: The smarter way to send email.
Directus: an instant REST+GraphQL API and intuitive no-code data collaboration app for any SQL database.
Semgrep: Lightweight static analysis for many languages.
Rock: An open source CMS, Relationship Management System (RMS) and Church Management System (ChMS) all rolled into one.
Mitosis: Write components once, run everywhere. Compiles to React, Vue, Qwik, Solid, Angular, Svelte, and more.
Pattern Lab: a frontend workshop environment that helps you build, view, test, and showcase your design system's UI components.
Builder.io: the first and only headless CMS with a visual editor that lets you drag and drop with your components, directly within your current site or app. Completely API-driven, for cleaner code and simpler workflows.
Microsoft Power Pages: a secure, enterprise-grade, low-code software as a service (SaaS) platform for creating, hosting, and administering modern external-facing business websites.
Azure API Management developer portal: an automatically generated, fully customizable website with the documentation of your APIs.
WISMOlabs: Post Purchase Experience platform for eCommerce retailers enhancing customer satisfaction by using LiquidJS to provide customizable post-purchase experiences through programmable email, SMS, order tracking pages, and webhooks.

Feel free to create a PR or contact me to add your use case into this list!

Financial Support

If you personally love LiquidJS or it's benefiting your business, please consider financially support us via GitHub Sponsors. Special thanks to our sponsors!

_Opensense	_Eleventy	_{Peter deHaan}	_Touchless	_Dropkiq	_{Dailycontributors}	_{Serkan Holat}
_amit777	_{Khaled Salem}	_Sentry	_{Checkout Blocks}	_{Customer IO}	_{Emmanuel Cartelli}	_Microsoft
_PakStyle.pk	_{Syntax Podcast}	_{Cartelli Emmanuel}

Contributors ✨

Want to contribute? see Contribution Guidelines. Thanks goes to these wonderful people:

_{Jun Yang} 🚧 💻	_chenos 💻	_{Zach Leatherman} 🐛	_{Tim Hardy} 💻	_{Paul Robert Lloyd} 💻 🐛	_{Alec Larson} 💻	_{Patrick Malouin} 💻 📖
_jaswrks 💻	_三三 💻 🤔	_ssendev 💻 📖	_wojtask9 💻	_{Andrew Barclay} 💻	_{Cory Mawhorter} 💻	_{Mehdi Jaffery} 💻
_{Robin Bijlani} 💻 🐛	_{Ryan Kennedy} 💻	_{Sami Kukkonen} 💻	_{Scott Santucci} 💻	_Steven 💡 💻	_azu 📖	_Joonas 💻
_{Jamel A.} 💻	_{Brandon Pittman} 💻	_tgrandgent 💻	_{Martin Schuster} 💻	_Ray ⚠️ 💻	_{Cristofer Gonzales} 💻	_{Raymond Camden} 📖
_{Steve Stedman} 📖	_{Anthony Ciccarello} 📖	_{Bogdan Chadkin} 💻	_{Tejas Manohar} 💻	_{Peter deHaan} 📖	_amit777 💻	_{Steffen Schuldenzucker} 💻
_Pixcell 💻	_{Jason Etcovitch} 💻	_ZC 📖	_{Memmie Lenglet} 💻	_ilhamdev0 📖	_{一饮一啄皆是人生} 📖	_{Amit Agarwal} 📖
_{Laurin Quast} 💻	_{Matt Vague} 💻	_{Liam Bigelow} 💻	_{Jason Kurian} 📖	_{d pham (they/them)} 📖	_{Aleksandr Hovhannisyan} 💻	_jg-rp 💻
_{Ameya Apte} 💻	_tbdrz 📖	_{Santi Albo} 📖 💻	_{Yahang Wu} 📖	_hongl 📖	_zxx-457 📖	_prassie 📖
_{Slav Ivanov} 💻	_{Daniel Rosenberg} 💻	_bobgubko 💻	_BaNgan 📖	_{Mahyar Pasarzangene} 📖	_{Tomáš Hübelbauer} 💻 📖	_{Jason Garber} 💻
_{Nick Reilingh} 📖	_{Francisco Soto} 💻	_{David LJ} 📖	_{Rasmus Wriedt Larsen} 📖	_{Bruno Carvalho} 💻	_傅鹏 💻	_{Joel Hamilton} 💻
_{Max Medve} 💻	_{Cosmin Popovici} 📖	_{Adam Tanner} 💻	_{Guillermo Casal Caro} 💻	_{Josh Soref} 📖	_Koen 💻	_{Matthieu Bacconnier} 📖

Stable Version

The latest stable version of the package.

Stable Version

10.19.0

MODERATE

5.3/10

Summary

liquidjs may leak properties of a prototype

Affected Versions

< 10.0.0

Patched Versions

10.0.0

10

Maintained

Determines if the project is "actively maintained".

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

4

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 4

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/coverage.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/coverage.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/docs.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/performance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/performance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/performance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/performance.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-check.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/pr-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Info: 0 out of 28 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 3 third-party GitHubAction dependencies pinned
Info: 7 out of 7 npmCommand dependencies pinned

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

41 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-2rq5-699j-x7p6
Warn: Project is vulnerable to: GHSA-c9f4-xj24-8jqx
Warn: Project is vulnerable to: GHSA-jc84-3g44-wf2q
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-45rm-2893-5f49
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-wx77-rp39-c6vg
Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-x77j-w7wf-fjmw
Warn: Project is vulnerable to: GHSA-3965-hpx2-q597
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-hxcc-f52p-wc94
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

4.6

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to liquidjs

liquidjs-loader

1.0.1

Webpack loader for liquidjs engine

@lionrockjs/adapter-view-liquidjs

0.0.17

The LionRockJS Web Platform support using LiquidJS

liquidjs-ov-money-filters

1.15.0

Money filters for liquidjs used by OnVoard

liquidjs-lib

6.0.2-liquid.36

Client-side Liquid JavaScript library

liquidjs

Installations

Pull Requests

1

293

33

259

Issues

4

370

366

Releases

Developer

Developer Guide

CommonJS, UMD

>=14

Yes

14.21.3

8.19.4

Statistics

Bundle Size

65.97 kB

19.31 kB

Languages

Total Downloads

49,412,909

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

liquidjs

What's it like?

Installation

Who's Using LiquidJS?

Financial Support

Contributors ✨

Stable Version

10.19.0

MODERATE

10

10

10

10

10

10

4

0

0

0

0

0

0

0

4.6

/10

Other packages similar to liquidjs