npmpackage.info

Gathering detailed insights and metrics for liquidjs

Other packages similar to liquidjs

liquidjs-lib

6.0.2-liquid.37

Client-side Liquid JavaScript library

@lionrockjs/adapter-view-liquidjs

0.0.39

The LionRockJS Web Platform support using LiquidJS

liquidjs-wrapper

1.0.33

A wrapper around LiquidJS to provide Shopify OS 2.0-like theme rendering capabilities.

@asoltys/liquidjs-lib

6.0.2-liquid.24

Client-side Liquid JavaScript library

Gathering detailed insights and metrics for liquidjs

liquidjs - 10.21.1 | npmpackage.info

liquidjs

A simple, expressive, safe and Shopify compatible template engine in pure JavaScript.

10.21.1

1,667

MIT

TypeScript

21.52 kB

63,235,513 4.4

Installations

npm install liquidjs

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS, UMD

Min. Node Version

>=14

Node Version

14.21.3

NPM Version

8.19.4 Score

98.6

Supply Chain

100

Quality

86.4

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

0

Total

311

Closed

33

Merged

278

Issues

Open

2

Total

382

Closed

380

Releases

154

v10.21.1

Updated on May 14, 2025

v10.21.0

Updated on Feb 23, 2025

v10.20.3

Updated on Feb 09, 2025

v10.20.2

Updated on Jan 19, 2025

v10.20.1

Updated on Jan 04, 2025

v10.20.0

Updated on Dec 28, 2024

View All 154 releases

Languages

TypeScript

JavaScript

Liquid

Shell

Handlebars

HTML

TypeScript (94.57%)

JavaScript (3.74%)

Liquid (0.79%)

Shell (0.59%)

Handlebars (0.3%)

HTML (0.01%)

Developer

harttle

Download Statistics

Total Downloads

63,235,513

Last Day

28,853

Last Week

593,219

Last Month

2,638,813

Last Year

24,907,374

GitHub Statistics

MIT License

1,667 Stars

1,231 Commits

248 Forks

25 Watchers

17 Branches

81 Contributors

Updated on Jul 02, 2025

Bundle Size

76.00 kB

Minified

21.52 kB

Minified + Gzipped

Bundlephobia

Sponsor this package

https://opencollective.com/liquidjs

Maintainers

View All 81 Contributors

Package Meta Information

Latest Version

10.21.1

Package Id

liquidjs@10.21.1

Unpacked Size

1.68 MB

Size

366.15 kB

File Count

159

NPM Version

8.19.4

Node Version

14.21.3

Published on

May 14, 2025

Total Downloads

Cumulative downloads

Total Downloads

63,235,513

liquidjs

A simple, expressive and safe Shopify / GitHub Pages compatible template engine in pure JavaScript. The purpose of this repo is to provide a standard Liquid implementation for the JavaScript community so that Jekyll sites, GitHub Pages and Shopify templates can be ported to Node.js without pain.

Documentation
Please star LiquidJS on GitHub!
Financial support via GitHub Sponsors.

What's it like?

Basically there're two types of Liquid syntax: tags enclosed by {% %} and outputs enclosed by {{ }}. A Liquid template looks like:

1{% if username %}
2  {{ username | append: ", welcome to LiquidJS!" | capitalize }}
3{% endif %}

A live demo is also available and here's a quick tutorial for Liquid syntax.

Installation

Install from npm in Node.js:

1npm install liquidjs

Or use the UMD bundle from jsDelivr:

1<script src="https://cdn.jsdelivr.net/npm/liquidjs/dist/liquid.browser.min.js"></script>

Or render directly from CLI using npx:

1npx liquidjs --template 'Hello, {{ name }}!' --context '{"name": "Snake"}'

For more details, refer to the Setup Guide.

Who's Using LiquidJS?

Eleventy: Eleventy, a simpler static site generator.
Github Docs: The open-source repo for docs.github.com.
Opensense: The smarter way to send email.
Directus: an instant REST+GraphQL API and intuitive no-code data collaboration app for any SQL database.
Semgrep: Lightweight static analysis for many languages.
Rock: An open source CMS, Relationship Management System (RMS) and Church Management System (ChMS) all rolled into one.
Mitosis: Write components once, run everywhere. Compiles to React, Vue, Qwik, Solid, Angular, Svelte, and more.
Pattern Lab: a frontend workshop environment that helps you build, view, test, and showcase your design system's UI components.
Builder.io: the first and only headless CMS with a visual editor that lets you drag and drop with your components, directly within your current site or app. Completely API-driven, for cleaner code and simpler workflows.
Microsoft Power Pages: a secure, enterprise-grade, low-code software as a service (SaaS) platform for creating, hosting, and administering modern external-facing business websites.
Azure API Management developer portal: an automatically generated, fully customizable website with the documentation of your APIs.
WISMOlabs: Post Purchase Experience platform for eCommerce retailers enhancing customer satisfaction by using LiquidJS to provide customizable post-purchase experiences through programmable email, SMS, order tracking pages, and webhooks.

Feel free to create a PR or contact me to add your use case into this list!

Financial Support

If you personally love LiquidJS or it's benefiting your business, please consider financially support us via GitHub Sponsors. Special thanks to our sponsors!

_Opensense	_Eleventy	_{Peter deHaan}	_Touchless	_Dropkiq	_{Dailycontributors}	_{Serkan Holat}
_amit777	_{Khaled Salem}	_Sentry	_{Checkout Blocks}	_{Customer IO}	_{Emmanuel Cartelli}	_Microsoft
_PakStyle.pk	_{Syntax Podcast}	_{Cartelli Emmanuel}	_EscortA.com	_Chudovo

Contributors ✨

Want to contribute? see Contribution Guidelines. Thanks goes to these wonderful people:

_{Jun Yang} 🚧 💻	_chenos 💻	_{Zach Leatherman} 🐛	_{Tim Hardy} 💻	_{Paul Robert Lloyd} 💻 🐛	_{Alec Larson} 💻	_{Patrick Malouin} 💻 📖
_jaswrks 💻	_三三 💻 🤔	_ssendev 💻 📖	_wojtask9 💻	_{Andrew Barclay} 💻	_{Cory Mawhorter} 💻	_{Mehdi Jaffery} 💻
_{Robin Bijlani} 💻 🐛	_{Ryan Kennedy} 💻	_{Sami Kukkonen} 💻	_{Scott Santucci} 💻	_Steven 💡 💻	_azu 📖	_Joonas 💻
_{Jamel A.} 💻	_{Brandon Pittman} 💻	_tgrandgent 💻	_{Martin Schuster} 💻	_Ray ⚠️ 💻	_{Cristofer Gonzales} 💻	_{Raymond Camden} 📖
_{Steve Stedman} 📖	_{Anthony Ciccarello} 📖	_{Bogdan Chadkin} 💻	_{Tejas Manohar} 💻	_{Peter deHaan} 📖	_amit777 💻	_{Steffen Schuldenzucker} 💻
_Pixcell 💻	_{Jason Etcovitch} 💻	_ZC 📖	_{Memmie Lenglet} 💻	_ilhamdev0 📖	_{一饮一啄皆是人生} 📖	_{Amit Agarwal} 📖
_{Laurin Quast} 💻	_{Matt Vague} 💻	_{Liam Bigelow} 💻	_{Jason Kurian} 📖	_{d pham (they/them)} 📖	_{Aleksandr Hovhannisyan} 💻	_jg-rp 💻
_{Ameya Apte} 💻	_tbdrz 📖	_{Santi Albo} 📖 💻	_{Yahang Wu} 📖	_hongl 📖	_zxx-457 📖	_prassie 📖
_{Slav Ivanov} 💻	_{Daniel Rosenberg} 💻	_bobgubko 💻	_BaNgan 📖	_{Mahyar Pasarzangene} 📖	_{Tomáš Hübelbauer} 💻 📖	_{Jason Garber} 💻
_{Nick Reilingh} 📖	_{Francisco Soto} 💻	_{David LJ} 📖	_{Rasmus Wriedt Larsen} 📖	_{Bruno Carvalho} 💻	_傅鹏 💻	_{Joel Hamilton} 💻
_{Max Medve} 💻	_{Cosmin Popovici} 📖	_{Adam Tanner} 💻	_{Guillermo Casal Caro} 💻	_{Josh Soref} 📖	_Koen 💻	_{Matthieu Bacconnier} 📖
_{Tim van Dam} 💻	_{Ed Hanton} 📖	_{Vlad GURDIGA} 📖

Moderate

5.3/10

Summary

liquidjs may leak properties of a prototype

Affected Versions

< 10.0.0

Patched Versions

10.0.0

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

5

Maintained

Determines if the project is "actively maintained".

4

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 4

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/coverage.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/coverage.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/coverage.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/coverage.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/docs.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/docs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/performance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/performance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/performance.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/performance.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-check.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/pr-check.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/harttle/liquidjs/test.yml/master?enable=pin
Info: 0 out of 28 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 3 third-party GitHubAction dependencies pinned
Info: 7 out of 7 npmCommand dependencies pinned

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

59 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-2rq5-699j-x7p6
Warn: Project is vulnerable to: GHSA-c9f4-xj24-8jqx
Warn: Project is vulnerable to: GHSA-jc84-3g44-wf2q
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-45rm-2893-5f49
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
Warn: Project is vulnerable to: GHSA-x574-m823-4x7w
Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8
Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x
Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
Warn: Project is vulnerable to: GHSA-9crc-q9x8-hgqq
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-wx77-rp39-c6vg
Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-x77j-w7wf-fjmw
Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
Warn: Project is vulnerable to: GHSA-3965-hpx2-q597
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-hxcc-f52p-wc94
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

4.4

/10

Last Scanned on 2025-06-30

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to liquidjs

Other packages similar to liquidjs

liquidjs

Installations

Developer Guide

Yes

CommonJS, UMD

>=14

14.21.3

8.19.4

Score

Pull Requests

0

311

33

278

Issues

2

382

380

Releases

Languages

Developer

Download Statistics

GitHub Statistics

Bundle Size

76.00 kB

21.52 kB

Sponsor this package

Maintainers

Package Meta Information

Total Downloads

63,235,513

Dependencies

Dev Dependencies

liquidjs

What's it like?

Installation

Who's Using LiquidJS?

Financial Support

Contributors ✨

10

10

10

10

10

5

4

2

0

0

0

0

0

0

4.4

/10

Weekly Downloads

Monthly Downloads

Yearly Downloads