npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

async-template-literal-engine

v1.1.0

Published

Express-compatible template engine using ES6 template literals

Downloads

4

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

benzoicbenzoic

Keywords

Readme

async-template-literal-engine

This module is an express-compatible template engine built on top of ES6's native template literals. I created it due to some security concerns I had with the template-literal module, and ended up implementing several additional features. Template files are automatically cached when loaded, and are reloaded if the file's last modified time is changed.

NOTE: While this module does execute each template in its own V8 context and restricts access to many variables normally available in Node, it is not meant to run untrusted code. See https://nodejs.org/api/vm.html#vm-executing-javascript for more information.

Examples

Views

views/html.template

<!DOCTYPE html>
<html>
    <head>
        <title>async-template-literal example ${pageTitle}</title>
        <meta name="viewport" content="width=device-width, initial-scale=1.0">
        <style>
            body {margin: 20px;background: #e6e6ef;}
        </style>
        ${typeof head !== "undefined" ? head : ""}
    </head>
    <body>
        ${typeof body !== "undefined" ? body : ""}
    </body>
</html>

views/strings_english.template

${export_var("part1", "Hello, ")}
${export_var("part2", "!")}

views/hello.template

${set("strings", await import_vars(`strings_${lang}`))}
${await include("html", {
    pageTitle: "Hello",
    body: `${get("strings")["part1"]}${fname}${get("strings")["part2"]}`
})}
${log(`Here are the values of __template, __filename, and __dirname, respectively: ${__template}, ${__filename}, ${__dirname}`)}

views/error.template

Let's throw an error!
${(() => {
    throw new Error("whoops :/")
})()}

JavaScript

server.js

const express = require("express")
const path = require("path")
const templateEngine = require("async-template-literal-engine")

const template = templateEngine({
    logger: (...args) => console.log(...args) ?? "",
    inject: {
        lang: "english"
    }
})

const app = express()

app.engine("template", template)
app.set("views", path.join(__dirname, "views"))
app.set("view engine", "template")

app.get("/", (req, res) => {
    res.render("hello", {
        fname: "Jennifer"
    })
})

app.get("/error", (req, res) => {
    res.render("error")
})

app.listen(3000)

Visiting localhost:3000 should display a mostly blank html page with just the text "Hello, Jennifer!" visible and log some information to the console. Visiting localhost:3000/error should display an error trace in the browser and the console. Note that this is due to the error being correctly passed off to express, so you will likely want to use express' built in error handling features to prevent traces from being displayed in production. The error trace should look something like this:

Error: whoops :/
    at /srv/async-template-literal-engine/example/views/error.template:3:11
    at /srv/async-template-literal-engine/example/views/error.template:4:3
    at new Promise (<anonymous>)

Initialization

The module exports a single function which can be used to set up an instance of the template engine. This function takes a parameters object and returns a renderer function.

Parameters

{
    logger, //logging function that takes a string, default no-op
    extension, //the file extension for template files, default "template"
    views, //the directory to look for template files, default is the location of the require.main module
    inject, //object containing key-value pairs that will be globally available as variables to every template rendered by this instance, default {}
    timeout, //timeout in milliseconds for template rendering, default 10000
    preload //array of template names to load during initialization
}

Renderer

The returned renderer function takes 3 parameters: the express-compatible (path, options, callback). If callback is omitted the function will return a promises that either resolves with the rendered output or rejects with a rendering error. When called with express' res.render() options.settings["view engine"] will be used for the file extension and options.settings.views will be used for the location of template files, if they are set.

Template Globals

The following are available as globals in each template. Keep in mind that top-level await is available and in fact necessary to effectively use include() or import_vars().

async include(template, options) -> string

Renders the specified template with entries in options available as global variables.

set(key, value) -> ""

Sets a variable for the current template file that can later be retrieved with get(). Returns an empty string so that it can be used anywhere in a template file without adding unwanted output.

get(key) -> any

Retrieves a variable previously stored with set().

export_var(key, value) -> ""

Sets a variable that can be retrieved by another template with import_vars(). Returns an empty string so that it can be used anywhere in a template file without adding unwanted output.

async import_vars(template) -> object

Retrieves all exported variables from the specified template and returns them as an object of key-value pairs.

log(...args) -> any

This is the logger parameter specified during initialization of the template engine.

__template

The name of the template being rendered.

__filename

The full file path of the template being rendered.

__dirname

The full path to the directory in which the template being rendered is located.

Notes

  • Top-level await is available in templates, and it's necessary for effective use of include() or import_vars().
  • Every template is executed in its own V8 context, even templates included in other templates. Because of this they will not pollute each other's globals.
  • Even though every template is executed in its own context, the templates are still being directly executed by V8 so untrusted code should not be present in templates.
  • Thanks to Node's vm.Script functionality any template errors, including syntax errors, are handled transparently and returned to the renderer's callback if specified, otherwise they are thrown. Template files will be referenced in error traces as any JavaScript file would.

Differences compared to template-literal/express-tl

  • Templates are executed in their own V8 context, rather than with new Function(), in order to provide additional sandboxing.
  • Variables passed to the render function as entries in the options object appear as globals to the template, rather than as members of a single global variable (d in template-literal)
  • Templates are re-loaded if they are changed in the filesystem. This module and express-tl both automatically cache templates.
  • Top-level await is available in template files.
  • Error traces reference template files exactly like any other JavaScript file.
  • Additional features are present as globals (see the Template Globals section above).
  • express-tl is probably higher performance, but I haven't tested the 2 to compare.
  • If the size of your application is a concern, express-tl is definitely smaller.

Compatibility

This module requires the following features:

  • Promise
  • async/await
  • const
  • CommonJS module.exports
  • null-coalescing (??)
  • template literals
  • arrow functions

and the following modules:

  • fs/promises (builtin)
  • path (builtin)
  • vm (builtin)
  • event-loop-mutex