npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

mustache-validator

v0.2.0

Published

[Mustache](https://www.npmjs.com/package/mustache) doesn't validate the data used in templates which means there is a low amount of safety when the data is managed/defined in another place or there are typos, e.g. for the following:

Downloads

2,061

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

eliasm307eliasm307

Keywords

mustache

Readme

Mustache Validator

Why?

Mustache doesn't validate the data used in templates which means there is a low amount of safety when the data is managed/defined in another place or there are typos, e.g. for the following:

Mustache.render("Hello, {{subject.name}}!", { subject });

The shape of subject is defined somewhere else and could change for any reason, which would break the template, but Mustache wont complain.

Unless there are tests to validate every template, there are risks that code changes could silently break templates.

This could be problematic and the aim of this package is to add data validation to Mustache template rendering.

Why doesn't Mustache have this functionality built in?

Good question, there is an open issue here from 2016 and it doesn't look like its going to be added. This package will be deprecated if that ever happens.

How it works

The aim of this is to add validation, however there should be no effect to how Mustache works and minimal effects to performance. Validation in this case means making sure properties used in templates exist in the relevant data objects, where null/undefined are valid values. If a property with the same name does not exist in the object then this is invalid.

To achieve this, the package aims to add proxies to the data objects, such that when a property is accessed its up to the object to decide whether it is valid or not.

This means the data validation is lazy and the template parsing is done once.

Installation

npm i mustache-validator

or

yarn add mustache-validator

Usage

The package exports a function which should be given the template data and produces a proxied version of the data, e.g.:

import proxyData from "mustache-validator";
Mustache.render("Hello, {{subject.name}}!", proxyData({ subject }));

This will throw an error if the data is misused in the template.

If you dont want a hard error, there is an option to customise what happens instead, e.g.:

import proxyData from "mustache-validator";
Mustache.render(
  "Hello, {{subject.name}}!",
  proxyData(
    { subject },
    {
      handleError: (invalidPropertyPathSegments) => {
        console.warn(`Invalid Mustache property: ${invalidPropertyPathSegments.join(".")}`);
      },
    },
  ),
);

Limitations

Invalid primitive value usages cant be validated

Since this relies on proxies, which can only be applied to objects, it means misuse of primitive values can't be validated. For example the following wouldn't cause a validation issue:

Mustache.render("Hello, {{subject.name}}!", { subject: "value" });