Package Health Score

79 / 100

security
No known security issues
popularity
Key ecosystem project
maintenance
Inactive
community
Active

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
1.29.0	\|	08/2022	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
1.28.0	\|	04/2022		0 C 0 H 0 M 0 L	0 H 0 M 0 L
0.0.1	\|	05/2015		0 C 4 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Yes

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Key ecosystem project

Weekly Downloads (6,750,439)

GitHub Stars: 11.61K
Forks: 1.3K
Contributors: 360

Direct Usage Popularity

The npm package prismjs receives a total of 6,750,439 downloads a week. As such, we scored prismjs popularity level to be Key ecosystem project.

Based on project statistics from the GitHub repository for the npm package prismjs, we found that it has been starred 11,611 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Active

Readme.md: Yes
Contributing.md: No
Code of Conduct: No
Contributors: 360
Funding: No

A good and healthy external contribution signal for prismjs project, which invites more than one hundred open source maintainers to collaborate on the repository.

We found a way for you to contribute to the project! Looks like prismjs is missing a Code of Conduct.

Embed Package Health Score Badge

Maintenance

Inactive

Commit Frequency

No Recent Commits

Open Issues: 297
Open PR: 50
Last Release: 1 year ago
Last Commit: 1 year ago

Further analysis of the maintenance status of prismjs based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

An important project maintenance signal to consider for prismjs is that it hasn't seen any new versions released to npm in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: >=6

Age: 8 years
Dependencies: 0 Direct
Versions: 40
Install Size: 2.05 MB
Dist-tags: 1
# of Files: 699
Maintainers: 8
TS Typings: Yes

prismjs has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Not sure how to use prismjs?

To help you get started, we've collected the most common ways that prismjs is being used within popular public projects.

tig / winprint / testfiles / generate-associations.js View on Github

// Imports file-extension to langauge mapping from both
// prismjs and lang-map and outputs a JSDON document that
// follows the vscode schema for extension mapping.
// PrismJS language definitions trump for my solution.
const fs = require('fs');
var map = require('lang-map');
var components = require('prismjs/components.js');

// vscode files.associations is not an array. Use a dictionary instead.
var assocDict = {};
var languages = [];

for (var key in components.languages) {
    if (components.languages.hasOwnProperty(key) && key != 'meta') {
        var language = components.languages[key];
        var langTemp = {
          id : key
        };
        langTemp.aliases = [];

        // vscode doesn't support title, but I want to use it
        if (typeof language.title != 'undefined')
            langTemp.title = language.title;

        if (typeof language.alias != 'undefined'){
            if (Array.isArray(language.alias)){
                langTemp.aliases = language.alias;
            }
            else{

View more ways to use prismjs

Prism

Prism is a lightweight, robust, and elegant syntax highlighting library. It's a spin-off project from Dabblet.

You can learn more on prismjs.com.

Why another syntax highlighter?

More themes for Prism!

Contribute to Prism!

Important Notice

We are currently working on Prism v2 and will only accept security-relevant PRs for the time being.

Once work on Prism v2 is sufficiently advanced, we will accept PRs again. This will be announced on our Discussion page and mentioned in the roadmap discussion.

Prism v1 contributing notes

Prism depends on community contributions to expand and cover a wider array of use cases. If you like it, consider giving back by sending a pull request. Here are a few tips:

Read the documentation. Prism was designed to be extensible.
Do not edit prism.js, it’s just the version of Prism used by the Prism website and is built automatically. Limit your changes to the unminified files in the components/ folder. prism.js and all minified files are generated by our build system (see below).
Use npm ci to install Prism's dependencies. Do not use npm install because it will cause non-deterministic builds.
The build system uses gulp to minify the files and build prism.js. With all of Prism's dependencies installed, you just need to run the command npm run build.
Please follow the code conventions used in the files already. For example, I use tabs for indentation and spaces for alignment. Opening braces are on the same line, closing braces on their own line regardless of construct. There is a space before the opening brace. etc etc.
Please try to err towards more smaller PRs rather than a few huge PRs. If a PR includes changes that I want to merge and also changes that I don't, handling it becomes difficult.
My time is very limited these days, so it might take a long time to review bigger PRs (small ones are usually merged very quickly), especially those modifying the Prism Core. This doesn't mean your PR is rejected.
If you contribute a new language definition, you will be responsible for handling bug reports about that language definition.
If you add a new language definition or plugin, you need to add it to components.json as well and rebuild Prism by running npm run build, so that it becomes available to the download build page. For new languages, please also add a few tests and an example in the examples/ folder.
Go to prism-themes if you want to add a new theme.

Thank you so much for contributing!!

Software requirements

Prism will run on almost any browser and Node.js version but you need the following software to contribute:

Node.js >= 10.x
npm >= 6.x

Translations

简体中文 (if unavailable, see here)

FAQs

What is prismjs?

Lightweight, robust, elegant syntax highlighting. A spin-off project from Dabblet. Visit Snyk Advisor to see a full health score report for prismjs, including popularity, security, maintenance & community analysis.

Is prismjs popular?

The npm package prismjs receives a total of 6,750,439 weekly downloads. As such, prismjs popularity was classified as a key ecosystem project. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is prismjs well maintained?

We found indications that prismjs is an Inactive project. See the full package health analysis to learn more about the package maintenance status.

Is prismjs safe to use?

The npm package prismjs was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 28 September-2023, at 01:49 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

prismjs

Lightweight, robust, elegant syntax highlighting. A spin-off project from Dabblet. For more information about how to use this package see README

Ensure you're using the healthiest npm packages

Package Health Score

Explore Similar Packages

Security

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Popularity

Weekly Downloads (6,750,439)

Direct Usage Popularity

Community

Embed Package Health Score Badge

Maintenance

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Package

Not sure how to use prismjs?

Prism

Contribute to Prism!

Important Notice

Software requirements

Translations

prismjs development dependencies

FAQs

What is prismjs?

Is prismjs popular?

Is prismjs well maintained?

Is prismjs safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Fix identified vulnerabilities

Monitor for new issues

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (6,750,439)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Not sure how to use prismjs?

Prism

Contribute to Prism!

Important Notice

Software requirements

Translations

prismjs development dependencies

FAQs

What is prismjs?

Is prismjs popular?

Is prismjs well maintained?

Is prismjs safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues