Programatic document generation as a HTTP service. Render PDFs using LaTeX templates and JSON.

LaTTe

Docker Pulls

Generate PDFs using LaTeX templates and JSON.

Try out the demo!

Find LaTTe on Docker Hub

Table of Contents

About

LaTTe helps you generate professional looking PDFs by using your .tex files as templates and filling in the details with JSON. Under the hood, it uses pdfTeX / pdfLaTeX to create a PDF from a .tex file that has been filled in using Go's templating package.

LaTTe has two modes of operation:

Obtaining LaTTe

You can download the source code for LaTTe by running git clone github.com/raphaelreyna/latte in your terminal. LaTTe can then be easily compiled by running go build ./cmd/latte. If you wish to build LaTTe with support for PostreSQL, simply run go build -tags postgresql instead. More info on persistent storage support

LaTTe is also available via several docker images; running docker run --rm -d -p 27182:27182 raphaelreyna/latte will leave you with a basic version of LaTTe running as a an HTTP service. More info on Docker images

Running & Using LaTTe

HTTP Service

LaTTe will run as an HTTP service by default; running latte in your terminal will have LaTTe listening for HTTP traffic on port 27182 by default. All configurations are done through environment variables.

Environment Variables

PORT

The port that LaTTe will bind to. The default value is 27182.

LATTE_ROOT

The directory that LaTTe will use to store all of its files. The default value is the users cache directory.

LATTE_DB_HOST

The address where LaTTe can reach its database (assuming LaTTe was compiled with database support).

LATTE_DB_PORT

The the port that LaTTe will use when connecting to its database (assuming LaTTe was compiled with database support).

LATTE_DB_USERNAME

The username that LaTTe will use to connect to its database (assuming LaTTe was compiled with database support).

LATTE_DB_PASSWORD

The password that LaTTe will use to connect to its database (assuming LaTTe was compiled with database support).

LATTE_DB_SSL

Dictates if the database that LaTTe will use is using SSL; acceptable values are required and disable (assuming LaTTe was compiled with database support).

LATTE_TMPL_CACHE_SIZE

How many templates LaTTe will keep cached in memory. (defaults to 15)

Registering a file

Files are registered by sending an HTTP POST request to the endpoint "/register" with a JSON body of the form:

{
	"id": "WHATEVER_NAME_YOU_WANT"
	"data": "BASE_64_ENCODED_STRING"
}

Generating PDFs

LaTTe can genarate PDF's from both registered and unregistered resources, templates and json files (which LaTTe calls 'details'). A resource is any kind of file used in compiling the .tex file into a PDF (e.g. images); a template is any valid .tex file.

A registered file is one that has been stored either to LaTTe's local disk and/or to some database (currently only PostgreSQL is supported). Registered files are referenced by an ID. When generating a PDF, all references to registered files are made in the URL of the request; unregistered files are provided as base 64 encoded strings in a JSON body.

LaTTe also allows for users to define how missing template keys should be handled through the "onMissingKey" field in the requests JSON body or URL. Valid options for "onMissingKey" are: "error" for when LaTTe should return with a "Bad Request" HTTP status, "zero" for when LaTTe should use the field types zero value ("" for strings, false for booleans, 0 for numerics, etc.).

PDF's are generated by sending an HTTP POST request to the endpoint "/generate" with a JSON body of the form (if using unregisted files):

{
	"template": "BASE_64_ENCODED_STRING",
	"resources": {
		"FILE_NAME": "BASE_64_ENCODED_STRING"
		},
	"details": { SOME_OBJECT_DESCRIBING_YOUR_SUBSTITUTIONS },
	"delimiters": { "left": "LEFT_DELIMITER", "right": "RIGHT_DELIMITER" },
   	"onMissingKey": "error" | "zero" | "nothing",
	"compiler": "latexmk" | "pdflatex",
	"count": 1 | 2 | 3 | ...
}

If you wish to also use registered files, you may reference them in the URL:

http://localhost:27182/generate?tmpl=TEMPALATE_ID&rsc="RESOURCE_ID&rsc="SOME_OTHER_RESOURCE_ID"&dtls="DETAILS_ID"&onMissingKey="error|zero|nothing"

If you provide both a reference to a file and include it in the JSON body, the file you sent in the body will be used.

Example: Generating a PDF from unregistered files

Here we demonstrate how to generate a PDF of the Pythagorean theorem, after substituting variables a, b & c for x, y & z respectively.

We create our .tex template file pythagorean_template.tex:

\documentclass{article}
\title{LaTTe Sample Document}
\begin{document}
\maketitle
The Pythagorean Theorem: 
$ #!.a!# ^ 2 + #!.b!# ^ 2 = #!.c!# ^ 2 $
\end{document}

The template .tex file should be a template that follows Go's templating syntax. LaTTe by default uses #! and !# as the left and right delimeters, respectively, in the .tex template file; however custom delimiters are supported. As required by pdfLaTeX, all files must start with the character "".

We then convert it to base 64:

$ cat pythagorean_template.tex | base64

which gives the output:

XGRvY3VtZW50Y2xhc3N7YXJ0aWNsZX0KXHRpdGxle0xhVFRlIFNhbXBsZSBEb2N1bWVudH0KXGJlZ2lue2RvY3VtZW50fQpcbWFrZXRpdGxlClRoZSBQeXRoYWdvcmVhbiBUaGVvcmVtOiAKJCAjIS5hISMgXiAyICsgIyEuYiEjIF4gMiA9ICMhLmMhIyBeIDIgJApcZW5ke2RvY3VtZW50fQo=

We then send this to LaTTe:

$ curl \
-X POST \
-H "Content-Type: application/json" \
-d '{"template":"XGRvY3VtZW50Y2xhc3N7YXJ0aWNsZX0KXHRpdGxle0xhVFRlIFNhbXBsZSBEb2N1bWVudH0KXGJlZ2lue2RvY3VtZW50fQpcbWFrZXRpdGxlClRoZSBQeXRoYWdvcmVhbiBUaGVvcmVtOiAKJCAjIS5hISMgXiAyICsgIyEuYiEjIF4gMiA9ICMhLmMhIyBeIDIgJApcZW5ke2RvY3VtZW50fQo=", "details": { "a": "x", "b": "y", "c": "z" } }' \
--output pythagorean.pdf "http://localhost:27182/generate"

which leaves us with the file pythagorean.pdf (the image below is a cropped screenshot of pythagorean.pdf): pythagorean_pdf

CLI

LaTTe offers a CLI to quickly and easily generate templated PDFs using the files on your computer.

Usage: latte [ -t template_tex_file ] [ -d details_json_file ] [ path/to/resources ]

Description: Generate PDFs using TeX / LaTeX templates and JSON.


Flags:
  -t Path to .tex file to be used as the template.

  -d Path to .json file to be used as the details to fill in to the tamplate.
  
Other:
    The final argument is optional and should be a path to resources needed for compilation.
    Resources are any files that are referenced in the .tex file such as image files.

Extending LaTTe

Adding databases / persistent store drivers

LaTTe can easily be extended to support using various databases and other storage solutions. To have LaTTe use your persistent storage solution of choice, simply create a struct that satisfies the DB interface:

type DB interface {
	// Store should be capable of storing a given []byte or contents of an io.ReadCloser
	Store(ctx context.Context, uid string, i interface{}) error
	// Fetch should return either a []byte, or io.ReadCloser.
	// If the requested resource could not be found, error should be of type NotFoundError
	Fetch(ctx context.Context, uid string) (interface{}, error)
	// Ping should check if the databases is reachable.
  	// If it is, the return error should be nil and non-nil otherwise.
	Ping(ctx context.Context) error
}

Docker Images

Image Tags

There are several LaTTe images available to serve a wide range of needs, and they all follow the same tagging convention:

	latte:<VERSION>-[pg]-<base/full>

where <VERSION> denotes the latte version, [pg] if present denotes Postgres support, and <base/full> denotes the presence of either texlive-full or texlive-base.

Currently Supported Tags

The currently supported tags for LaTTe are:

v0.10.2-base
v0.10.2-pg-base
latest, v0.10.2-full
v0.10.2-pg-base

Image size

LaTTe relies on pdflatex in order to actually create the PDF files. Unfortunately, this means that image sizes can be rather large (a full texlive installation is around 4GB). The build script in the build directory makes it easy to create custom sized images of LaTTe to fit your needs.

Building Custom Images

LaTTe comes with a build script, build/build.sh, which makes it easy to build LaTTe images with custom Go build flags and tex packages.

Usage: build.sh [-h] [-s] [-b build_tag] [-p latex_package] [-t image_tag]
		[-d descriptor] [-H host_name] [-u user_name]

Description: build.sh parametrically builds and tags Docker images for Latte.
             The tag used for the image follows the template bellow:
                 host_name/user_name/image_name:image_tag-descriptor

Flags:
  -b Build tags to be passed to the Go compiler.

  -d Descriptor to be used when tagging the built image.

  -h Show this help text.

  -p LaTeX package to install, must be available in default Ubuntu repos.
     (default: texlive-base)

  -s Skip the image building stage. The generated Dockerfile will be sent to std out.

  -t Tag the Docker image.
     The image will be tagged with the current git tag if this flag is omitted.
     If no git tag is found, we default to using 'latest' as the image tag.

  -u Username to be used when tagging the built image.
     (default: raphaelreyna)

  -H Hostname to be used when tagging the built image.

  -y Do not ask to confirm image tab before building image.

Contributing

Contributions are welcome!

Roadmap

  • ✔️ Registering templates and resources.
  • Add support for AWS S3, PostrgeSQL, and possibly other forms of persistent storage.
  • ✔️ CLI tool.
  • Add support for building PDFs from multiple LaTeX files.
  • Whatever else comes up
Owner
Raphael Reyna
Works best in a *NIX environment.
Raphael Reyna
Comments
  • Feature proposal - multiple compilations of the same document

    Feature proposal - multiple compilations of the same document

    TL;DR

    • Allow an option to force multiple consecutive compilations of the same document for compatibility with all the packages that make use of the aux files (eg. tikz)
    • I am willing to delve into the codebase and attempt a PR on the subject

    As with any open source project I'd like to hear an opinion on [1] if the idea is of @raphaelreyna interest and [2] if this is the case how to proceed.

    For the purpose, at the moment, I've brainstormed two paths:

    • An option to manually specify how many compile to perform
      • For the CLI it could be a flag
      • For the server a JSON key
    • Use latexmk

    The first path IMHO is the easiest as it would imply to repeat compile N times by wrapping it in a for loop.

    The second path, while it seems to be more efficient as it automagically takes in account the iteration to perform it could have unpleasant surprises that would arise with time.


    Personally I'd lean towards the first option, LaTTe after all is a tool thought for one template injected with different details each time. I don't see it as a tool meant for documents with bibliographies for instance. So the less impactful approach is better IMHO.

    Personal thoughts: this idea comes from a personal need, I use the dapper-invoice latex template to make invoices, being a freelancer software developer myself I already have tools to log my work time and I thought it would be awesome to partially automate the invoice making by separating the template form the data itself. However, the latex document needs to be compiled a couple of times for a proper rendering of its elements.

  • Can't make Pythagorean example work

    Can't make Pythagorean example work

    I cloned the repo and used go run to build up the server. Then I tried to reproduce your example with curl, resulting in a file that cannot be opened by a PDF viewer since it has the format "text/plain". The content of the file was the error message "invalid character '\' looking for beginning of object key string".

    Do you have an idea of what I might be doing wrong?

    Another problem is that I did not manage to use Golang to properly handle the http post request (replacing curl). I tried to copy the contents of response.Body into a file using io.Copy, but it didn't work. Maybe you have some suggestions.

    i am quite new to this topic, so please be gentle with me if the questions/problems are very stupid...

  • Default self-contained database?

    Default self-contained database?

    The DB interface looks perfect for an embedded key/value store like badger or bbolt. Any plans to make latte self-contained with a default on-disk, memory-only, or embedded database implementation?

    Some pseudocode:

    type MemoryDB struct {
    	docs map[string]interface{}
    }
    
    
    // Store should be capable of storing a given []byte or contents of an io.ReadCloser
    func (db *MemoryDB) Store(ctx context.Context, uid string, i interface{}) error {
    	db.docs[uid] = i
    	return nil
    }
    
    // Fetch should return either a []byte, or io.ReadCloser.
    // If the requested resource could not be found, error should be of type NotFoundError
    func (db *MemoryDB) Fetch(ctx context.Context, uid string) (interface{}, error) {
    	if v, ok := db.docs[uid]; ok {
    		return v, nil
    	}
    	return nil, NotFoundError{}
    }
    
    // Ping should check if the databases is reachable, if return error should be nil and non-nil otherwise.
    func (db *MemoryDB) Ping(ctx context.Context) error {
    	return nil
    }
    
  • Feature request\Help support on iterating over an array of objects

    Feature request\Help support on iterating over an array of objects

    I'd like to use LATTE to generate some PDFs which include some tables with fixed headers but a dynamic number of rows.

    Currently, the template substitution is 1 on 1, is there a way to repeat a block of code N times over a slice?

    Is there anything you would suggest to look into to achieve this feature? I'm currently browsing for ways to iterate over data in latex but I doubt it's the best performant way.

  • Bump url-parse from 1.4.7 to 1.5.7 in /docs

    Bump url-parse from 1.4.7 to 1.5.7 in /docs

    Bumps url-parse from 1.4.7 to 1.5.7.

    Commits
    • 8b3f5f2 1.5.7
    • ef45a13 [fix] Readd the empty userinfo to url.href (#226)
    • 88df234 [doc] Add soft deprecation notice
    • 78e9f2f [security] Fix nits
    • e6fa434 [security] Add credits for incorrect handling of userinfo vulnerability
    • 4c9fa23 1.5.6
    • 7b0b8a6 Merge pull request #223 from unshiftio/fix/at-sign-handling-in-userinfo
    • e4a5807 1.5.5
    • 193b44b [minor] Simplify whitespace regex
    • 319851b [fix] Remove CR, HT, and LF
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump follow-redirects from 1.10.0 to 1.14.7 in /docs

    Bump follow-redirects from 1.10.0 to 1.14.7 in /docs

    Bumps follow-redirects from 1.10.0 to 1.14.7.

    Commits
    • 2ede36d Release version 1.14.7 of the npm package.
    • 8b347cb Drop Cookie header across domains.
    • 6f5029a Release version 1.14.6 of the npm package.
    • af706be Ignore null headers.
    • d01ab7a Release version 1.14.5 of the npm package.
    • 40052ea Make compatible with Node 17.
    • 86f7572 Fix: clear internal timer on request abort to avoid leakage
    • 2e1eaf0 Keep Authorization header on subdomain redirects.
    • 2ad9e82 Carry over Host header on relative redirects (#172)
    • 77e2a58 Release version 1.14.4 of the npm package.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump url-parse from 1.4.7 to 1.5.3 in /docs

    Bump url-parse from 1.4.7 to 1.5.3 in /docs

    Bumps url-parse from 1.4.7 to 1.5.3.

    Commits
    • ad44493 [dist] 1.5.3
    • c798461 [fix] Fix host parsing for file URLs (#210)
    • 201034b [dist] 1.5.2
    • 2d9ac2c [fix] Sanitize only special URLs (#209)
    • fb128af [fix] Use 'null' as origin for non special URLs
    • fed6d9e [fix] Add a leading slash only if the URL is special
    • 94872e7 [fix] Do not incorrectly set the slashes property to true
    • 81ab967 [fix] Ignore slashes after the protocol for special URLs
    • ee22050 [ci] Use GitHub Actions
    • d2979b5 [fix] Special case the file: protocol (#204)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump url-parse from 1.4.7 to 1.5.1 in /docs

    Bump url-parse from 1.4.7 to 1.5.1 in /docs

    Bumps url-parse from 1.4.7 to 1.5.1.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Custom CLS as a registered resource - resource not found when generating

    Custom CLS as a registered resource - resource not found when generating

    I've tried to register a custom CLS file as a resource, however when attempting to generate a document with it, I receive the error "resource with --id-- not found".

    I'm unsure this is a bug, the documentation always refer to resources as files as resources to use inside the document while a cls is called in the \documentclass part of a .tex file.

    If this is the intended behavior I'd like to explore further how to provide a custom cls otherwise it might indeed be a bug.

  • Rewrite

    Rewrite

    Before, all of the logic for sourcing needed files to symlink into the compilation dir for the LaTeX engine was contained in a single http.HandlerFunc.

    That logic has mostly been abstracted away into a new repo go-recon; it's a lot easier to write tests now. Good stuff.

  • Bump ini from 1.3.5 to 1.3.8 in /docs

    Bump ini from 1.3.5 to 1.3.8 in /docs

    Bumps ini from 1.3.5 to 1.3.8.

    Commits
    • a2c5da8 1.3.8
    • af5c6bb Do not use Object.create(null)
    • 8b648a1 don't test where our devdeps don't even work
    • c74c8af 1.3.7
    • 024b8b5 update deps, add linting
    • 032fbaf Use Object.create(null) to avoid default object property hazards
    • 2da9039 1.3.6
    • cfea636 better git push script, before publish instead of after
    • 56d2805 do not allow invalid hazardous string as section name
    • See full diff in compare view
    Maintainer changes

    This version was pushed to npm by isaacs, a new releaser for ini since your current version.


    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump json5 from 1.0.1 to 1.0.2 in /docs

    Bump json5 from 1.0.1 to 1.0.2 in /docs

    Bumps json5 from 1.0.1 to 1.0.2.

    Release notes

    Sourced from json5's releases.

    v1.0.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
    Changelog

    Sourced from json5's changelog.

    Unreleased [code, diff]

    v2.2.3 [code, diff]

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

    v2.1.2 [code, diff]

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump express from 4.17.1 to 4.18.2 in /docs

    Bump express from 4.17.1 to 4.18.2 in /docs

    Bumps express from 4.17.1 to 4.18.2.

    Release notes

    Sourced from express's releases.

    4.18.2

    4.18.1

    • Fix hanging on large stack of sync routes

    4.18.0

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.18.2 / 2022-10-08

    4.18.1 / 2022-04-29

    • Fix hanging on large stack of sync routes

    4.18.0 / 2022-04-25

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump qs and express in /docs

    Bump qs and express in /docs

    Bumps qs and express. These dependencies needed to be updated together. Updates qs from 6.7.0 to 6.11.0

    Changelog

    Sourced from qs's changelog.

    6.11.0

    • [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)
    • [readme] fix version badge

    6.10.5

    • [Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

    6.10.4

    • [Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
    • [meta] use npmignore to autogenerate an npmignore file
    • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

    6.10.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [actions] reuse common workflows
    • [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

    6.10.2

    • [Fix] stringify: actually fix cyclic references (#426)
    • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] add note and links for coercing primitive values (#408)
    • [actions] update codecov uploader
    • [actions] update workflows
    • [Tests] clean up stringify tests slightly
    • [Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

    6.10.1

    • [Fix] stringify: avoid exception on repeated object values (#402)

    6.10.0

    • [New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
    • [New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
    • [meta] fix README.md (#399)
    • [meta] only run npm run dist in publish, not install
    • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
    • [Tests] fix tests on node v0.6
    • [Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
    • [Tests] Revert "[meta] ignore eclint transitive audit warning"

    6.9.7

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] add note and links for coercing primitive values (#408)
    • [Tests] clean up stringify tests slightly
    • [meta] fix README.md (#399)
    • Revert "[meta] ignore eclint transitive audit warning"

    ... (truncated)

    Commits
    • 56763c1 v6.11.0
    • ddd3e29 [readme] fix version badge
    • c313472 [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option
    • 95bc018 v6.10.5
    • 0e903c0 [Fix] stringify: with arrayFormat: comma, properly include an explicit `[...
    • ba9703c v6.10.4
    • 4e44019 [Fix] stringify: with arrayFormat: comma, include an explicit [] on a s...
    • 113b990 [Dev Deps] update object-inspect
    • c77f38f [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, tape
    • 2cf45b2 [meta] use npmignore to autogenerate an npmignore file
    • Additional commits viewable in compare view

    Updates express from 4.17.1 to 4.18.2

    Release notes

    Sourced from express's releases.

    4.18.2

    4.18.1

    • Fix hanging on large stack of sync routes

    4.18.0

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.18.2 / 2022-10-08

    4.18.1 / 2022-04-29

    • Fix hanging on large stack of sync routes

    4.18.0 / 2022-04-25

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump decode-uri-component from 0.2.0 to 0.2.2 in /docs

    Bump decode-uri-component from 0.2.0 to 0.2.2 in /docs

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump loader-utils and webpack-cli in /docs

    Bump loader-utils and webpack-cli in /docs

    Bumps loader-utils to 1.4.2 and updates ancestor dependency webpack-cli. These dependencies need to be updated together.

    Updates loader-utils from 1.4.0 to 1.4.2

    Release notes

    Sourced from loader-utils's releases.

    v1.4.2

    1.4.2 (2022-11-11)

    Bug Fixes

    v1.4.1

    1.4.1 (2022-11-07)

    Bug Fixes

    Changelog

    Sourced from loader-utils's changelog.

    1.4.2 (2022-11-11)

    Bug Fixes

    1.4.1 (2022-11-07)

    Bug Fixes

    Commits

    Updates webpack-cli from 3.3.11 to 3.3.12

    Changelog

    Sourced from webpack-cli's changelog.

    3.3.12 (2020-06-03)

    Full Changelog

    Commits
    Maintainer changes

    This version was pushed to npm by evilebottnawi, a new releaser for webpack-cli since your current version.


    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump terser from 4.6.6 to 4.8.1 in /docs

    Bump terser from 4.6.6 to 4.8.1 in /docs

    Bumps terser from 4.6.6 to 4.8.1.

    Changelog

    Sourced from terser's changelog.

    v4.8.1 (backport)

    • Security fix for RegExps that should not be evaluated (regexp DDOS)

    v4.8.0

    • Support for numeric separators (million = 1_000_000) was added.
    • Assigning properties to a class is now assumed to be pure.
    • Fixed bug where yield wasn't considered a valid property key in generators.

    v4.7.0

    • A bug was fixed where an arrow function would have the wrong size
    • arguments object is now considered safe to retrieve properties from (useful for length, or 0) even when pure_getters is not set.
    • Fixed erroneous const declarations without value (which is invalid) in some corner cases when using collapse_vars.

    v4.6.13

    • Fixed issue where ES5 object properties were being turned into ES6 object properties due to more lax unicode rules.
    • Fixed parsing of BigInt with lowercase e in them.

    v4.6.12

    • Fixed subtree comparison code, making it see that [1,[2, 3]] is different from [1, 2, [3]]
    • Printing of unicode identifiers has been improved

    v4.6.11

    • Read unused classes' properties and method keys, to figure out if they use other variables.
    • Prevent inlining into block scopes when there are name collisions
    • Functions are no longer inlined into parameter defaults, because they live in their own special scope.
    • When inlining identity functions, take into account the fact they may be used to drop this in function calls.
    • Nullish coalescing operator (x ?? y), plus basic optimization for it.
    • Template literals in binary expressions such as + have been further optimized

    v4.6.10

    • Do not use reduce_vars when classes are present

    v4.6.9

    • Check if block scopes actually exist in blocks

    v4.6.8

    • Take into account "executed bits" of classes like static properties or computed keys, when checking if a class evaluation might throw or have side effects.

    v4.6.7

    • Some new performance gains through a AST_Node.size() method which measures a node's source code length without printing it to a string first.

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

Go implementation for Soy templates (Google Closure templates)

soy Go implementation for Soy templates aka Google Closure Templates. See godoc for more details and usage examples. This project requires Go 1.12 or

Dec 1, 2022
Universal JSON, BSON, YAML, CSV, XML converter with templates
Universal JSON, BSON, YAML, CSV, XML converter with templates

Universal JSON, BSON, YAML, CSV, XML translator to ANY format using templates Key features Various input formats (json, bson, yaml, csv, xml) Flexible

Dec 11, 2022
Callable Ajax / http requests inside Golang templates

jaco Callable Ajax / http requests inside Golang templates Examples Examples #1 {{ define "content" }} <div id="myTodos"></div> <script>

Dec 5, 2021
Useful template functions for Go templates.

Sprig: Template functions for Go templates The Go language comes with a built-in template language, but not very many template functions. Sprig is a l

Jan 4, 2023
Go templates invoked as functions

Package tmplfunc provides an extension of Go templates in which templates can be invoked as if they were functions. See the package documentation for

Dec 22, 2022
"to be defined" - a really simple way to create text templates with placeholders

tbd "to be defined" A really simple way to create text templates with placeholders. This tool is deliberately simple and trivial, no advanced features

Sep 27, 2022
Allows you to fill in variables in your custom project templates.

go-templater The best project templater go-templater lets you use any project template you want and replace the variables with values from the config.

Nov 6, 2021
A PDF document generator with high level support for text, drawing and images
A PDF document generator with high level support for text, drawing and images

GoFPDF document generator Package gofpdf implements a PDF document generator with high level support for text, drawing and images. Features UTF-8 supp

Dec 28, 2022
⚗ The most advanced CLI template on earth! Featuring automatic releases, website generation and a custom CI-System out of the box.
⚗ The most advanced CLI template on earth! Featuring automatic releases, website generation and a custom CI-System out of the box.

cli-template ✨ ⚗ A template for beautiful, modern, cross-platform compatible CLI tools written with Go! Getting Started | Wiki This template features

Dec 4, 2022
Golang Service Template

Golang Service Template Golang back-end service template. Using this template, you can get started with back-end projects quickly. Web Framework ORM D

Jun 8, 2022
Api-go-template - A simple Go API template that uses a controller-service based model to build its routes

api-go-template This is a simple Go API template that uses a controller-service

Feb 18, 2022
A template to build dynamic web apps quickly using Go, html/template and javascript
A template to build dynamic web apps quickly using Go, html/template and javascript

gomodest-template A modest template to build dynamic web apps in Go, HTML and sprinkles and spots of javascript. Why ? Build dynamic websites using th

Dec 29, 2022
Clean Architecture using Golang.
Clean Architecture using Golang.

Golang Template Description This is an example of implementation of Clean Architecture in Go (Golang) projects. Rule of Clean Architecture by Uncle Bo

Nov 1, 2022
Template for advanced Telegram bots using telebot.v3

Telebot Template $ git clone https://github.com/massbots/template . $ chmod +x init.sh; ./init.sh NOTE The script will delete itself after the configu

Dec 30, 2022
Template for Golang rest API using Fiber

Rest API Setup DB sudo -S docker-compose -f db.yml up -d Build container sudo -S docker build -t rest-api-image . Run container from image sudo -S doc

Dec 5, 2021
A simple template using Fiber for me to bootstrap API services quickly.

Fiber Template A simple template using Fiber for me to bootstrap API services quickly. Features Fiber GORM air for hot reloading ... and possibly more

Dec 16, 2021
Article spinning and spintax/spinning syntax engine written in Go, useful for A/B, testing pieces of text/articles and creating more natural conversations

GoSpin Article spinning and spintax/spinning syntax engine written in Go, useful for A/B, testing pieces of text/articles and creating more natural co

Dec 22, 2022
Amber is an elegant templating engine for Go Programming Language, inspired from HAML and Jade

amber Notice While Amber is perfectly fine and stable to use, I've been working on a direct Pug.js port for Go. It is somewhat hacky at the moment but

Jan 2, 2023
Package damsel provides html outlining via css-selectors and common template functionality.

Damsel Markup language featuring html outlining via css-selectors, extensible via pkg html/template and others. Library This package expects to exist

Oct 23, 2022