Marked is
- built for speed.*
- a low-level markdown compiler for parsing markdown without caching or blocking for long periods of time.**
- light-weight while implementing all markdown features from the supported flavors & specifications.***
- available as a command line interface (CLI) and running in client- or server-side JavaScript projects.
* Still working on metrics for comparative analysis and definition.
** As few dependencies as possible.
*** Strict compliance could result in slower processing when running comparative benchmarking.
Demo
Checkout the demo page to see marked in action âšī¸
These documentation pages are also rendered using marked đ¯
Installation
CLI: npm install -g marked
In-browser:
npm install marked
npm install @types/marked # For TypeScript projects
Usage
Warning: đ¨ Marked does not sanitize the output HTML. If you are processing potentially unsafe strings, it's important to filter for possible XSS attacks. Some filtering options include DOMPurify (recommended), js-xss, sanitize-html and insane on the output HTML! đ¨
DOMPurify.sanitize(marked.parse(`<img src="x" onerror="alert('not happening')">`));
â ī¸ Input: special ZERO WIDTH unicode characters (for example \uFEFF
) might interfere with parsing. Some text editors add them at the start of the file (see: #2139).
// remove the most common zerowidth characters from the start of the file
marked.parse(
contents.replace(/^[\u200B\u200C\u200D\u200E\u200F\uFEFF]/,"")
)
CLI
# Example with stdin input
$ marked -o hello.html
hello world
^D
$ cat hello.html
<p>hello world</p>
# Example with string input
$ marked -s "*hello world*"
<p><em>hello world</em></p>
# Example with file input
echo "**bold text example**" > readme.md
$ marked -i readme.md -o readme.html
$ cat readme.html
<p><strong>bold text example</strong></p>
# Print all options
$ marked --help
Browser
<!doctype html>
<html>
<head>
<meta charset="utf-8"/>
<title>Marked in the browser</title>
</head>
<body>
<div id="content"></div>
<script src="https://cdn.jsdelivr.net/npm/marked/marked.min.js"></script>
<script>
document.getElementById('content').innerHTML =
marked.parse('# Marked in browser\n\nRendered by **marked**.');
</script>
</body>
</html>
Node.js
import { marked } from 'marked';
// or const { marked } = require('marked');
const html = marked.parse('# Marked in Node.js\n\nRendered by **marked**.');
Marked offers advanced configurations and extensibility as well.
Supported Markdown specifications
We actively support the features of the following Markdown flavors.
Flavor | Version | Status |
---|---|---|
The original markdown.pl | -- | |
CommonMark | 0.30 | Work in progress |
GitHub Flavored Markdown | 0.29 | Work in progress |
By supporting the above Markdown flavors, it's possible that Marked can help you use other flavors as well; however, these are not actively supported by the community.
List of Tools Using Marked
We actively support the usability of Marked in super-fast markdown transformation, some of Tools using Marked
for single-page creations are
Tools | Description |
---|---|
zero-md | A native markdown-to-html web component to load and display an external MD file.It uses Marked for super-fast markdown transformation. |
texme | TeXMe is a lightweight JavaScript utility to create self-rendering Markdown + LaTeX documents. |
StrapDown.js | StrapDown.js is an awesome on-the-fly Markdown to HTML text processor. |
raito | Mini Markdown Wiki/CMS in 8kb of JavaScript. |
Homebrewery | The Homebrewery is a tool for making authentic looking D&D content using Markdown. It is distributed under the terms of the MIT. |
Security
The only completely secure system is the one that doesn't exist in the first place. Having said that, we take the security of Marked very seriously.
Therefore, please disclose potential security issues by email to the project committers as well as the listed owners within NPM. We will provide an initial assessment of security reports within 48 hours and should apply patches within 2 weeks (also, feel free to contribute a fix for the issue).