# stringify-entities
[![Build Status][build-badge]][build]
[![Coverage Status][coverage-badge]][coverage]
[![Downloads][downloads-badge]][downloads]
[![Size][size-badge]][size]
Serialize (encode) HTML character references.
## Contents
* [What is this?](#what-is-this)
* [When should I use this?](#when-should-i-use-this)
* [Install](#install)
* [Use](#use)
* [API](#api)
* [`stringifyEntities(value[, options])`](#stringifyentitiesvalue-options)
* [Algorithm](#algorithm)
* [Types](#types)
* [Compatibility](#compatibility)
* [Security](#security)
* [Related](#related)
* [Contribute](#contribute)
* [License](#license)
## What is this?
This is a small and powerful encoder of HTML character references (often called
entities).
This one has either all the options you need for a minifier/formatter, or a
tiny size when using `stringifyEntitiesLight`.
## When should I use this?
You can use this for spec-compliant encoding of character references.
It’s small and fast enough to do that well.
You can also use this when making an HTML formatter or minifier, because there
are different ways to produce pretty or tiny output.
This package is reliable: ``'`'`` characters are encoded to ensure no scripts
run in Internet Explorer 6 to 8.
Additionally, only named references recognized by HTML 4 are encoded, meaning
the infamous `'` (which people think is a [virus][]) won’t show up.
## Install
This package is [ESM only][esm].
In Node.js (version 14.14+, 16.0+), install with [npm][]:
```sh
npm install stringify-entities
```
In Deno with [`esm.sh`][esmsh]:
```js
import {stringifyEntities} from 'https://esm.sh/stringify-entities@4'
```
In browsers with [`esm.sh`][esmsh]:
```html
```
## Use
```js
import {stringifyEntities} from 'stringify-entities'
stringifyEntities('alpha © bravo ≠ charlie 𝌆 delta')
// => 'alpha © bravo ≠ charlie 𝌆 delta'
stringifyEntities('alpha © bravo ≠ charlie 𝌆 delta', {useNamedReferences: true})
// => 'alpha © bravo ≠ charlie 𝌆 delta'
```
## API
This package exports the identifiers `stringifyEntities` and
`stringifyEntitiesLight`.
There is no default export.
### `stringifyEntities(value[, options])`
Encode special characters in `value`.
##### Core options
###### `options.escapeOnly`
Whether to only escape possibly dangerous characters (`boolean`, default:
`false`).
Those characters are `"`, `&`, `'`, `<`, `>`, and `` ` ``.
###### `options.subset`
Whether to only escape the given subset of characters (`Array`).
Note that only BMP characters are supported here (so no emoji).
##### Formatting options
If you do not care about the following options, use `stringifyEntitiesLight`,
which always outputs hexadecimal character references.
###### `options.useNamedReferences`
Prefer named character references (`&`) where possible (`boolean?`, default:
`false`).
###### `options.useShortestReferences`
Prefer the shortest possible reference, if that results in less bytes
(`boolean?`, default: `false`).
> ⚠️ **Note**: `useNamedReferences` can be omitted when using
> `useShortestReferences`.
###### `options.omitOptionalSemicolons`
Whether to omit semicolons when possible (`boolean?`, default: `false`).
> ⚠️ **Note**: This creates what HTML calls “parse errors” but is otherwise
> still valid HTML — don’t use this except when building a minifier.
> Omitting semicolons is possible for certain named and numeric references in
> some cases.
###### `options.attribute`
Create character references which don’t fail in attributes (`boolean?`, default:
`false`).
> ⚠️ **Note**: `attribute` only applies when operating dangerously with
> `omitOptionalSemicolons: true`.
#### Returns
Encoded value (`string`).
## Algorithm
By default, all dangerous, non-ASCII, and non-printable ASCII characters are
encoded.
A [subset][] of characters can be given to encode just those characters.
Alternatively, pass [`escapeOnly`][escapeonly] to escape just the dangerous
characters (`"`, `'`, `<`, `>`, `&`, `` ` ``).
By default, hexadecimal character references are used.
Pass [`useNamedReferences`][named] to use named character references when
possible, or [`useShortestReferences`][short] to use whichever is shortest:
decimal, hexadecimal, or named.
There is also a `stringifyEntitiesLight` export, which works just like
`stringifyEntities` but without the formatting options: it’s much smaller but
always outputs hexadecimal character references.
## Types
This package is fully typed with [TypeScript][].
It exports the additional types `Options` and `LightOptions` types.
## Compatibility
This package is at least compatible with all maintained versions of Node.js.
As of now, that is Node.js 14.14+ and 16.0+.
It also works in Deno and modern browsers.
## Security
This package is safe.
## Related
* [`parse-entities`](https://github.com/wooorm/parse-entities)
— parse (decode) HTML character references
* [`wooorm/character-entities`](https://github.com/wooorm/character-entities)
— info on character references
* [`wooorm/character-entities-html4`](https://github.com/wooorm/character-entities-html4)
— info on HTML 4 character references
* [`wooorm/character-entities-legacy`](https://github.com/wooorm/character-entities-legacy)
— info on legacy character references
* [`wooorm/character-reference-invalid`](https://github.com/wooorm/character-reference-invalid)
— info on invalid numeric character references
## Contribute
Yes please!
See [How to Contribute to Open Source][contribute].
## License
[MIT][license] © [Titus Wormer][author]
[build-badge]: https://github.com/wooorm/stringify-entities/workflows/main/badge.svg
[build]: https://github.com/wooorm/stringify-entities/actions
[coverage-badge]: https://img.shields.io/codecov/c/github/wooorm/stringify-entities.svg
[coverage]: https://codecov.io/github/wooorm/stringify-entities
[downloads-badge]: https://img.shields.io/npm/dm/stringify-entities.svg
[downloads]: https://www.npmjs.com/package/stringify-entities
[size-badge]: https://img.shields.io/bundlephobia/minzip/stringify-entities.svg
[size]: https://bundlephobia.com/result?p=stringify-entities
[npm]: https://docs.npmjs.com/cli/install
[esmsh]: https://esm.sh
[license]: license
[author]: https://wooorm.com
[esm]: https://gist.github.com/sindresorhus/a39789f98801d908bbc7ff3ecc99d99c
[typescript]: https://www.typescriptlang.org
[contribute]: https://opensource.guide/how-to-contribute/
[virus]: https://www.telegraph.co.uk/technology/advice/10516839/Why-do-some-apostrophes-get-replaced-with-andapos.html
[subset]: #optionssubset
[escapeonly]: #optionsescapeonly
[named]: #optionsusenamedreferences
[short]: #optionsuseshortestreferences