Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
Cask
Cask is a micro-framework for creating template-based web pages with Express. Cask currently only supports Mustache templating.
Basic Usage
npm install cask
Cask allows pages to be declaritively defined as modules similar to Connect
middleware. The page can then be rendered by passing a Response instance, a
context object, and the middleware callback. For example:
page.js
=======
var pages = require("cask").pages;
module.exports = function (response, item, next) {
pages("templates").load("page.html", function (error, response) {
page.addStyleSheet("/static/css/style.css");
page.renderTo(response, { result: item }, next);
});
};
app.js
======
var app = express(),
page = require("./page");
. . .
app.get("/page", function (request, response, next) {
var item = { message: "hello world" };
page(response, item, next);
});
API Details
cask.pages([templateDirectory])
- templateDirectory - Defaults to CWD. The base directory to load load templates from.
Creates a new PageLoader for loading pages.
PageLoader.load(template, callback)
- template - the file name of the template to create the page from.
- callback - called when the template has been loaded and compiled. The
callback is passed two arguments
(error, page).
Creates a Page instance from a template file.
Page.addPartial(name, template, callback)
- name - the name by which the partial will be refernced in templates.
- template - the template that defines the partial.
- callback - called when the partial has been loaded and compiled. The
callback is passed two arguments
(error, page).pageis a self-reference to thePage.
Makes a partial available to the rendering context.
Page.addScript(href)
- href - the URL of the script to add to the page.
addScript allows a page definition to declare a script dependency. The page
will try to make smart use of scripts and will only load each script once
(regardless of how many times the same script is declared) at the end of the
page body.
Page.addStyleSheet(href)
- href - the URL of the stylesheet to add to the page.
addStyleSheet allows a page definition to declare a stylesheet dependency. The
page will try to make smart use of stylesheets and will only load each
stylesheet once (regardless of how many times the same stylesheet is declared).
Page.renderTo(response, context, next)
- response - the Express
responseinstance that the page content should be rendered to. - context - a hash of attributes to be used by the template engine.
- next - the 'next middleware' callback. This is typically used for error handling.
Cause the page content to be rendered as a response to a request.
FAQs
cask ====
The npm package cask receives a total of 1 weekly downloads. As such, cask popularity was classified as not popular.
We found that cask demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 06 May 2013
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026