Unbuffered code starts with
-. It does not directly add anything to the output.
Pug also supports block unbuffered code:
Buffered code starts with
Unescaped Buffered Code
Unescaped buffered code starts with
Unescaped buffered code can be dangerous. You must be sure to sanitize any user inputs to avoid cross-site scripting (XSS).