
Security News
npm ‘is’ Package Hijacked in Expanding Supply Chain Attack
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
github.com/premailer/css_parser
Load, parse and cascade CSS rule sets in Ruby.
gem install css_parser
require 'css_parser'
include CssParser
parser = CssParser::Parser.new
parser.load_uri!('http://example.com/styles/style.css')
parser = CssParser::Parser.new
parser.load_uri!('file://home/user/styles/style.css')
# load a remote file, setting the base_uri and media_types
parser.load_uri!('../style.css', {base_uri: 'http://example.com/styles/inc/', media_types: [:screen, :handheld]})
# load a local file, setting the base_dir and media_types
parser.load_file!('print.css', '~/styles/', :print)
# load a string
parser = CssParser::Parser.new
parser.load_string! 'a { color: hotpink; }'
# lookup a rule by a selector
parser.find_by_selector('#content')
#=> 'font-size: 13px; line-height: 1.2;'
# lookup a rule by a selector and media type
parser.find_by_selector('#content', [:screen, :handheld])
# iterate through selectors by media type
parser.each_selector(:screen) do |selector, declarations, specificity|
...
end
# add a block of CSS
css = <<-EOT
body { margin: 0 1em; }
EOT
parser.add_block!(css)
# output all CSS rules in a single stylesheet
parser.to_s
=> #content { font-size: 13px; line-height: 1.2; }
body { margin: 0 1em; }
# capturing byte offsets within a file
parser.load_uri!('../style.css', {base_uri: 'http://example.com/styles/inc/', capture_offsets: true)
content_rule = parser.find_rule_sets(['#content']).first
content_rule.filename
#=> 'http://example.com/styles/styles.css'
content_rule.offset
#=> 10703..10752
# capturing byte offsets within a string
parser.load_string!('a { color: hotpink; }', {filename: 'index.html', capture_offsets: true)
content_rule = parser.find_rule_sets(['a']).first
content_rule.filename
#=> 'index.html'
content_rule.offset
#=> 0..21
bundle
bundle exec rake
Runs on Ruby 3.0/JRuby 9.4 or above.
By Alex Dunae (dunae.ca, e-mail 'code' at the same domain), 2007-11.
License: MIT
Thanks to all the wonderful contributors for their updates.
Made on Vancouver Island.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
Security News
A critical flaw in the popular npm form-data package could allow HTTP parameter pollution, affecting millions of projects until patched versions are adopted.
Security News
Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.