
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
@asamuzakjp/css-color
Advanced tools
Resolve and convert CSS colors.
npm i @asamuzakjp/css-color
import { convert, resolve, utils } from '@asamuzakjp/css-color';
const resolvedValue = resolve(
'color-mix(in oklab, lch(67.5345 42.5 258.2), color(srgb 0 0.5 0))'
);
// 'oklab(0.620754 -0.0931934 -0.00374881)'
const convertedValue = convert.colorToHex('lab(46.2775% -47.5621 48.5837)');
// '#008000'
const result = utils.isColor('green');
// true
resolves CSS color
color
string color value
opt
object? options (optional, default {}
)
opt.currentColor
string?
currentcolor
keywordrgb(none none none / none)
opt.customProperty
object?
--
prefixed property name as a key and it's value,
e.g.
const opt = {
customProperty: {
'--some-color': '#008000',
'--some-length': '16px'
}
};
callback
function to get the value of the custom property,
e.g.
const node = document.getElementById('foo');
const opt = {
customProperty: {
callback: node.style.getPropertyValue
}
};
opt.dimension
object?
1em === 12px
, 1rem === 16px
and 100vw === 1024px
, then
const opt = {
dimension: {
em: 12,
rem: 16,
vw: 10.24
}
};
callback
function to get the value as a number in pixels,
e.g.
const opt = {
dimension: {
callback: unit => {
switch (unit) {
case 'em':
return 12;
case 'rem':
return 16;
case 'vw':
return 10.24;
default:
return;
}
}
}
};
opt.format
string?
computedValue
(default), computed value of the colorspecifiedValue
, specified value of the colorhex
, hex color notation, i.e. #rrggbb
hexAlpha
, hex color notation with alpha channel, i.e. #rrggbbaa
Returns string? one of rgba?()
, #rrggbb(aa)?
, color-name
, color(color-space r g b / alpha)
, color(color-space x y z / alpha)
, (ok)?lab(l a b / alpha)
, (ok)?lch(l c h / alpha)
, '(empty-string)'
, null
computedValue
, values are numbers, however rgb()
values are integersspecifiedValue
, returns empty string
for unknown and/or invalid colorhex
, returns null
for transparent
, and also returns null
if any of r
, g
, b
, alpha
is not a numberhexAlpha
, returns #00000000
for transparent
, however returns null
if any of r
, g
, b
, alpha
is not a numberContains various color conversion functions.
convert number to hex string
value
number color valueReturns string hex string: 00..ff
convert color to hex
Returns string #rrggbb(aa)?
convert color to hsl
Returns Array<number> [h, s, l, alpha]
convert color to hwb
Returns Array<number> [h, w, b, alpha]
convert color to lab
Returns Array<number> [l, a, b, alpha]
convert color to lch
Returns Array<number> [l, c, h, alpha]
convert color to oklab
Returns Array<number> [l, a, b, alpha]
convert color to oklch
Returns Array<number> [l, c, h, alpha]
convert color to rgb
Returns Array<number> [r, g, b, alpha]
convert color to xyz
Returns Array<number> [x, y, z, alpha]
convert color to xyz-d50
Returns Array<number> [x, y, z, alpha]
Contains utility functions.
is valid color type
color
string color value
Returns boolean
The following resources have been of great help in the development of the CSS color.
Copyright (c) 2024 asamuzaK (Kazz)
FAQs
CSS color - Resolve and convert CSS colors.
The npm package @asamuzakjp/css-color receives a total of 5,976,923 weekly downloads. As such, @asamuzakjp/css-color popularity was classified as popular.
We found that @asamuzakjp/css-color demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.