Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@bartveneman/gromit
Advanced tools
A test framework to assert that CSS doesn't exceeds certain tresholds.
Readme
A test framework to assert that CSS doesn't exceeds certain tresholds.
Gromit relies on you passing in CSS and a config.
# Default usage
$ gromit style.css
# Custom config
$ gromit style.css --config=my-config.json
# Read from StdIn
$ cat style.css | gromit
The result will look like something like this:
TAP version 13
# Subtest: selectors.id.total
ok 1 - selectors.id.total should not be larger than 0 (actual: 0)
1..1
ok 1 - selectors.id.total # time=6.024ms
1..1
# time=15.076ms
✔ "Well done, lad! Very well done..."
Note that this example uses only 1 test (total ID selectors).
Gromit will try to fetch a .gromitrc
file in your current directory. You can
also specify a different JSON config file with the --config
option
(see usage). The config JSON should look similar to this:
{
// Do not exceed 4095, otherwise IE will drop any subsequent rules
"rules.total": 4095,
"selectors.id.total": 0,
"values.colors.totalUnique": 2,
"values.colors.unique": ["#fff", "#000"]
}
All the possible options for the config file can be found at @projectwallace/css-analyzer.
By default, Gromit will report in the TAP format, but you can pipe the output into something you may find prettier, like tap-nyan or any other TAP-reporter.
$ gromit style.css | tap-nyan
1 -_,------,
0 -_| /\_/\
0 -^|__( ^ .^)
- "" ""
Pass!
If any test fails, Gromit will exit with a non-zero exit code. When you run Gromit in your CI builds, this may cause the build to fail. This is exactly what Gromit was designed to do.
Example usage with package.json:
{
"name": "my-package",
"version": "0.1.0",
"scripts": {
"test": "gromit compiled-styles.css"
}
}
FAQs
A test framework to assert that CSS doesn't exceeds certain tresholds.
The npm package @bartveneman/gromit receives a total of 5 weekly downloads. As such, @bartveneman/gromit popularity was classified as not popular.
We found that @bartveneman/gromit demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.