Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
@csstools/css-color-parser
Advanced tools
@csstools/css-color-parser is an npm package designed to parse CSS color values. It can handle a variety of color formats including named colors, hex codes, RGB, RGBA, HSL, and HSLA. This package is useful for developers who need to manipulate or validate CSS color values in their JavaScript applications.
Parse Named Colors
This feature allows you to parse named CSS colors. The code sample demonstrates how to parse the named color 'red' and log the resulting color object.
const { parse } = require('@csstools/css-color-parser');
const color = parse('red');
console.log(color);
Parse Hex Colors
This feature allows you to parse hex color codes. The code sample demonstrates how to parse the hex color '#ff0000' and log the resulting color object.
const { parse } = require('@csstools/css-color-parser');
const color = parse('#ff0000');
console.log(color);
Parse RGB Colors
This feature allows you to parse RGB color values. The code sample demonstrates how to parse the RGB color 'rgb(255, 0, 0)' and log the resulting color object.
const { parse } = require('@csstools/css-color-parser');
const color = parse('rgb(255, 0, 0)');
console.log(color);
Parse RGBA Colors
This feature allows you to parse RGBA color values. The code sample demonstrates how to parse the RGBA color 'rgba(255, 0, 0, 0.5)' and log the resulting color object.
const { parse } = require('@csstools/css-color-parser');
const color = parse('rgba(255, 0, 0, 0.5)');
console.log(color);
Parse HSL Colors
This feature allows you to parse HSL color values. The code sample demonstrates how to parse the HSL color 'hsl(0, 100%, 50%)' and log the resulting color object.
const { parse } = require('@csstools/css-color-parser');
const color = parse('hsl(0, 100%, 50%)');
console.log(color);
Parse HSLA Colors
This feature allows you to parse HSLA color values. The code sample demonstrates how to parse the HSLA color 'hsla(0, 100%, 50%, 0.5)' and log the resulting color object.
const { parse } = require('@csstools/css-color-parser');
const color = parse('hsla(0, 100%, 50%, 0.5)');
console.log(color);
The 'color' package is a comprehensive library for color conversion and manipulation. It supports a wide range of color formats and provides methods for color transformations. Compared to @csstools/css-color-parser, 'color' offers more extensive functionality for color manipulation beyond just parsing.
The 'tinycolor2' package is a fast and lightweight color manipulation library. It supports parsing, conversion, and manipulation of various color formats. While @csstools/css-color-parser focuses on parsing, 'tinycolor2' provides additional methods for color adjustments and transformations.
The 'chroma-js' package is a powerful library for color conversions and color scales. It supports a wide range of color formats and provides advanced features for color manipulation and visualization. Compared to @csstools/css-color-parser, 'chroma-js' offers more advanced capabilities for working with color scales and gradients.
Add CSS Color Parser to your project:
npm install @csstools/css-color-parser @csstools/css-parser-algorithms @csstools/css-tokenizer --save-dev
import { color } from '@csstools/css-color-parser';
import { isFunctionNode, parseComponentValue } from '@csstools/css-parser-algorithms';
import { serializeRGB } from '@csstools/css-color-parser';
import { tokenize } from '@csstools/css-tokenizer';
// color() expects a parsed component value.
const hwbComponentValue = parseComponentValue(tokenize({ css: 'hwb(10deg 10% 20%)' }));
const colorData = color(hwbComponentValue);
if (colorData) {
console.log(colorData);
// serializeRGB() returns a component value.
const rgbComponentValue = serializeRGB(colorData);
console.log(rgbComponentValue.toString());
}
FAQs
Parse CSS color values
We found that @csstools/css-color-parser demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.