Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@csstools/postcss-is-pseudo-class
Advanced tools
Readme
PostCSS Is Pseudo Class lets you use the :is
pseudo class function, following the
CSS Selector specification.
:is(input, button):is(:hover, :focus) {
order: 1;
}
Becomes :
input:hover {
order: 1;
}
input:focus {
order: 1;
}
button:hover {
order: 1;
}
button:focus {
order: 1;
}
Add PostCSS Is Pseudo Class to your project:
npm install @csstools/postcss-is-pseudo-class --save-dev
Use PostCSS Is Pseudo Class as a PostCSS plugin:
import postcss from 'postcss';
import postcssIsPseudoClass from '@csstools/postcss-is-pseudo-class';
postcss([
postcssIsPseudoClass(/* pluginOptions */)
]).process(YOUR_CSS /*, processOptions */);
PostCSS Is Pseudo Class runs in all Node environments, with special instructions for:
Node | Webpack | Gulp | Grunt |
---|
The preserve
option determines whether the original notation
is preserved. By default, it is not preserved.
postcss([
postcssIsPseudoClass({ preserve: true })
]).process(YOUR_CSS /*, processOptions */);
:is(input, button):is(:hover, :focus) {
order: 1;
}
Becomes :
input:hover {
order: 1;
}
input:focus {
order: 1;
}
button:hover {
order: 1;
}
button:focus {
order: 1;
}
:is(input, button):is(:hover, :focus) {
order: 1;
}
The specificityMatchingName
option allows you to change the selector used to adjust specificity.
The default value is does-not-exist
.
If this is an actual class, id or tag name in your code, you will need to set a different option here.
See how :not
is used to modify specificity.
postcss([
postcssIsPseudoClass({ specificityMatchingName: 'something-random' })
]).process(YOUR_CSS /*, processOptions */);
:is(.button, button):hover {
order: 7;
}
Becomes :
.button:hover {
order: 7;
}
button:not(.something-random):hover {
order: 7;
}
Warn on complex selectors in :is
pseudo class functions.
postcss([
postcssIsPseudoClass({ onComplexSelector: 'warning' })
]).process(YOUR_CSS /*, processOptions */);
Warn when pseudo elements are used in :is
pseudo class functions.
⚠️ Pseudo elements are always invalid and will be transformed to ::-csstools-invalid-<pseudo-name>
.
postcss([
postcssIsPseudoClass({ onPseudoElement: 'warning' })
]).process(YOUR_CSS /*, processOptions */);
:is(::after):hover {
order: 1.0;
}
/* becomes */
::-csstools-invalid-after:hover {
order: 1.0;
}
:is
takes the specificity of the most specific list item.
We can increase specificity with :not
selectors, but we can't decrease it.
Converted selectors are ensured to have the same specificity as :is
for the most important bit.
Less important bits can have higher specificity that :is
.
Before :
:is(:hover, :focus):is(.button, button) {
order: 7;
}
After :
/* specificity: [0, 2, 0] */
.button:hover {
order: 7;
}
/* specificity: [0, 2, 1] */
/* last bit is higher than it should be, but middle bit matches */
button:not(.does-not-exist):hover {
order: 7;
}
/* specificity: [0, 2, 0] */
.button:focus {
order: 7;
}
/* specificity: [0, 2, 1] */
/* last bit is higher than it should be, but middle bit matches */
button:not(.does-not-exist):focus {
order: 7;
}
Before :
:is(.alpha > .beta) ~ :is(:focus > .beta) {
order: 2;
}
After :
.alpha > .beta ~ :focus > .beta {
order: 2;
}
this is a different selector than expected as .beta ~ :focus
matches .beta
followed by :focus
.
avoid these cases.
writing the selector without :is()
is advised here
/* without is */
.alpha:focus > .beta ~ .beta {
order: 2;
}
If you have a specific pattern you can open an issue to discuss it. We can detect and transform some cases but can't generalize them into a single solution that tackles all of them.
FAQs
A pseudo-class for matching elements in a selector list
The npm package @csstools/postcss-is-pseudo-class receives a total of 3,745,907 weekly downloads. As such, @csstools/postcss-is-pseudo-class popularity was classified as popular.
We found that @csstools/postcss-is-pseudo-class demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.