![Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack](https://cdn.sanity.io/images/cgdhsj6q/production/6af25114feaaac7179b18127c83327568ff592d1-1024x1024.webp?w=800&fit=max&auto=format)
Security News
Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
@emmetio/css-abbreviation
Advanced tools
Readme
Parses given Emmet stylesheet abbreviation into AST. Parsing is performed in two steps: first it tokenizes given abbreviation (useful for syntax highlighting in editors) and then tokens are analyzed and converted into AST nodes as plain, JSON-serializable objects.
Unlike in markup abbreviations, elements in stylesheet abbreviations cannot be nested and contain attributes, but allow embedded values in element names.
You can install it via npm:
npm install @emmetio/css-abbreviation
Then add it into your project:
import parse from '@emmetio/css-abbreviation';
const props = parse('p10+poa');
/* [{
name: 'p',
value: [{ type: 'CSSValue', value: [...] }],
important: false
}, {
name: 'poa',
value: [],
important: false
}] */
The returned result is an array of CSSProperty
items: a node with name and values.
Emmet stylesheet abbreviation element may start with name and followed by values, optionally chained with -
delimiter. In most cases, actual CSS properties doesn’t have numbers in their names (or at least they are not used in abbreviation shortcuts) so a number right after alpha characters is considered as embedded value, as well as colors starting with #
character: p10
, bg#fc0
etc. If implicit name/value boundary can’t be identified, you should use -
as value separator: m-a
, p10-20
etc.
Since CSS properties can’t be nested, the only available operator is +
.
FAQs
Parses Emmet CSS abbreviation into AST tree
The npm package @emmetio/css-abbreviation receives a total of 236,486 weekly downloads. As such, @emmetio/css-abbreviation popularity was classified as popular.
We found that @emmetio/css-abbreviation demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.
Security News
OpenSSF is warning open source maintainers to stay vigilant against reputation farming on GitHub, where users artificially inflate their status by manipulating interactions on closed issues and PRs.
Security News
A JavaScript library maintainer is under fire after merging a controversial PR to support legacy versions of Node.js.