Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@frankhoodbs/css-custom-properties-list

Package Overview
Dependencies
Maintainers
0
Versions
48
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@frankhoodbs/css-custom-properties-list

Simple utility to list all the project custom properties

latest
npmnpm
Version
4.0.2
Version published
Weekly downloads
57
50%
Maintainers
0
Weekly downloads
 
Created
Source

CSS Custom Properties List

A simple utility to fetch and list all CSS Custom Properties (often known as CSS Variables) defined in the :root selector of stylesheets from the same domain.

Version License

Features

  • Domain Filtering: Only parses stylesheets from the same domain to avoid cross-origin issues.
  • Focus on :root Selector: Specifically targets custom properties defined under the :root selector.

Usage

Import the utility function:

import { cssCustomPropertiesList } from '@frankhoodbs/css-custom-properties-list';

To get a list of custom properties from all stylesheets in the document:

const propertiesList = cssCustomPropertiesList(document.styleSheets);

console.log(propertiesList);

This will return an array of arrays, where each inner array contains two strings: the custom property name and its value. For example:

[
  ['--primary-color', '#ff4500'],
  ['--font-size', '16px']
]

Utility Functions

isSameDomain(styleSheet: CSSStyleSheet)

Determines whether a given stylesheet is from the same domain as the current page.

isStyleRule(rule: CSSRule)

Checks if a given rule is a style rule.

cssCustomPropertiesList(styleSheets: StyleSheetList)

The main utility function which accepts a list of stylesheets and returns the custom properties as described above.

FAQs

Package last updated on 26 Nov 2025

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

Research

SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains

An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

By Socket Research Team  -  Feb 20, 2026
Socket Joins the OpenJS Foundation

Company News

Socket Joins the OpenJS Foundation

Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

By Sarah Gooding  -  Feb 19, 2026