Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@moohng/postcss-px2vw
Advanced tools
@moohng/postcss-px2vw
A CSS post-processor that converts px to vw and fallback rem.
postcss-px2vw
一款 PostCSS 插件,将 px 转换成 vw 和 rem。
该插件主要结合了 postcss-pxtorem 和 postcss-px-to-viewport 的功能,精简了不常用的配置。默认将 vw 作为优先单位使用,以 rem 作为回退模式。考虑到 vw 在移动设备的支持度不如 rem,这款插件很好的解决了该问题。
安装
$ npm i @moohng/postcss-px2vw -D
使用
// .postcssrc.js
module.exports = {
plugins: {
'@moohng/postcss-px2vw': {}
}
}
举例:
// input
.class {
border: 1px solid black;
margin-bottom: 1px;
font-size: 20px;
line-height: 30px;
}
// output
.class {
border: 1px solid black;
margin-bottom: 1px;
font-size: 0.625rem;
font-size: 6.25vw;
line-height: 0.9375rem;
line-height: 9.375vw;
}
配置
viewportWidth:对应设计图的宽度,用于计算vw。默认750,指定0或false时禁用rootValue:根字体大小,用于计算rem。默认75,指定0或false时禁用unitPrecision:计算结果的精度,默认5minPixelValue:小于等于该值的px单位不作处理,默认1
注意:该插件只会转换
px单位。rootValue一般建议设置成viewportWidth / 10的大小,将设计图分成10等分。由于浏览器有最小字体限制,如果设置得过小,页面可能跟预期不一致
如果要使用 rem 单位,需要自己通过 js 来动态计算根字体的大小。如果将设计图分成 10 等分计算,那么根字体的大小应该是 window.innerWidth / 10。
最后
如果你觉得对你有帮助,欢迎 star 和 issue
FAQs
A CSS post-processor that converts px to vw and fallback rem.
We found that @moohng/postcss-px2vw demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 25 Oct 2022
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024