Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@tacc/core-styles
Advanced tools
The shared styles for TACC WMA Workspace Portals & Websites
Note This is likely the easier and simpler solution. Try this first.
See HOWTO.md
.
Install with any package manager e.g.:
npm install @tacc/core-styles
yarn add @tacc/core-styles
Import stylesheets of either type:
/dist
/src/lib/_imports
Please review the plugins expected.
require('core-styles').buildStylesheets
const buildStylesheets = require('core-styles').buildStylesheets;
buildStylesheets(
// Parse CSS files from which directory (required)
`path/to/your/css/src`,
// Output CSS files to which directory (required)
`path/to/put/css/output`,
{
// List of YAML config files (optional)
// (The first file is merged on top of the base config.)
// (Each successive file overwrites the file before it.)
// SEE: https://github.com/postcss/postcss-load-config#postcssrc
customConfigs: [
// The "base" config is `/.postcssrc.base.yml`
`path/to/custom/config/that/extends/base/.postcssrc.yml`,
`path/to/custom/config/that/extends/above/.postcssrc.yml`,
],
// Print more info from build log (optional, default: false)
verbose: true,
// Print version of this software (optional, default: false)
version: true,
// Any value to help identify the build (optional, default: app version)
buildId: process.env.npm_package_version + someUniqueId,
}
);
core-styles
Usage: core-styles [options] [command]
Options:
-V, --version output the version number
-h, --help display help for command
Commands:
build [options] build stylesheets with TACC standard process:
- "post-css" plugins
- custom input path
- custom output path
- custom configs
- prepend build id
help [command] display help for command
core-styles build
Usage: core-styles build [options]
build stylesheets with TACC standard process:
- "post-css" plugins
- custom input path
- custom output path
- custom configs
- prepend build id
Options:
-i, --input <path> parse source at which path¹
-o, --output <path> output CSS files to which path¹
-v, --verbose print more info during build process
-c, --custom-configs <paths...> extend base config with YAML files²³
-b, --build-id <identifier> any value to identify the build (default: version of app)
-m, --base-mirror-dir <path> if input folder structure is mirrored, this path is not⁴
-h, --help display help for command
Notes:
¹ Folder structure of "--input-dir" mirrored in "--output-dir" i.e.
given input
- "input_dir/x.css"
- "input_dir/sub_dir_a/y.css"
- "input_dir"
- "input_dir/**/*"
expect output
- "output_dir/x.css"
- "output_dir/sub_dir_a/y.css"
- "output_dir/..." (all files from input not in sub-directories)
- "output_dir/.../..." (all files from input as nested)
² The file formats are like ".postcssrc.yml" from
https://github.com/postcss/postcss-load-config#postcssrc
³ The first file is merged on top of the base config.
Each successive file overwrites the file before it.
⁴ Given '-i "a/b*" -o "x/" -m "a/"' output is "x/b/...".
Given '-i "a/b*" -o "x/" -m "a/b/"' output is "x/...".
Given '-i "a/b*" -o "x/" -m "not-a/"' output is "x/abs-path-to-input/...".
(initially) Install dependencies:
npm ci
(optional) Make changes to /src/lib
files.
Build the styles*:
npm run build:css
Build and preview the styles*:
npm start
(to debug) Review output in respective /dist
or /demo
files.*
* Stylesheets are built from source files in src/lib
directory to compiled files in dist
directory.
Build stylesheets and build static demo:
npm run build
Run the static demo:
npx serve demo
Web page will live-reload on demo build, but not on change of source files.
Open the web interface. The build command will output the URL (and may even open it for you).
Run each of these commands in its own terminal.
Build stylesheets and re-build on change:
npm run watch
Run the auto-refresh demo:
npm run start
Web page will live-reload twice on change of source files. The second reload will show changes.
npm run build:css
npm run build:css -- --build-id="..."
All testing is done manually.
The Core Styles are not independently deployed.
Currently, the demo is served by Core CMS (since v3.9.0).
Later, the demo may be deployed indpendently and core-styles.….css
served from a CDN.
To contribute, first read How to Contirbute.
Core Styles is an effort to replace Bootstrap. Core Styles is compatible with Bootstrap. Learn more.
[2.22.3] - 2023-12-11: Consistent Margin-Bottom for Align Component
Full Changelog: https://github.com/TACC/Core-Styles/compare/v2.22.2...v2.22.3
FAQs
CSS source and processor for TACC Core-CMS and Core-Portal.
The npm package @tacc/core-styles receives a total of 204 weekly downloads. As such, @tacc/core-styles popularity was classified as not popular.
We found that @tacc/core-styles demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.