
Security News
npm ‘is’ Package Hijacked in Expanding Supply Chain Attack
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
Axis is a large and robust css utility library built on top of stylus.
You can install axis through npm, as such:
npm install axis --save
You can find full documentation for axis here. This includes usage instructions for integration with gulp, grunt, express, and more, as well as detailed and permalink-able documentation for each mixin that axis offers.
Some people have expressed concern that axis is too large of a library and they would prefer a smaller one, where they use a higher percentage of the mixins offered. But since axis is a mixin library, it actually adds zero size to your code. That's right, when you include axis and compile it, not a single character is added to your code.
The only time it adds anything are when you use its mixins, which are engineered carefully to be as slim and concise as possible, and only use spec-compliant css3. This means that you can make axis' entire library of utilities available for free, use only what you like, and almost certainly add up with less code than if you wrote it yourself. Good deal, right?
Axis does not include any cross-browser code at all, only pure css3 as defined by the official spec. If you want your code to work better across browsers, we would recommend that you use autoprefixer, a library that is extraordinarily good at ensuring your css works correctly in the range of browsers you need it to.
FAQs
css library built on stylus
The npm package axis receives a total of 808 weekly downloads. As such, axis popularity was classified as not popular.
We found that axis demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
Security News
A critical flaw in the popular npm form-data package could allow HTTP parameter pollution, affecting millions of projects until patched versions are adopted.
Security News
Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.