Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
babel-plugin-cssta-stylename
Advanced tools
Transform css imports into cssta template components
Create cssta
custom components out of a standalone css file.
styleName
attribute to get the styles for a particular class from the css file.@
). @
gets added during the compilation. The reason to get rid of @
in css is because of the poor syntax highlighting. Also in future it makes sense to make removal of css-only attributes optional in cssta
. And instead let them flow through into the underlying component.cssta
should stay the same.To see an example check the __tests__/__fixtures__
folder.
# babel-plugin-cssta has to be a regular dependency
# because it's being used in runtime
npm i --save babel-plugin-cssta
npm i --save-dev babel-plugin-cssta-stylename
Specify babel plugins in the following order and before any other plugins you might already have:
[
["babel-plugin-cssta-stylename", {
"classAttribute": "styleName",
"addCssHash": false,
"extensions": [".css", ".styl"],
"wrapInMemo": false
}],
"babel-plugin-cssta"
]
classAttribute
- what attribute to use for the class name. Default: "styleName"
.addCssHash
- automatically add comment with unique hash on the css import
line of the .js
/.jsx
file with the same name and in the same directory as the css file. Useful to have it development to force trigger hot-reloading of components when changing only the css file. Default: false
extensions
- which style imports to parse. Besides regular css, stylus preprocessor is also supported.wrapInMemo
- whether to wrap created styled components into React.memo(). Wrapping seems to be breaking HMR on Webpack for some reason. Default: false
yarn test
MIT
(c) Pavel Zhukov - cray0000
FAQs
Transform css imports into cssta template components
We found that babel-plugin-cssta-stylename demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.