Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Bourbon is a library of Sass mixins and functions that are designed to make you a more efficient style sheet author.
It is…
The current stable version is 4.3.4. The master
branch on GitHub is
version 5.0.0.beta.8.
Install the Bourbon gem using the RubyGems package manager:
gem install bourbon
Alternatively, you can install Bourbon with Bower.
Install the Bourbon library into the current directory:
bourbon install
Pro Tip: You can target installation into a specific directory using the
path
flag:
bourbon install --path my/custom/path/
Import Bourbon at the beginning of your stylesheet:
@import "bourbon/bourbon";
It’s not recommended that you modify Bourbon’s files directly as it will make updating to future versions difficult, by overwriting your custom changes or causing merge conflicts.
Add Bourbon to your Gemfile:
gem "bourbon"
Then run:
bundle install
Restart your server and rename application.css
to application.scss
:
mv app/assets/stylesheets/application.css app/assets/stylesheets/application.scss
Delete all Sprockets directives in application.scss
(require
,
require_tree
and require_self
) and use Sass’s native @import
instead
(why?).
Import Bourbon at the beginning of application.scss
. Any project styles
that utilize Bourbon’s features must be imported after Bourbon.
@import "bourbon";
@import "home";
@import "users";
Add Bourbon as a dependency:
npm install --save bourbon
If you’re using eyeglass, skip to Step 3. Otherwise, you’ll need to add
Bourbon to your node-sass includePaths
option.
require("bourbon").includePaths
is an array of directories that you should
pass to node-sass. How you do this depends on how node-sass is integrated
into your project.
Import Bourbon into your Sass files:
@import "bourbon";
Uninstall any Bourbon gem versions you already have:
gem uninstall bourbon
Reinstall the Bourbon gem, using the -v
flag to specify the version
you need:
gem install bourbon -v 4.2.7
Follow the instructions above to install Bourbon into your project.
bourbon [options]
Option | Description |
---|---|
-h , --help | Show help |
-v , --version | Show the version number |
--path | Specify a custom path |
--force | Force install (overwrite) |
Command | Description |
---|---|
bourbon install | Install Bourbon into the current directory |
bourbon update | Overwrite and update Bourbon in the current directory |
bourbon help | Show help |
Bourbon supports Internet Explorer 11+ and the latest versions of Chrome, Firefox, Safari, and Edge.
Bourbon is part of a larger, modular family of Sass utilities:
Neat: A lightweight and flexible Sass grid
Bitters: Scaffold styles, variables and structure for Bourbon projects
Refills: Components and patterns built with Bourbon and Neat
See the contributing document. Thank you, contributors!
Bourbon is copyright © 2011-2017 thoughtbot, inc. It is free software, and may be redistributed under the terms specified in the license.
Bourbon is maintained by Tyson Gach and the thoughtbot design team. It is funded by thoughtbot, inc. and the names and logos for thoughtbot are trademarks of thoughtbot, inc.
We love open-source software! See our other projects or hire us to design, develop, and grow your product.
[5.0.0-beta.8] - 2017-06-26
style
property has been added to our package.json
, which makes for easy
importing when using npm-sass, sass-module-importer and others.triangle
mixin no longer has default argument values. The order of the
arguments also changed: $width
and $height
now come before $color
.bourbon update
CLI command now works when Bourbon is installed using a
custom path.FAQs
A lightweight Sass tool set.
The npm package bourbon receives a total of 97,020 weekly downloads. As such, bourbon popularity was classified as popular.
We found that bourbon demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.