Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
compass_rose
Advanced tools
Readme
A simple, limited pure-SASS shim to ease getting out of Compass - because a Compass by any other name still smells as sweet
This library probably isn't right for you. Or, honestly, for anyone. This is a small collection of trivial mixins I wrote to get away from Compass as I entered a new project at work. It's not meant to be comprehensive, and it doesn't gracefully fall back. I'm not trying to support IE older than 9.
However, the project we were on was moving away from Ruby, and that meant that Compass, which had not been in heavy use, needed to go.
This is my exit path. If you'd like to contribute to it, please feel free. :smile:
Currently I support
=single_transition
=opacity
=border_radius
I am explicitly dropping =box-shadow
because it's natively supported by the browsers I care about.
It may be useful to use ReverseLodestone before you get started, to make sure there aren't any severe dependencies.
compass_rose
is MIT licensed, because viral licenses and newspeak language modification are evil. Free is only free when it's free for everyone.
FAQs
A simple, limited pure-SASS shim to ease getting out of Compass - because a Compass by any other name still smells as sweet
We found that compass_rose demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.