Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
connect-fonts-opensans
Advanced tools
Open Sans fontpack for connect-fonts.
const font_middleware = require("connect-fonts");
const font_pack = require("connect-fonts-opensans");
setup
function. app.use(font_middleware.setup({
fonts: [ font_pack ],
allow_origin: "https://exampledomain.com"
}));
<link href="/opensans-bold/fonts.css" type="text/css" rel="stylesheet"/ >
Multiple fonts from the family can be included by using a comma separated list of fonts:
<link href="/opensans-bold,opensans-bolditalic,opensans-extrabold,opensans-extrabolditalic,opensans-italic,opensans-light,opensans-lightitalic,opensans-regular,opensans-semibold,opensans-semibolditalic/fonts.css" type="text/css" rel="stylesheet"/ >
Available fonts:
Locale-optimised font sets can be served by specifying the locale in the fonts.css URL.
<link href="/latin/opensans-bold/fonts.css" type="text/css" rel="stylesheet"/ >
Available subsets:
body {
font-family: 'Open Sans', 'sans-serif', 'serif';
}
Open Sans
Software: Licenced under version 2.0 of the MPL
Fonts: Licensed under version 2.0 of the Apache
FAQs
Open Sans font pack for connect-fonts
The npm package connect-fonts-opensans receives a total of 2 weekly downloads. As such, connect-fonts-opensans popularity was classified as not popular.
We found that connect-fonts-opensans demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.