Security News
The Hidden Blast Radius of the Axios Compromise
The Axios compromise shows how time-dependent dependency resolution makes exposure harder to detect and contain.
By Ahmad Nassri - Apr 01, 2026
New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details → →
CSScomb 
The current fork of the CSScombx coding style formatter is specifically intended to comply with the Drupal CMS coding standards. The default configuration might be found in the config/drupal.json file. You can easily write your own configuration to make your style sheets beautiful and consistent. Just copy some of the config/*.json files, put it into your project's root and rename the file to .csscombx.json (see the leading dot). Then edit the file according your needs. Note that any of a project child folders may have its own .csscombx.json file with different settings.
The main feature is sorting properties in a specific order. It was inspired by @miripiruni's PHP-based tool of the same name. This is the new JavaScript version, based on the powerful CSS parser Gonzales PE.
0. Maintenance mode
The tool has a restricted support on the current fork.
If you'd like to become a maintainer of this project, please ping @drugan.
1. Install
Global installation (for use as a command-line tool):
npm install csscombx -g
Local installation (for use as a command-line tool within current directory):
npm install csscombx
To install as a project dependency (the package will appear in your dependencies):
npm install csscombx --save
To install as a dev dependency (the package will appear in your devDependencies):
npm install csscombx --save-dev
2. Configure
There are a number of ways to configure CSScomb:
- Use one of predefined configs
- Put .csscombx.json file in the project root or any of the nested folders.
- Set path to config's file
- Use *.css file as a template
3. Use
Command Line
Process all *.css, *.scss, *.sass or *.less files found in the ./my-styles folder or any of its child folders.
csscombx ./my-styles
Node.js module
Process files like the above using config/zen.json configuration file.
var Comb = require('csscombx');
var comb = new Comb('zen');
comb.processPath('./my-styles');
4. Contribute
Anyone and everyone is welcome to contribute. Please take a moment to review the guidelines for contributing.
Authors
Thanks for assistance and contributions:
@miripiruni, @anton-rudeshko, @cvrebert, @filtercake, @ignovak, @kizu, @lefoy, @L0stSoul, @mishaberezin, @puzankov, @schneyra, @thejameskyle, @vecmezoni @drugan
License
This software is released under the terms of the MIT license.
Other projects
FAQs
CSS coding style formatter
We found that csscombx demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 02 Jun 2017
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Supply Chain Attack on Axios Pulls Malicious Dependency from npm
A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.
By Socket Research Team - Mar 31, 2026
Research
TeamPCP Compromises Telnyx Python SDK to Deliver Credential-Stealing Malware
Malicious versions of the Telnyx Python SDK on PyPI delivered credential-stealing malware via a multi-stage supply chain attack.
By Socket Research Team - Mar 27, 2026