Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
A comprehensive list of CSS features and their positions in the process of becoming implemented web standards
The cssdb npm package is a comprehensive database of CSS features and their stages in the CSS standardization process. It provides a structured list of current, upcoming, and experimental CSS features, making it a valuable resource for developers looking to stay up-to-date with the latest in CSS or to polyfill future CSS features. The package can be used to programmatically access information about CSS features, their specifications, and implementation status across different browsers.
Accessing CSS feature data
This code sample demonstrates how to import the cssdb package and retrieve an array of CSS features. Each feature in the array includes details such as the feature's name, description, stage in the standardization process, and links to the specification.
const cssdb = require('cssdb');
const features = cssdb();
console.log(features);
Filtering CSS features by stage
This example shows how to filter CSS features by their stage in the standardization process. In this case, it filters for features that are at stage 2, which represents a draft state where the feature is still under discussion.
const cssdb = require('cssdb');
const stage2Features = cssdb().filter(feature => feature.stage === 2);
console.log(stage2Features);
PostCSS is a tool for transforming CSS with JavaScript plugins. While cssdb provides a database of CSS features, PostCSS allows developers to write plugins that can transform CSS by adding fallbacks for future CSS features, linting CSS, and more. PostCSS can be extended with plugins that utilize the data from cssdb to polyfill future CSS features.
The caniuse-api provides access to browser support tables for modern web technologies from the Can I Use website. Unlike cssdb, which focuses on the standardization stages of CSS features, caniuse-api offers detailed information about the support and compatibility of web technologies across various browsers and versions. It's more focused on browser support data rather than the standardization process.
cssdb is a comprehensive list of CSS features and their positions in the process of becoming implemented web standards.
Did you come here to update the status of a CSS feature or add a new one? Quick, read CONTRIBUTING.md.
Did you come here to learn about the stages? Quick, read STAGES.md.
cssdb ranks CSS features by stages that reflect the real-life stability of new CSS features.
You can read an inside view of the CSSWG to learn about the official (and unofficial) development stages of CSS specifications. In reality, specifications and browser implementations happen out of sync. For example, there are stable CSS features missing in all browsers, while other CSS features developed outside the CSSWG have appeared in browsers behind flags. This is too ambiguous for the web development community, and a more accountable process is desired.
8.2.1 (November 11, 2024)
sign-functions
plugin linkFAQs
A comprehensive list of CSS features and their positions in the process of becoming implemented web standards
We found that cssdb demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.