Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
CSSHint is a code review tool based on NodeJS. The current rules are based on ecomfe CSS STYLE SPEC. It also covers CSSLint rules.
After a period of code refactoring, we finally came to this version, in which CSS
parser is replaced with postcss.
In addition, we changed the way of implementation which was also able to improve the performance by a large margin. Meanwhile, the following global
object has three attributes as follows:
global.CSSHINT_INVALID_ALL_COUNT
: it is used to count the number of warn
to serve max-error
.global.CSSHINT_HEXCOLOR_CASE_FLAG
: it is used to record project's color value, whether the letters are small or capital. 0
is for small and 1
is for capital. This attribute is to serve unifying-color-case-sensitive
.global.CSSHINT_FONTFAMILY_CASE_FLAG
: it is used to record whether font-family
is small or capital to serve unifying-font-family-case-sensitive
.CSSHint has been released on npm. It can be installed following the instructions.
$ [sudo] npm install csshint [-g]
Follow the following instruction if you are to update your CSSHint.
$ [sudo] npm update csshint [-g]
in CLI
$ csshint -v // show version
$ csshint [filePath|dirPath] // run csshint on file or dir
in Node.js
/**
* detect css file content
*
* @param {string} fileContent file content
* @param {Object=} config config of rule, optional
*
* @return {Promise} Promise Object
* reject and resolve arguments:
* {
* path: {string} file path
* messages: {Array.<Object>} warning messages, [{ruleName, line, col, errorChar, message, colorMessage}]
* }
*/
exports.checkString(fileContent, config);
/**
* detect file
*
* @param {Object} file the object has path and content key
* @param {Array} errors warning messages
* @param {Function} done detect callback
*/
check(file, errors, done);
/* csshint-disable ruleName */
and /* csshint-enable ruleName1 */
.FAQs
lint your css code
We found that csshint demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.