Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
fast-sass-loader
Advanced tools
Blazingly fast sass loader for webpack.
Tips: using with fast-css-loader you will get more than 10 times css build performance
Features:
sass-loader
in large sass project@import
same file in different placeurl(...)
(see https://github.com/webpack-contrib/sass-loader#problems-with-url)fast sass loader for webpack. 5~10 times faster than sass-loader, and support url resolve.
Since libsass has been deprecated, fast-sass-loader will use sass instead of node-sass, you can use options.implement
to specify any compatible sass compiler.
sass-loader
Features | fast-sass-loader | sass-loader |
---|---|---|
Performance | Fast (5~10 times) | Slow |
Sass Dedupe | ✓ | × |
Url Resolve | ✓ | × (need resolve-url-loader, it's buggy) |
Loader Config | × | ✓ |
Source Map | × | ✓ |
Internal Cache | ✓ | × |
performance benchmark (run npm run perf
):
Since the sass-loader
doesn't dedupe repeated sass files, the result will be very very large (6.95MB!!!), and the total compile time takes 64.9 seconds (nearly 6 times longer than fast-sass-loader
).
fast-sass-loader
is faster than sass-loader
?node-sass
won't compile same file repeatedly, the performance improvement is s ignificant when your sass files number grows very large.fast-sass-loader
will merge all sass files into a single file, so node-sass only need to compile one large file, it's faster than @importer
of libsass.install by npm:
npm install fast-sass-loader --save-dev
and you need install node-sass and webpack as peer dependencies.
{
module: {
rules: [
{
test: /\.(scss|sass)$/,
use: [
'css-loader',
{
loader: 'fast-sass-loader',
options: {
includePaths: [ ... ]
}
}
]
},
// other loaders ...
]
}
}
{
module: {
loaders: [
{
test: /\.(scss|sass)$/,
loader: 'css!fast-sass'
},
// other loaders ...
]
}
}
since version 2.x, fast-sass-loader use dart-sass (npm sass
) instead of original node-sass, if you want use node-sass please use this options to modify.
{
loader: 'fast-sass-loader',
options: {
implementation: require('node-sass')
}
}
An array of paths that node-sass can look in to attempt to resolve your @import declarations. When using data, it is recommended that you use this.
If you want to prepend Sass code before the actual entry file, you can set the data option. In this case, the loader will not override the data option but just append the entry's content. This is especially useful when some of your Sass variables depend on the environment:
{
loader: "fast-sass-loader",
options: {
data: "$env: " + process.env.NODE_ENV + ";"
}
}
Please note: Since you're injecting code, this will break the source mappings in your entry file. Often there's a simpler solution than this.
If you want to import files that aren't basic Sass or css files, you can use the transformers option. This option takes an array of transformer entries, each with a list of file extensions and a tranform function. If an imported file's extension matches one of the transformers' extensions, the file contents will be passed to the corresponding transform function. Your transform function should return a sass string that will be directly written into your compiled Sass file. This is especially useful if you use .json files to share your basic styles across platforms and you'd like to import your .json files directly into your Sass.
{
loader: "fast-sass-loader",
options: {
transformers: [
{
extensions: [".json"],
transform: function(rawFile) {
return jsonToSass(rawFile);
}
}
]
}
}
The outputStyle option is passed to the render method of node-sass. See node-sass OutputStyle. This can be used to create smaller css files if set to "compressed".
By default fast-sass-loader
resolves and rewrites paths inside url()
. This behavior can be turned off with resolveURLs: false
option so all URLs will remain intact.
.scss
and.sass
file is not allowedSince fast-sass-loader
will parse @import
and merge all files into single sass file, you cannot import .scss
file from .sass
(or opposite).
For example:
// file: entry.scss
@import "path/to/file.sass"; // cannot import `path/to/file.sass` in a `.scss` file
body {
background: #FFF;
}
Since fast-sass-loader
will dedupe sass file, later imported file will be ignored. Using same variable name in different sass fill would produce unexpected output.
For example (compile entry.scss
with fast-sass-loader):
// a.scss
$foobar: #000;
// b.scss
@import "a.scss";
$foobar: #AAA;
h1 { color: $foobar; }
// entry.scss
@import "b.scss";
@import "a.scss"; // this file will be ignore: $foobar === #AAA
h2 { color: $foobar; }
// will output:
// h1 { color: #AAA; }
// h2 { color: #AAA; }
You can use variable prefix to bypass.
fast-sass-loader doesn't support @import
statement in sass rules, for example:
.a {
@import 'group'
}
.b {
@import 'group'
}
you should wrap the rules that you want to import with mixin, then include them in your .a { ... }
or .b { ... }
MIT
FAQs
fast sass loader for Webpack
The npm package fast-sass-loader receives a total of 31,436 weekly downloads. As such, fast-sass-loader popularity was classified as popular.
We found that fast-sass-loader demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.