Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
grunt-contrib-sprites-preprocessor
Advanced tools
A grunt wrapper around https://github.com/madebysource/sprites-preprocessor
The only sprites generator I found, that handles CSS replacement well enough.
grunt.initConfig({
'sprite-preprocessor': {
options: {
// generated img name, defaults to 'sprite.png'
// maps to https://github.com/madebysource/sprites-preprocessor#name
spriteFileName: 'sprite.png',
// where all the images for the src CSS files live, defaults to 'src/assets'
// maps to https://github.com/madebysource/sprites-preprocessor#path
srcImagesDir: 'src/assets',
// a mutual prefix to all the urls in the CSS content
// maps to https://github.com/madebysource/sprites-preprocessor#prefix
cssUrlsPrefixedWith: 'assets/',
// destination directory of the sprite, if 'spriteDestDir' is not specified it defaults to the value of 'srcImagesDir'
spriteDestDir: 'dist/assets'
// few general grunt task options
separator: '', // in case you have more than 1 src css file,
filter: 'isFile' // or a function
// see http://gruntjs.com/configuring-tasks#files
},
files: {
'dest/style.with.sprites.css': ['src/style.css' /* you can add more, they willl just be concatenated */]
}
}
});
grunt.loadNpmTasks("grunt-contrib-sprites-preprocessor");
npm install grunt-contrib-sprites-preprocessor
grunt sprites-preprocessor
whatever spritesmith requires, I had to
sudo npm install -g phantomjs
# and
export PKG_CONFIG_PATH=/opt/X11/lib/pkgconfig
FAQs
a grunt wrapper around sprites-preprocessor
We found that grunt-contrib-sprites-preprocessor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.