Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
grunt-stylelint
Advanced tools
Grunt plugin for running stylelint
If this is the first time you're using Grunt, the getting started guide will show you how to get up and running.
Once you have that installed, with a Gruntfile set for your code, you can install the plugin with:
npm install grunt-stylelint stylelint --save-dev
Note that this installs both grunt-stylelint and the stylelint tool itself, which is a peer dependency. If you do not explicitly depend on stylelint in your package.json
file and do not have it available, grunt-stylelint will not work. Modern versions of npm will warn you of such unmet peer dependencies.
In your Gruntfile, add the line:
grunt.loadNpmTasks( 'grunt-stylelint' );
stylelint
taskRun this task with the grunt stylelint
command.
You can specify the targets and options for the task using the normal Grunt configuration – see Grunt's guide on how to configure tasks in general.
For more explanations of the lint errors stylelint will throw at you please visit http://stylelint.io/.
In this example, running grunt stylelint:all
(or grunt stylelint
because stylelint
is a multi task) will lint the project's CSS and Sass files in the css
and sass
directories and their subdirectories, using the default stylelint options or the options specified in the .stylelintrc
in the root of the project. For an example config see http://stylelint.io/user-guide/example-config/.
// Project configuration.
grunt.initConfig({
stylelint: {
all: ['css/**/*.css', 'sass/**/*.scss']
}
});
A full set of config with default options would be:
// Project configuration.
grunt.initConfig( {
stylelint: {
options: {
configFile: '.stylelintrc',
formatter: 'string',
ignoreDisables: false,
failOnError: true,
outputFile: '',
reportNeedlessDisables: false,
fix: false,
syntax: ''
},
src: [
'src/**/*.{css,less,scss}',
…,
'!src/badstyles/*.css'
]
}
}
The options
object is passed through to stylelint
. Options you may wish to set are:
Type: function
or string
Default value: "string"
Values: "string"
|"verbose"
|"json"
In which output format would you like results. If grunt
is run with --verbose
and this is not explicitly set, it will act as though you passed in "verbose"
.
Type: boolean
Default value: false
Whether to ignore inline comments that disable stylelint.
Type: string
Output the report to a file.
Type: boolean
Default value: false
Whether to ignore inline comments that disable stylelint and report which ones did not block a lint warning.
Type: boolean
Default value: true
Whether to fail if stylelint detects an error.
Type: boolean
Default value: false
Automatically fix, where possible, violations reported by rules. If grunt
is run with --fix
and this is not explicitly set, it will be set to true
.
Type: string
Values: "scss"
|"less"
|"sugarss"
Which syntax standard should be used to parse source stylesheets. If this is unset, stylelint
will attempt to guess which syntax is used by the files' extensions.
FAQs
A Grunt checker for CSS files using Stylelint
The npm package grunt-stylelint receives a total of 27,416 weekly downloads. As such, grunt-stylelint popularity was classified as popular.
We found that grunt-stylelint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 25 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.