
Research
/Security News
Critical Vulnerability in NestJS Devtools: Localhost RCE via Sandbox Escape
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
gulp-bless
Advanced tools
CSS post-processor which splits CSS files suitably for Internet Explorer < 10. Bless + Gulp = gulp-bless.
Gulp plugin which splits CSS files suitably for Internet Explorer < 10.
This is the a Gulp wrapper around bless.js (see blesscss.com).
npm install gulp-bless
var gulp = require('gulp');
var bless = require('gulp-bless');
gulp.task('css', function() {
gulp.src('style.css')
.pipe(bless())
.pipe(gulp.dest('./splitCSS'));
});
gulp.task('default', ['watch']);
// Rerun the task when a file changes
gulp.task('watch', function () {
gulp.watch('./css/*.css', ['css']);
});
imports
- A boolean (which defaults to true
). Determines whether or not the first chunk / "blessed" file @import
s the others.cacheBuster
- A boolean (which defaults to true
). If imports
is true
, this will add a random query parameter value to prevent against aggressive caching.log
- A boolean (which defaults to false
). Logs a small bit of information about the process.suffix
- Either a string or a function (which defaults to "-blessed"
).
//Assume you have long.css that is to be splitted into 3 parts, following code will
//produce 3 files: long.css, long-part1.css, long-part2.css
gulp.src('long.css')
.pipe(bless{
suffix: '-part'
})
.pipe(gulp.dest('./'));
//Assume you have long.css that is to be splitted into 3 parts, following code will
//produce 3 files: long.css, long-functionpart1.css, long-functionpart2.css
gulp.src('long.css')
.pipe(bless{
suffix: function(index) {
return "-functionpart" + index;
}
})
.pipe(gulp.dest('./'));
Example:
gulp.src('long.css')
.pipe(bless({
imports: false
}))
.pipe(gulp.dest('./'))
You should minify your CSS after it goes through gulp-bless. See BlessCSS/bless#90 as to why.
Yes. This can be used with gulp-sourcemaps.
FAQs
CSS post-processor which splits CSS files suitably for Internet Explorer < 10. Bless + Gulp = gulp-bless.
The npm package gulp-bless receives a total of 2,712 weekly downloads. As such, gulp-bless popularity was classified as popular.
We found that gulp-bless demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
/Security News
A flawed sandbox in @nestjs/devtools-integration lets attackers run code on your machine via CSRF, leading to full Remote Code Execution (RCE).
Product
Customize license detection with Socket’s new license overlays: gain control, reduce noise, and handle edge cases with precision.
Product
Socket now supports Rust and Cargo, offering package search for all users and experimental SBOM generation for enterprise projects.