Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
htmx-sync-css
Advanced tools
htmx
, you'd usually bundle all of your styles in one file and load it in the browser with the initial request to ensure every piece of HTML/X that's returned from your server will find all the styles it needs.Let's assume you have the following htmx
snippet:
<div>
<button hx-get="/get-em" hx-target="#target">Get 'em!</button>
<span id="target"></span>
</div>
/get-em
endpoint returns the following htmx
:
<span class="take_em">We're here!</span>
Now if you need to style this span to look special or different, you'd usually need to add styles for take_em
class in your initial CSS file that's returned with the very first request to your server.
sync-css
extension!You can update the head's styles if you follow 3 steps:
Add sync-css
extension to your original HTML head.
<!-- htmx -->
<script src="https://unpkg.com/htmx.org"></script>
<!-- sync-css extension -->
<script src="https://unpkg.com/htmx-sync-css" defer></script>
Wrap either your body
or the nearest element you want the extension to take effect on with hx-ext="sync-css"
.
<div hx-ext="sync-css">
<button hx-get="/get-em" hx-target="#target">Get 'em!</button>
<span id="target"></span>
</div>
Add a <style>
tag in the returned htmx
from your /get-em
endpoint that should contain the new styles updates. To ensure these styles will not be update every time this endpoint is called, it's best to set data-style-id
.
<style data-style-id="take-em-styles">
.take_em {
background-color: "yellow";
}
</style>
<span class="take_em">We're here!</span>
FAQs
htmx extension to sync CSS from response text.
The npm package htmx-sync-css receives a total of 0 weekly downloads. As such, htmx-sync-css popularity was classified as not popular.
We found that htmx-sync-css demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.