Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Our css starter pack and folder structure. The purpose of this repo is to have a single source of truth for all css used across, react, wordpress, static, or any future sites. When spinning up a new repo, please make sure it's using the latest version of this scss
folder..
This project runs on Node v16. Install Node 16 to run this project or install NVM and run nvm install v16
. If using NVM, precede your npm run
commands with nvm use
.
Run npm i
before running each NPM script to ensure that the project's dependencies are available and up to date.
To spin up the sass dev environment for this project, run npm run sass-dev
. This will compile and watch ./test/test.scss
for changes.
This project uses prettier and stylelint for automatic code formatting and CSS linting. Prettier and stylelint can be run on the whole project at once by running npm run prettier
and npm run stylelint
. This project uses husky
and lint-staged
to automatically run prettier and stylelint on staged files to format files before they are committed. If any errors are thrown from either library during the pre-commit process, git will output the errors and the commit will be blocked until the errors are fixed.
Contributions are welcome! Please either post an issue of a suggestion or open a pull request. Be sure to edit test/index.html
to show clear example of code addition.
Will post more on our responsive theory soon, but for now:
Write all base styles then overwrite as necessary for desktop(landscape). This will result in much less overwriting of code. Mobile media queries should be rare.
body {
padding: 0 5%;
@media (min-width: #{$tp}px) {
padding: 0 15vw;
}
}
Designs will have both portrait (mobile) designs and (desktop) designs delivered by the design team. In general these will be the sizes
375px
1280px
(Sometimes 1440px
)We're introducing a new vw()
function which takes these sizes into account.
Input:
div {
width: vw(320px);
}
Output:
div {
width: 2.34375vw;
}
The output becomes a flexible vw unit that changes as browser resizes. At 1280px
it should match up exactly to the comp.
Use the pixel sizes you see in Figma and wrap them in this function everywhere. The exception is if you want to use actual pixels, then use px
or rem(px)
and it will output fixed pixel sizes.
We have 2 mixins to help with Fluid Typography.
Base mixin:
.item {
@include fluidType($minFontSize, $maxFontSize, $minWidth, $maxWidth);
}
This is superset of fluidType that should be used in most cases, and is great for Figma matching. Use this for fully responsive type automation. In most cases you only need to provide 2 arguments: The mobile size and the desktop size. Note these values are not the same as fluidType
.
h1 {
@include setType(32, 48);
}
Sometimes for smaller fonts you want to override the smallest size that it can go. In this case pass in the $minClamp
argument which is the percentage the minimum font size should be compared to default size. Set it to 100%
to have it not scale any smaller than default size.
p {
@include setType(14, 16, $minClamp: 94%);
}
.eyebrow {
@include setType(11, 13, 100%);
}
FAQs
kni css
The npm package kni-scss receives a total of 106 weekly downloads. As such, kni-scss popularity was classified as not popular.
We found that kni-scss demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.