Security News
Input Validation Vulnerabilities Dominate MITRE's 2024 CWE Top 25 List
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
less-middleware
Advanced tools
This middleware was created to allow processing of Less files for Connect JS framework and by extension the Express JS framework.
npm install less-middleware --save
lessMiddleware(source, [{options}])
var lessMiddleware = require('less-middleware');
var app = express();
app.use(lessMiddleware(__dirname + '/public'));
app.use(express.static(__dirname + '/public'));
options
The following options can be used to control the behavior of the middleware:
Option | Description | Default |
---|---|---|
debug | Show more verbose logging? | false |
dest | Destination directory to output the compiled .css files. | Same directory as less source files. |
force | Always re-compile less files on each request. | false |
once | Only recompile once after each server restart. Useful for reducing disk i/o on production. | false |
pathRoot | Common root of the source and destination. It is prepended to both the source and destination before being used. | null |
postprocess | Object containing functions relevant to postprocessing data. | |
postprocess.css | Function that modifies the compiled css output before being stored. | function(css, req){...} |
preprocess | Object containing functions relevant to preprocessing data. | |
preprocess.less | Function that modifies the raw less output before being parsed and compiled. | function(src, req){...} |
preprocess.path | Function that modifies the less pathname before being loaded from the filesystem. | function(pathname, req){...} |
preprocess.importPaths | Function that modifies the import paths used by the less parser per request. | function(paths, req){...} |
render | Options for the less render. See the "render Options" section below. | … |
storeCss | Function that is in charge of storing the css in the filesystem. | function(pathname, css, req, next){...} |
cacheFile | Path to a JSON file that will be used to cache less data across server restarts. This can greatly speed up initial load time after a server restart - if the less files haven't changed and the css files still exist, specifying this option will mean that the less files don't need to be recompiled after a server restart. |
render
OptionsThe options.render
is passed directly into the less.render
with minimal defaults or changes by the middleware.
The following are the defaults used by the middleware:
Option | Default |
---|---|
compress | auto |
yuicompress | false |
paths | [] |
Common examples of using the Less middleware are available in the wiki.
{force: true}
!Make sure you're declaring less-middleware before your static middleware, if you're using the same directory, e.g. (with express):
var lessMiddleware = require('less-middleware');
var app = express();
app.use(lessMiddleware(__dirname + '/public'));
app.use(express.static(__dirname + '/public'));
not
var lessMiddleware = require('less-middleware');
var app = express();
app.use(express.static(__dirname + '/public'));
app.use(lessMiddleware(__dirname + '/public'));
If you are hosting your app on IIS you will have to modify your web.config
file in order to allow NodeJS to serve your CSS static files. IIS will cache your CSS files, bypassing NodeJS static file serving, which in turn does not allow the middleware to recompile your LESS files.
FAQs
LESS.js middleware for connect.
The npm package less-middleware receives a total of 17,424 weekly downloads. As such, less-middleware popularity was classified as popular.
We found that less-middleware demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.