Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
mensch
Advanced tools
Changelog
0.3.4 - 09 Nov 2019
Readme
A decent CSS parser.
npm install mensch
var mensch = require('mensch');
var ast = mensch.parse('p { color: black; }');
var css = mensch.stringify(ast);
console.log(css);
// => p { color: black; }
Convert a CSS string or an array of lexical tokens into a stringify
-able AST.
css
{String|Array} CSS string or array of lexical tokens[options]
{Object}[options.comments=false]
{Boolean} Allow comment nodes in the AST.[options.position=false]
{Boolean} Allow line/column position in the AST.When {position: true}
, AST node will have a position
property:
{
type: 'comment',
text: ' Hello World! ',
position: {
start: { line: 1, col: 1 },
end: { line 1, col: 18 }
}
}
Convert a stringify
-able AST into a CSS string.
ast
{Object} A stringify
-able AST[options]
{Object}[options.comments=false]
{Boolean} Allow comments in the stringified CSS.[options.indentation='']
{String} E.g., indentation: ' '
will indent by
two spaces.Convert a CSS string to an array of lexical tokens for use with .parse()
.
css
{String} CSSMensch is a non-validating CSS parser. While it can handle the major language
constructs just fine, and it can recover from gaffes like mis-matched braces and
missing or extraneous semi-colons, mensch can't tell you when it finds
invalid CSS like a misspelled property name or a misplaced @import
.
Unlike most CSS parsers, mensch allows comments to be represented in the AST and
subsequently stringified with the {comments: true}
option.
var options = { comments: true };
var ast = mensch.parse('.red { color: red; /* Natch. */ }', options);
var css = mensch.stringify(ast, options);
console.log(css);
//=> .red { color: red; /* Natch. */ }
However, comments within the context of a selector, property, etc., will be ignored. These comments are difficult to represent in the AST.
var ast = mench.parse('.red /*1*/ { color /*2*/: /*3*/ red /*4*/; }', options);
var css = mesch.stringify(ast, options);
console.log(css);
//=> .red { color: red; }
The structure of mensch's AST riffs on several existing CSS parsers, but it might not be 100% compatible with other CSS parsers. Here it is in a nutshell:
{
type: 'stylesheet'
stylesheet: {
rules: [{
type: 'rule',
selectors: ['.foo'],
declarations: [{
type: 'property',
name: 'color',
value: 'black'
}]
}]
}
}
Mensch is based on several existing CSS parsers, but nzakas/parser-lib and visionmedia/css are notable influences.
voidlabs/mosaico uses Mensch parser to parse custom-flavored CSS rules in email templates and make the template editable: positions, comment parsing, multiple declarations for the same property have been keys to the choice of Mensch!
Automattic/juice moved to Mensch CSS parser since 3.0 release in order to fix dozen of issues with the previous parser, expecially with support for "multiple properties declarations" in the same ruleset and with invalid values.
Please let us know if you use Mensch in your library!
FAQs
A decent CSS parser
The npm package mensch receives a total of 702,093 weekly downloads. As such, mensch popularity was classified as popular.
We found that mensch demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.