Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
namespace-css-selectors
Advanced tools
Prefix CSS selectors to avoid collisions and live in harmony with nature.
const namespaceCSS = require('namespace-css-selectors');
const css = `div { color: red }`;
namespaceCSS(css, '.marshmallow');
// .marshmallow div { color: red }
This module provides you and your family with a function that prefixes CSS selector. It's useful when you want to accept user input for styles, but you don't want them to be applied globally.
Here is an example:
<style>
p { color: blue };
</style>
<p>Outside</p>
<div class="inside">
<style>
p { color: red; }
</style>
<p>Inside</p>
</div>
In this situation, both paragraphs are going to be red. Gross. What if we rewrote the CSS inside of the div so that the global p
selector was .inside p
instead?
const scopeCSS = require('namespace-css-selectors');
const inside = document.querySelector('.inside style');
inside.innerText = scopeCSS(inside.innerText, '.inside');
The result would now be:
<style>
p { color: blue };
</style>
<p>Outside</p>
<div class="inside">
<style>
.inside p { color: red; }
</style>
<p>Inside</p>
</div>
Pretty cool.
FAQs
Prefix CSS selectors to avoid collisions and live in harmony with nature.
We found that namespace-css-selectors demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.