Security News
Cloudflare Adds Security.txt Setup Wizard
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
node-sass
Advanced tools
The node-sass npm package is a library that allows you to natively compile .scss files to CSS at incredible speed and automatically via a connect middleware. It provides a binding for Node.js to the Sass engine, which is written in C++ and allows for the translation of SCSS or SASS syntax into standard CSS that browsers can understand.
Compiling SCSS to CSS
This feature allows you to compile .scss files into .css files. The 'render' method takes an options object and a callback function. The options object specifies the input and output paths for the SCSS and CSS files, respectively. The callback is invoked after the compilation process, and you can handle the result or error accordingly.
const sass = require('node-sass');
sass.render({
file: 'path/to/input.scss',
outFile: 'path/to/output.css'
}, function(error, result) { // Node-style callback from v3.0.0 onwards
if(!error){
// No errors during the compilation, write this result on the disk
fs.writeFile('path/to/output.css', result.css, function(err){
if(!err){
//file written on disk
}
});
}
});
Watching files or directories
This feature allows you to watch .scss files or directories for changes and automatically recompile them to CSS when a change is detected. The example uses 'chokidar', an external library for watching files, to listen for changes on the specified SCSS file and then uses node-sass to compile the file to CSS.
const sass = require('node-sass');
const chokidar = require('chokidar');
chokidar.watch('path/to/input.scss').on('change', () => {
sass.render({
file: 'path/to/input.scss',
outFile: 'path/to/output.css'
}, function(error, result) {
if (!error) {
fs.writeFile('path/to/output.css', result.css, function(err){
if(!err){
console.log('SCSS file updated.');
}
});
}
});
});
Command Line Interface (CLI) usage
node-sass provides a CLI for compiling SCSS files to CSS directly from the command line. In this example, the '--output-style' option is used to specify the CSS output format (compressed in this case), '-o' is used to define the output directory for the compiled CSS, and the last argument is the input directory containing the SCSS files.
node-sass --output-style compressed -o dist/css src/scss
The 'sass' package is the primary implementation of Sass, which is written in Dart. It provides the same core functionality as node-sass but does not rely on a native C++ binding, making it more portable and easier to install across different environments. It is also the package recommended by the Sass team as node-sass has been deprecated.
PostCSS is a tool for transforming CSS with JavaScript plugins. While it is not a direct replacement for node-sass, it can be used with plugins like 'precss' to provide similar SCSS-like syntax and features. PostCSS is highly extensible and can be integrated with a large number of plugins to extend its capabilities beyond what node-sass offers.
Less is a backward-compatible language extension for CSS. It is similar to SCSS in terms of features like variables, mixins, and nesting, but it has its own syntax and compiles to CSS using the Less compiler. While it serves a similar purpose to node-sass, it is a different preprocessor language with its own community and ecosystem.
Stylus is a preprocessor that serves as an alternative to SCSS. It offers a flexible syntax with optional colons, semicolons, and braces, and provides powerful features like variable interpolation and functions. Stylus can be seen as a more expressive, but less widely adopted, alternative to node-sass.
##node-sass
Node-sass is a library that provides binding for Node.js to libsass, the C version of the popular stylesheet preprocessor, Sass.
It allows you to natively compile .scss files to css at incredible speed and automatically via a connect middleware.
Find it on npm: http://search.npmjs.org/#/node-sass
npm install
var sass = require('node-sass');
sass.render('body{background:blue; a{color:black;}}', function(err, css){
console.log(css)
});
Recompile .scss
files automatically for connect and express based http servers
var server = connect.createServer(
sass.middleware({
src: __dirname
, dest: __dirname + '/public'
, debug: true
}),
connect.static(__dirname + '/public')
);
Heavily inspired by https://github.com/LearnBoost/stylus
FAQs
Wrapper around libsass
We found that node-sass demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.
Security News
ENISA’s 2024 report highlights the EU’s top cybersecurity threats, including rising DDoS attacks, ransomware, supply chain vulnerabilities, and weaponized AI.