Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
postcss-color-rgba-fallback
Advanced tools
Readme
PostCSS plugin to transform rgba() to hexadecimal.
$ npm install postcss-color-rgba-fallback
// dependencies
var fs = require("fs")
var postcss = require("postcss")
var colorRgbaFallback = require("postcss-color-rgba-fallback")
// css to be processed
var css = fs.readFileSync("input.css", "utf8")
// process css
var output = postcss()
.use(colorRgbaFallback())
.process(css)
.css
Using this input.css
:
body {
background: rgba(153, 221, 153, 0.8);
border: solid 1px rgba(100,102,103,.3);
}
you will get:
body {
background: #99DD99;
background: rgba(153, 221, 153, 0.8);
border: solid 1px #646667;
border: solid 1px rgba(100,102,103,.3);
}
postcss-color-rgba-fallback accepts options
properties
default: [ "background-color", "background", "color", "border", "border-color", "outline", "outline-color ]
Allows you to specify your whitelist of properties. This option enables adding a fallback for one or a properties list
oldie
default: false
Set to true to enable the option and to get fallback for ie8
backgroundColor
default: null
Allows you to specify a background color to use as a base alpha matte.
Instead of cutting off the alpha channel it will blend the foreground and background.
Expects an array of rgb values:
"backgroundColor": [255, 1, 1]
Checkout tests for more examples.
Work on a branch, install dev-dependencies, respect coding style & run tests before submitting a bug fix or a feature.
$ git clone https://github.com/postcss/postcss-color-rgba-fallback.git
$ git checkout -b patch-1
$ npm install
$ npm test
FAQs
PostCSS plugin to transform rgba() to hexadecimal
We found that postcss-color-rgba-fallback demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.