Research
Security News
Threat Actor Exposes Playbook for Exploiting npm to Build Blockchain-Powered Botnets
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
postcss-discard-comments
Advanced tools
The postcss-discard-comments npm package is a PostCSS plugin designed to remove comments from your CSS files. It can be highly useful for reducing the size of CSS files in production environments, improving load times and efficiency. The package offers flexibility in handling comments, allowing users to remove all comments or selectively keep some based on specific criteria.
Remove all comments
This feature allows you to remove all comments from your CSS files, which can significantly reduce file size and improve loading times for your web pages.
postcss([ require('postcss-discard-comments')() ]).process(YOUR_CSS).then(result => { console.log(result.css); });
Preserve comments with specific patterns
This feature enables you to keep comments that match specific patterns, such as those starting with an exclamation mark (!), which are often used to denote important information or licensing details.
postcss([ require('postcss-discard-comments')({remove: (comment) => !comment.startsWith('!')}) ]).process(YOUR_CSS).then(result => { console.log(result.css); });
cssnano is a modular minifier that includes functionalities similar to postcss-discard-comments as part of its optimization capabilities. It can remove comments, but also offers a wide range of other optimizations like minifying font weights, discarding unused at-rules, and reducing CSS calc expressions.
clean-css is another CSS minifier that can remove comments from CSS files. It provides advanced optimizations including restructuring rules, merging duplicate rules, and removing unused CSS, making it a more comprehensive tool for CSS optimization compared to postcss-discard-comments.
Discard comments in your CSS files with PostCSS.
Install via npm:
npm install postcss-discard-comments --save
var postcss = require('postcss')
var comments = require('postcss-discard-comments');
var css = 'h1/* heading */{margin:0 auto}';
console.log(postcss(comments()).process(css).css);
// => 'h1{margin:0 auto}'
This module discards comments from your CSS files; by default, it will remove
all regular comments (/* comment */
) and preserve comments marked as important
(/*! important */
) or that refer to a source mapping URL (/*# sourcemap */
).
Type: boolean
Default: false
Remove all comments marked as important.
var css = '/*! heading */h1{margin:0 auto}/*! heading 2 */h2{color:red}';
console.log(postcss(comments({removeAll: true})).process(css).css);
//=> h1{margin:0 auto}h2{color:red}
Type: boolean
Default: false
Remove all comments marked as important, but the first one.
var css = '/*! heading */h1{margin:0 auto}/*! heading 2 */h2{color:red}';
console.log(postcss(comments({removeAllButFirst: true})).process(css).css);
//=> /*! heading */h1{margin:0 auto}h2{color:red}
Pull requests are welcome. If you add functionality, then please add unit tests to cover it.
MIT © Ben Briggs
FAQs
Discard comments in your CSS files with PostCSS.
The npm package postcss-discard-comments receives a total of 9,055,197 weekly downloads. As such, postcss-discard-comments popularity was classified as popular.
We found that postcss-discard-comments demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 8 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A threat actor's playbook for exploiting the npm ecosystem was exposed on the dark web, detailing how to build a blockchain-powered botnet.
Security News
NVD’s backlog surpasses 20,000 CVEs as analysis slows and NIST announces new system updates to address ongoing delays.
Security News
Research
A malicious npm package disguised as a WhatsApp client is exploiting authentication flows with a remote kill switch to exfiltrate data and destroy files.