Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
postcss-remove-unused-css
Advanced tools
Readme
This is a simple to use PostCSS plugin that removes CSS selectors based on your other files.
This package is inspired by PurifyCSS and works the same.
It scans your HTML and JS files (you can configure which extensions it looks) and looks for words. Then it compares with words in your CSS selectors and filters out selectors without matches. If you have the word blue
written in one of your JS or HTML files, it will allow a selector called .blue
in your CSS. It is a simple and imperfect system, but it works.
Unlike UnCSS, the content of your other files don't matter: we're running a simple regex match against the text files instead of a parser. We're also not running any Javascript. Therefore, it is simpler, but it might produce some false-positives. If you need a more precise approach we strongly recommend UnCSS.
Don't include CSS files in your extensions. This will make the plugin look for identifiers inside CSS files and the plugin won't optimize your code.
I'm using a simple file traversal algorithm instead of a Glob. I haven't tested it in all operating systems and environments, only the popular ones. Please file an issue and I'll look into it.
npm install postcss-remove-unused-css
yarn add postcss-remove-unused-css
const remover = require('postcss-remove-unused-css');
postcss([remover(options)]);
See [PostCSS] docs for examples for your environment.
Name | Type | Description | Default Value |
---|---|---|---|
path | String | Path to your project files | "./src" |
exts | Array | Extensions to look into | [".js", ".jsx", ".ts", ".tsx", ".html", ".vue", ".svelte"] |
whitelist | Array | Your whitelisted words | ["html", "body"] |
.postcssrc
{
"plugins": {
"postcss-remove-unused-css": {
"path": "./app",
"exts": [".js", ".html"]
}
}
}
package.json
: "postcss": {
"plugins": {
"postcss-remove-unused-css": {
"path": "./app",
"exts": [".js", ".html"]
}
}
},
<!DOCTYPE html>
<html>
<body>
<div class="blue bold">Hello, world!</div>
</body>
</html>
body { background: gray }
.blue { color: blue }
.red { color: red }
.pink { color: pink }
.bold { font-weight: bold }
.thin { font-weight: 100 }
.center { text-align: center }
body { background: gray }
.blue { color: blue }
.bold { font-weight: bold }
Copyright (c) 2019 Silvio Henrique Ferreira. See the LICENSE file for license rights and limitations (MIT).
FAQs
Whitelists CSS selectors based on your other files
The npm package postcss-remove-unused-css receives a total of 82 weekly downloads. As such, postcss-remove-unused-css popularity was classified as not popular.
We found that postcss-remove-unused-css demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.