Security News
Fluent Assertions Faces Backlash After Abandoning Open Source Licensing
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
This is a thing that parses CSS, Sass, and SCSS into a unist-compatible abstract syntax tree (AST), which makes it possible to then search and manipulate with all of the wonderful unist utility modules. Most of the heavy lifting is done by gonzales.
Install it with npm:
npm install --save sast
You can import
or require()
the module and access the API as its
methods, like this:
// CommonJS, older versions of Node
const sast = require('sast')
// ES6/ES2016/Babel/etc.
import sast from 'sast'
const tree = sast.parse('a { color: $red; }', {syntax: 'scss'})
console.dir(tree, {depth: null})
or you can import just the API methods you need, like so:
// CommonJS
const {parse} = require('sast')
// ES6
import {parse} from 'sast'
const tree = parse('a { color: $red; }', {syntax: 'scss'})
sast.parse(source [, options])
Synchronously parse the CSS, Sass, or SCSS source text (a string) into an
abstract source tree (AST). The default syntax is CSS ({syntax: 'css'}
);
other acceptable values are sass
, scss
, and less
. See the gonzales
docs for more info. To
parse files by path, use parseFile()
.
sast.stringify(node)
Format the resulting AST back into a string, presumably after manipulating it.
sast.jsonify(node)
Coerce the given AST node into JSON data, according to the following rules:
1
-> 1
, not "1"
.(a, 1)
-> ["a", 1]
(x: 1)
-> {x: 1}
$
.#
.rgb()
, rgba()
, hsl()
, hsla()
, and any other functions should
preserve their parentheses.sast.parseFile(filename [, parseOptions={} [, readOptions='utf8'])
Read a file and parse its contents, returning a Promise. If no
parseOptions.syntax
is provided, or its value is auto
, the filename's
extension will be used as the syntax
option passed to parse()
.
const {parseFile} = require('sast')
parseFile('path/to/some.scss')
.then(tree => console.dir(tree, {depth: null}))
.catch(error => console.error('Parse error:', error))
The sast
npm package comes with two command line utilities:
sast-parse
Parses a file or stdin as a given syntax, applies one or more simplifying transformations, then outputs the resulting syntax tree in a variety of formats:
Run sast-parse --help
for available options.
sast-data
Parses one or more SCSS (the only supported syntax at this time) files, and transforms all top-level variable declarations into key-value pairs. The result is a JSON object in which each key is a variable name, and the value is the jsonified variable value.
This is useful for generating [design tokens] from existing SCSS variables if you don't have the ability to go in the other direction.
Run sast-data --help
for available options and more information.
Most node types are defined by [gonzalez], the underlying parser. After transforming each of the syntax tree nodes into unist nodes, the following nodes are introduced:
Any parentheses
node whose first operator
child is a :
is interpreted as
a Sass map and recast as a map
node. The children
are preserved as-is,
and key/value pairs separated by :
and delimited by ,
are placed in the
values
property as an array of objects with key
and value
properties,
each of which is a plain old node list. Some examples:
(x: 1)
will be jsonified as {x: 1}
(x: a, y: 2)
will be interpreted as {x: "a", y: 2}
Any parentheses
node whose first operator
child is a ,
is interpreted as
a list (array) and recast as a list
node. The children
are perserved as-is,
and children that aren't space
nodes are split into subgroups by each ,
operator and converted into value
nodes with one or more children, then
placed in the values
property of the list
node. Some examples:
(1, x)
will be jsonified as [1, "x"]
(a, (b, c))
will be intepreted as ["a", ["b", "c"]]
FAQs
Parse CSS, Sass, and SCSS into Unist syntax trees
We found that sast demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Fluent Assertions is facing backlash after dropping the Apache license for a commercial model, leaving users blindsided and questioning contributor rights.
Research
Security News
Socket researchers uncover the risks of a malicious Python package targeting Discord developers.
Security News
The UK is proposing a bold ban on ransomware payments by public entities to disrupt cybercrime, protect critical services, and lead global cybersecurity efforts.