Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
A pure-JavaScript, bottom-up CSS selector engine designed to be easily dropped in to a host library.
A pure-JavaScript CSS selector engine designed to be easily dropped in to a host library.
In the spirit of open source software development, jQuery always encourages community code contribution. To help you get started and before you jump into writing code, be sure to read these important contribution guidelines thoroughly:
In order to build Sizzle, you should have Node.js/npm latest and git 1.7 or later (earlier versions might work OK, but are not tested).
For Windows you have to download and install git and Node.js.
Mac OS users should install Homebrew. Once Homebrew is installed, run brew install git
to install git,
and brew install node
to install Node.js.
Linux/BSD users should use their appropriate package managers to install git and Node.js, or build from source if you swing that way. Easy-peasy.
Clone a copy of the main Sizzle git repo by running:
git clone git://github.com/jquery/sizzle.git
In the sizzle/dist
folder you will find build version of sizzle along with the minified copy and associated map file.
npm install
, it's also preferable (but not necessarily) to globally install grunt-cli
package – npm install -g grunt-cli
test/index.html
in the browser. Or run npm test
/grunt test
on the command line, if environment variables BROWSER_STACK_USERNAME
and BROWSER_STACK_ACCESS_KEY
are set up, it will attempt to use Browserstack service (you will need to install java on your machine so browserstack could connect to your local server), otherwise PhantomJS will be used.test/unit
directory.npm run build
or grunt
will lint, build, test, and compare the sizes of the built files.npm start
or grunt start
can be run to re-lint, re-build, and re-test files as you change them.grunt -help
will show other available commands.FAQs
A pure-JavaScript, bottom-up CSS selector engine designed to be easily dropped in to a host library.
The npm package sizzle receives a total of 16,600 weekly downloads. As such, sizzle popularity was classified as popular.
We found that sizzle demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.