Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Slick is a standalone selector engine that is totally slick. Slick is split in 2 components: the Finder and the Parser. The Finder's job is to find nodes on a webpage, the Parser's job is to create a javascript object representation of any css selector.
Slick allows you to:
Find nodes in the DOM
search
context for selectorSearch this context for any nodes that match this selector.
Expects:
Returns: append argument or Array of 0 or more nodes
slick.search("#foo > bar.baz") → [<bar>, <bar>, <bar>]
slick.search("li > a", [<ol>, <ul>]) → [<a>, <a>, <a>]
slick.search("#foo > bar.baz", document, []) → [<bar>, <bar>, <bar>]
find
first in context with selector or nullFind the first node in document that matches selector or null if none are found.
Expects:
Returns: Element or null
slick.find("#foo > bar.baz") → <bar>
slick.find("#does-not-exist", node) → null
matches
selector?Does this node match this selector?
Expects:
Returns: true or false
slick.matches(<div class=rocks>, "div.rocks") → true
slick.matches(<div class=lame>, "div.rocks") → false
slick.matches(<div class=lame>, <div class=rocks>) → false
contains
node?Does this context contain this node? Is the context a parent of this node?
Expects:
Returns: true or false
slick.contains(<ul>, <li>) → true
slick.contains(<body>, <html>) → false
Parse a CSS selector string into a JavaScript object
parse
selector into objectParse a CSS Selector String into a Selector Object.
Expects: String
Returns: SelectorObject
slick.parse("#foo > bar.baz") → SelectorObject
#foo > bar.baz
[[
{ "combinator":" ", "tag":"*", "id":"foo" },
{ "combinator":">", "tag":"bar", "classList": ["baz"], "classes": [{"value":"baz", "match": RegExp }]}
]]
h1, h2, ul > li, .things
[
[{ "combinator":" ", "tag": "h1" }],
[{ "combinator":" ", "tag": "h2" }],
[{ "combinator":" ", "tag": "ul" }, { "combinator": ">", "tag": "li" }],
[{ "combinator":" ", "tag": "*", "classList": ["things"], "classes": [{"value": "things", "match": RegExp }] }]
]
FAQs
Standalone CSS Selector Finder and Parser.
We found that slick demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.