Security News
cURL Project and Go Security Teams Reject CVSS as Broken
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Parse and stringify the HTML
<img>
srcset attribute.
Can be useful if you're creating a build-tool.
npm install srcset
How an image with srcset
might look like:
<img
alt="The Breakfast Combo"
src="banner.jpg"
srcset="banner-HD.jpg 2x, banner-phone.jpg 100w"
>
Then have some fun with it:
import {parseSrcset, stringifySrcset} from 'srcset';
const parsed = parseSrcset('banner-HD.jpg 2x, banner-phone.jpg 100w');
console.log(parsed);
/*
[
{
url: 'banner-HD.jpg',
density: 2
},
{
url: 'banner-phone.jpg',
width: 100
}
]
*/
parsed.push({
url: 'banner-super-HD.jpg',
density: 3
});
const stringified = stringifySrcset(parsed);
console.log(stringified);
/*
banner-HD.jpg 2x, banner-phone.jpg 100w, banner-super-HD.jpg 3x
*/
Parse the HTML <img>
srcset attribute.
Accepts a “srcset” string and returns an array of objects with the possible properties: url
(always), width
, height
, and density
.
Type: string
A “srcset” string.
Type: object
Type: boolean
Default: false
When enabled, an invalid “srcset” string will cause an error to be thrown. When disabled, a best effort will be made to parse the string, potentially resulting in invalid or nonsensical output.
Stringify SrcSetDefinition
s. Accepts an array of SrcSetDefinition
objects and returns a “srcset” string.
Type: array
An array of SrcSetDefinition
objects. Each object should have a url
field and may have width
, height
or density
fields. When the strict
option is true
, only width
or density
is accepted.
Type: object
Type: boolean
Default: false
Enable or disable validation of the SrcSetDefinition
's. When true, invalid input will cause an error to be thrown. When false, a best effort will be made to stringify invalid input, likely resulting in invalid srcset value.
FAQs
Parse and stringify the HTML `` srcset attribute
The npm package srcset receives a total of 603,518 weekly downloads. As such, srcset popularity was classified as popular.
We found that srcset demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
cURL and Go security teams are publicly rejecting CVSS as flawed for assessing vulnerabilities and are calling for more accurate, context-aware approaches.
Security News
Bun 1.2 enhances its JavaScript runtime with 90% Node.js compatibility, built-in S3 and Postgres support, HTML Imports, and faster, cloud-first performance.
Security News
Biden's executive order pushes for AI-driven cybersecurity, software supply chain transparency, and stronger protections for federal and open source systems.