Gathering detailed insights and metrics for @hint/parser-sass
Gathering detailed insights and metrics for @hint/parser-sass
Installations
npm install @hint/parser-sassDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
14.20.0
NPM Version
8.14.0
Releases
954
Dist files
dist
Updated on Oct 01, 2019
configuration-development-v6.1.1
configuration-development-v6.1.1
Updated on Mar 07, 2019
hint-sri-v3.0.5
hint-sri-v3.0.5
Updated on Mar 07, 2019
hint-no-vulnerable-javascript-libraries-v2.7.0
hint-no-vulnerable-javascript-libraries-v2.7.0
Updated on Mar 07, 2019
hint-css-prefix-order-v1.0.2
hint-css-prefix-order-v1.0.2
Updated on Mar 07, 2019
hint-amp-validator-v2.7.0
hint-amp-validator-v2.7.0
Updated on Mar 07, 2019
Languages
8
TypeScript
JavaScript
CSS
Handlebars
EJS
HTML
Batchfile
Shell
TypeScript (91.49%)
JavaScript (4.96%)
CSS (2.22%)
Handlebars (0.76%)
EJS (0.5%)
HTML (0.06%)
Batchfile (0.01%)
Shell (0.01%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
Apache-2.0 License
3,653 Stars
6,372 Commits
743 Forks
75 Watchers
157 Branches
105 Contributors
Updated on Jul 11, 2025
Maintainers
5
Package Meta Information
Latest Version
1.0.31
Package Id
@hint/parser-sass@1.0.31
Unpacked Size
17.84 kB
Size
6.58 kB
File Count
6
NPM Version
8.14.0
Node Version
14.20.0
Published on
Jun 09, 2023
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
1
SASS (@hint/parser-sass)
The SASS parser is built on top of PostCSS so hints can
analyze SASS and SCSS files. It emits the same events as
@hint/parser-css so existing hints targeting CSS files will work
without modification.
This package is installed automatically by webhint:
1npm install hint --save-dev
To use it, activate it via the .hintrc configuration file:
1{ 2 "connector": {...}, 3 "formatters": [...], 4 "hints": { 5 ... 6 }, 7 "parsers": ["sass"], 8 ... 9}
Note: The recommended way of running webhint is as a devDependency of
your project.
Events emitted
This parser emits the following events:
-
parse::start::cssof typeEventwhich contains the following information:resource: the resource we are going to parse.
-
parse::end::cssof typeStyleParsewhich has the following information:ast: a PostCSSRootobject containing the AST. See the PostCSSwalk*APIs for help navigating the AST.code: a string containing the raw stylesheet source code.element: anHTMLElementreference if the source was inline in HTML;nullotherwise.resource: the parsed resource. If the CSS is in astyle tagand not a file, the value will refer to the HTML document containing the stylesheet.
Limitations
This parser is not fault-tolerant (unlike @hint/parser-css) so only
well-formed files will be parsed.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.txt:0
Reason
no binaries found in the repo
Reason
Found 4/23 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/3rdparty.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/3rdparty.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/webhintio/hint/3rdparty.yml/main?enable=pin
- Info: 0 out of 1 GitHub-owned GitHubAction dependencies pinned
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact dist not signed: https://api.github.com/repos/webhintio/hint/releases/20378720
- Warn: release artifact parser-javascript-v2.1.0 not signed: https://api.github.com/repos/webhintio/hint/releases/15983643
- Warn: release artifact dist does not have provenance: https://api.github.com/repos/webhintio/hint/releases/20378720
- Warn: release artifact parser-javascript-v2.1.0 does not have provenance: https://api.github.com/repos/webhintio/hint/releases/15983643
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 25 are checked with a SAST tool
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
64 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-r5fx-8r73-v86c
- Warn: Project is vulnerable to: GHSA-28hp-fgcr-2r4h
- Warn: Project is vulnerable to: GHSA-89mq-4x47-5v83
- Warn: Project is vulnerable to: GHSA-5cp4-xmrw-59wf
- Warn: Project is vulnerable to: GHSA-mhp6-pxh8-r675
- Warn: Project is vulnerable to: GHSA-2qqx-w9hr-q5gx
- Warn: Project is vulnerable to: GHSA-2vrf-hf26-jrp5
- Warn: Project is vulnerable to: GHSA-4w4v-5hc9-xrr2
- Warn: Project is vulnerable to: GHSA-j58c-ww9w-pwp5
- Warn: Project is vulnerable to: GHSA-m9gf-397r-hwpg
- Warn: Project is vulnerable to: GHSA-mqm9-c95h-x2p6
- Warn: Project is vulnerable to: GHSA-prc3-vjfx-vhm9
- Warn: Project is vulnerable to: GHSA-qwqh-hm9m-p5hr
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-8gh8-hqwg-xf34
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-hhhv-q57g-882q
- Warn: Project is vulnerable to: GHSA-rmxg-73gg-4p98
- Warn: Project is vulnerable to: GHSA-6c3j-c64m-qhgq
- Warn: Project is vulnerable to: GHSA-gxr4-xjj5-5px2
- Warn: Project is vulnerable to: GHSA-jpcq-cgw6-v4j6
- Warn: Project is vulnerable to: GHSA-8cf7-32gw-wr33
- Warn: Project is vulnerable to: GHSA-hjrf-2m68-5959
- Warn: Project is vulnerable to: GHSA-qwph-4952-7xr6
- Warn: Project is vulnerable to: GHSA-vcjj-xf2r-mwvc
- Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6
- Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
- Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
2.6
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More