Gathering detailed insights and metrics for node-sass-json-vars
Installations
npm install node-sass-json-varsDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
20.9.0
NPM Version
10.1.0
Score
60.9
Supply Chain
96
Quality
74.9
Maintenance
100
Vulnerability
100
License
Releases
4
Contributors
2
Unable to fetch Contributors
Languages
2
JavaScript
SCSS
JavaScript (85.25%)
SCSS (14.75%)
validate.email 🚀
Verify real, reachable, and deliverable emails with instant MX records, SMTP checks, and disposable email detection.
Developer
colis
Download Statistics
Total Downloads
1,569
Last Day
2
Last Week
2
Last Month
10
Last Year
222
GitHub Statistics
MIT License
22 Commits
1 Watchers
10 Branches
2 Contributors
Updated on Jun 11, 2024
Bundle Size
2.97 MB
Minified
661.71 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
2.0.0
Package Id
node-sass-json-vars@2.0.0
Unpacked Size
8.09 kB
Size
3.56 kB
File Count
6
NPM Version
10.1.0
Node Version
20.9.0
Published on
Nov 20, 2023
Total Downloads
Cumulative downloads
Total Downloads
1,569
Last Day
0%
2
Compared to previous day
Last Week
-33.3%
2
Compared to previous week
Last Month
-44.4%
10
Compared to previous month
Last Year
-30.8%
222
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
node-sass-json-vars
This module defines additional built-in Sass functions that allow using variables from .json files in .scss files.
Installation
1npm install --save-dev node-sass-json-vars
Note: it's recommended to install node-sass-json-vars locally project by project.
Usage
Webpack / sass-loader
webpack.config.js
1const sassFunctions = require('node-sass-json-vars'); 2 3module.exports = { 4... 5 { 6 test: /\.scss$/, 7 use: [ 8 'style-loader', 9 'css-loader', 10 { 11 loader: "sass-loader", 12 options: { 13 sassOptions: { 14 functions: sassFunctions, 15 }, 16 }, 17 }, 18 ], 19 }, 20... 21}
Functions
getMapFromJSON($key, $config): transforms a JSON Object into a SASS Map.- $key: object key, e.g.
"colors" - $config: path of the config file, e.g.
"/path/to/variables.json". Defaults toconfig/variables.json
- $key: object key, e.g.
Example
config/variables.json
1{ 2 "colors": { 3 "catalina-blue": "#1D3557", 4 "charlotte": "#A8DADC", 5 "panache": "#F1FAEE", 6 "amaranth": "#E63946", 7 "jelly-bean": "#457B9D" 8 } 9}
_colors.scss
1$colors: getMapFromJSON("colors"); 2 3:root { 4 // Brand colours. 5 @each $colorName, $colorHex in $colors { 6 --color-#{$colorName}: #{$colorHex}; 7 } 8}
style.css
1:root { 2 --color-catalina-blue: #1d3557; 3 --color-charlotte: #a8dadc; 4 --color-panache: #f1faee; 5 --color-amaranth: #e63946; 6 --color-jelly-bean: #457b9d; 7}
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
Found 0/15 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/colis/node-sass-json-vars/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/colis/node-sass-json-vars/release.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/release.yml:23
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 11 are checked with a SAST tool
Reason
11 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Score
2.5
/10
Last Scanned on 2025-03-10
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More