Gathering detailed insights and metrics for polished
Gathering detailed insights and metrics for polished
A lightweight toolset for writing styles in JavaScript ✨
Installations
npm install polishedDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=10
Node Version
14.21.3
NPM Version
6.14.18
Score
99.1
Supply Chain
100
Quality
79.9
Maintenance
100
Vulnerability
93.3
License
Releases
87
Languages
4
JavaScript
CSS
TypeScript
Shell
JavaScript (92.75%)
CSS (5.25%)
TypeScript (1.96%)
Shell (0.04%)
Developer
Download Statistics
Total Downloads
1,432,636,569
Last Day
299,314
Last Week
8,340,773
Last Month
36,019,090
Last Year
377,543,747
GitHub Statistics
MIT License
7,661 Stars
904 Commits
212 Forks
40 Watchers
4 Branches
166 Contributors
Updated on Jun 21, 2025
Bundle Size
36.84 kB
Minified
11.51 kB
Minified + Gzipped
Maintainers
3
Package Meta Information
Latest Version
4.3.1
Package Id
polished@4.3.1
Unpacked Size
2.67 MB
Size
1.39 MB
File Count
330
NPM Version
6.14.18
Node Version
14.21.3
Published on
Feb 01, 2024
Total Downloads
Cumulative downloads
Total Downloads
1,432,636,569
Last Day
-9.9%
299,314
Compared to previous day
Last Week
-8.5%
8,340,773
Compared to previous week
Last Month
1.8%
36,019,090
Compared to previous month
Last Year
18.5%
377,543,747
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
37
@babel/cli@babel/core@babel/eslint-parser@babel/plugin-transform-runtime@babel/polyfill@babel/preset-env@babel/preset-flow@rollup/plugin-babel@rollup/plugin-node-resolve@rollup/plugin-replacebabel-eslintbabel-jestbabel-plugin-add-module-exportsbabel-plugin-prevalcross-envcz-conventional-changelogdocumentationeslinteslint-config-airbnb-baseeslint-plugin-importflow-binflow-copy-sourcehuskyjestlint-stagednpm-watchprettierpushstate-serverramdarolluprollup-plugin-sourcemapsrollup-plugin-tersersemantic-releaseshxtsgentypescriptvalidate-commit-msg
A lightweight toolset for writing styles in JavaScript. ✨
1npm install --save polished 2# or if you're using yarn 3yarn add polished
Want to write styles in JavaScript, but also want Sass-style helper functions and mixins? Need a consistent color palette throughout your app? ✨ polished is for you!
- Make your app look great without stress
- Cross framework compatible: No matter if you're using
styled-components, emotion, jss, aphrodite, radium, or plain inline styles, as long as you're writing your styles in JavaScript you can use polished! - Switching from a pre-processor to styles in JS made easy
Docs
See the full documentation at polished.js.org!
Usage
✨ polished modules are meant to be used as stand-alone imports. You should avoid importing the entire library directly:
import { clearFix, animation } from 'polished'
import * as polished from 'polishedimport polished from 'polished'
When ✨ polished modules are imported properly, tree shaking in webpack and Rollup can be leveraged to reduce your bundle size.
Browser Support
All Evergreen Browsers + IE11
As of v3.6.X we support >0.5%, not dead, ie >= 11, not op_mini all for all our builds.
Flow Type Definitions
✨ polished has first-class Flow support with zero configuration to assist you in finding type errors while using our modules.
Ignore ✨ polished source
Flow frequently updates and it is possible that the version you are running may cause you to run into errors coming from the polished package in your node_modules directory. You can add the following lines to your .flowconfig to ignore polished in those cases:
1[ignore] 2.*/node_modules/polished/.*
TypeScript Definitions
✨ polished has TypeScript definitions to allow the library to be used in any TypeScript project. You will need to set moduleResolution to node in your tsconfig.json in order to use ✨ polished with TypeScript.
Babel plugin
You can optionally also use babel-plugin-polished to compile the static function calls out and remove the (already tiny) runtime performance impact of using ✨ polished.
Object Spread Properties
In the documentation you will see examples using object spread properties ({ ...other }). To enable this syntax in your project add the transform-object-rest-spread plugin (or the stage-3 preset to enable all stage three features) to your Babel configuration.
Why?
When writing styles in JavaScript, many people need Sass-style helper functions to be productive. ✨ polished brings them to you in a nice, lightweight package tailor-made for styles in JavaScript.
The main difference with Sass is that it's written in a functional style and all color functions are curried. This means you can compose them together into your own reusable helpers with a compose function of your choice:
1import { compose } from 'ramda' // Replace with any compose() function of your choice 2import { lighten, desaturate } from 'polished' 3 4// Create tone() helper 5const tone = compose(lighten(0.1), desaturate(0.1))
Why not package-xyz?
First of all, we didn't find another library that had everything we needed, and we don't care about installing a dozen packages separately.
Specifically most other packages that provide color functions do so in an object-oriented style, often with a fluent API that's very different from the Sass-style helpers. This means people that aren't very familiar with JavaScript might shy away from using them.
✨ polished was made as a standard library for everybody, no matter if they know JS inside out or not.
Compatibility
✨ polished is compatible with any library that accepts styles as JS objects. This includes, but is by far not limited to, styled-components, radium, aphrodite, glamor, glamorous, jss and many more!
No matter if you're using inline styles or CSS-in-JS, polished is for you.
Contributors
This project exists thanks to all the people who contribute. [Contribute].
Backers
Thank you to all our backers! 🙏 [Become a backer]
Sponsors
Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]
License
Copyright © 2016-2021 Brian Hough, Maximilian Stoiber, & Nik Graf. Licensed under the MIT License, see LICENSE.md for more information!
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 3 commits out of 30 are checked with a SAST tool
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/3 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Warn: no topLevel permission defined: .github/workflows/report-coverage.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/main.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/report-coverage.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/report-coverage.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/report-coverage.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/report-coverage.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/report-coverage.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/report-coverage.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/report-coverage.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/styled-components/polished/report-coverage.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/main.yml:27
- Warn: npmCommand not pinned by hash: .github/workflows/report-coverage.yml:23
- Info: 0 out of 10 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
26 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
- Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
- Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
- Warn: Project is vulnerable to: GHSA-9q5w-79cv-947m
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
3.2
/10
Last Scanned on 2025-06-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More