Gathering detailed insights and metrics for postcss-markdown
Gathering detailed insights and metrics for postcss-markdown
Installations
npm install postcss-markdownDeveloper
ota-meshi
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
^12 || >=14
Typescript Support
No
Node Version
14.18.1
NPM Version
6.14.15
Statistics
2 Stars
106 Commits
4 Watching
12 Branches
7 Contributors
Updated on 14 Sept 2023
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
172,041,154
Last day
0.8%
46,800
Compared to previous day
Last week
4.5%
245,737
Compared to previous week
Last month
6.2%
997,942
Compared to previous month
Last year
-31.8%
13,017,871
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
5
Dev Dependencies
25
@ota-meshi/eslint-pluginautoprefixerchaicodecoveslinteslint-config-prettiereslint-plugin-eslint-commentseslint-plugin-json-schema-validatoreslint-plugin-jsonceslint-plugin-nodeeslint-plugin-node-dependencieseslint-plugin-prettiereslint-plugin-regexpeslint-plugin-ymlmochamocha-chai-jest-snapshotnycpostcss-htmlpostcss-lesspostcss-scsspostcss-stylprettierstylelintstylelint-config-standardsugarss
Versions
PostCSS Markdown Syntax
PostCSS syntax for parsing Markdown
Getting Started
First thing's first, install the module:
1npm install postcss-markdown --save-dev
If you want support SCSS/SASS/LESS/SugarSS syntax, you need to install the corresponding module.
- SCSS: postcss-scss
- SASS: postcss-sass
- LESS: postcss-less
- SugarSS: sugarss
- Stylus: postcss-styl
Use Cases
1const postcss = require("postcss"); 2const syntax = require("postcss-markdown")({ 3 // Enable support for HTML (default: true) 4 htmlInMd: true, 5 // syntax for parse scss (non-required options) 6 scss: require("postcss-scss"), 7 // syntax for parse less (non-required options) 8 less: require("postcss-less"), 9 // syntax for parse css blocks (non-required options) 10 css: require("postcss-safe-parser"), 11}); 12const autoprefixer = require("autoprefixer"); 13postcss([autoprefixer]) 14 .process(source, { syntax: syntax }) 15 .then(function (result) { 16 // An alias for the result.css property. Use it with syntaxes that generate non-CSS output. 17 result.content; 18 });
input:
# title
```css
::placeholder {
color: gray;
}
```
output:
# title
```css
::-moz-placeholder {
color: gray;
}
:-ms-input-placeholder {
color: gray;
}
::placeholder {
color: gray;
}
```
If you want support SCSS/SASS/LESS/SugarSS syntax, you need to install these module:
- SCSS: postcss-scss
- SASS: postcss-sass
- LESS: postcss-less
- SugarSS: sugarss
- Stylus: postcss-styl
Advanced Use Cases
Options
1const options = { 2 rules: [ 3 { 4 // custom language 5 test: /^postcss$/i, 6 lang: "scss", 7 }, 8 { 9 // custom language 10 test: /^customcss$/i, 11 lang: "custom", 12 }, 13 ], 14 15 // custom parser for CSS (using `postcss-safe-parser`) 16 css: "postcss-safe-parser", 17 // custom parser for SASS (PostCSS-compatible syntax.) 18 sass: require("postcss-sass"), 19 // custom parser for SCSS (by module name) 20 scss: "postcss-scss", 21 // custom parser for LESS (by module path) 22 less: require.resolve("./node_modules/postcss-less"), 23 // custom parser for SugarSS 24 sugarss: require("sugarss"), 25 // custom parser for custom language 26 custom: require("postcss-custom-syntax"), 27}; 28const syntax = require("postcss-markdown")(options);
Turning PostCSS off from within your Markdown
PostCSS can be temporarily turned off by using special comments in your Markdown. For example:
<!-- postcss-ignore -->
```css
a {
color: red;
}
```
Linting with Stylelint
The main use case of this plugin is to apply linting with Stylelint to CSS (and CSS-like) code blocks in markdown file.
You can use it by configuring your stylelint config as follows:
1{ 2 "overrides": [ 3 { 4 "files": ["*.md", "**/*.md"], 5 "customSyntax": "postcss-markdown" 6 } 7 ] 8}
Editor integrations
Visual Studio Code
Use the stylelint.vscode-stylelint extension that Stylelint provides officially.
You have to configure the stylelint.validate option of the extension to check .md files, because the extension does not check the *.md file by default.
Example .vscode/settings.json:
1{ 2 "stylelint.validate": [ 3 ..., 4 // ↓ Add "markdown" language. 5 "markdown" 6 ]
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 0/11 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/NodeCI.yml:1
- Warn: no topLevel permission defined: .github/workflows/NpmPublish.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/NodeCI.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/ota-meshi/postcss-markdown/NodeCI.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/NodeCI.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/ota-meshi/postcss-markdown/NodeCI.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/NodeCI.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/ota-meshi/postcss-markdown/NodeCI.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/NodeCI.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/ota-meshi/postcss-markdown/NodeCI.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/NpmPublish.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/ota-meshi/postcss-markdown/NpmPublish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/NpmPublish.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/ota-meshi/postcss-markdown/NpmPublish.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/NodeCI.yml:19
- Warn: npmCommand not pinned by hash: .github/workflows/NodeCI.yml:34
- Warn: npmCommand not pinned by hash: .github/workflows/NpmPublish.yml:19
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 28 are checked with a SAST tool
Score
3.4
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More