Gathering detailed insights and metrics for postcss-values-parser
Gathering detailed insights and metrics for postcss-values-parser
A CSS property value parser for PostCSS
Installations
npm install postcss-values-parserDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=10
Node Version
14.15.3
NPM Version
6.14.9
Score
98.3
Supply Chain
92.3
Quality
75.9
Maintenance
100
Vulnerability
81.3
License
Releases
13
Languages
1
JavaScript
JavaScript (100%)
Developer
shellscape
Download Statistics
Total Downloads
1,304,197,292
Last Day
759,568
Last Week
4,036,833
Last Month
16,726,353
Last Year
183,419,286
GitHub Statistics
MPL-2.0 License
59 Stars
130 Commits
31 Forks
5 Watchers
2 Branches
19 Contributors
Updated on Sep 27, 2024
Bundle Size
16.21 kB
Minified
5.94 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
6.0.2
Package Id
postcss-values-parser@6.0.2
Unpacked Size
61.57 kB
Size
16.19 kB
File Count
21
NPM Version
6.14.9
Node Version
14.15.3
Total Downloads
Cumulative downloads
Total Downloads
1,304,197,292
Last Day
45.5%
759,568
Compared to previous day
Last Week
6%
4,036,833
Compared to previous week
Last Month
1.3%
16,726,353
Compared to previous month
Last Year
-8.2%
183,419,286
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Peer Dependencies
1
postcss-values-parser 
A CSS property value parser built upon PostCSS, following the same node and traversal patterns as PostCSS.
Install
Using npm:
1npm install postcss-values-parser --save-dev
Please consider becoming a patron if you find this module useful.
Requirements
postcss-values-parser Node version v6.14.0+ and PostCSS v7.0.0+.
Benefits
- Leverages PostCSS and its tokenizer under the hood
- Doesn't strip characters; eg. parenthesis
- Full AST traversal
- Ability to walk the AST for every Node type
- Convenience methods to stringify Nodes
- Follows PostCSS patterns for whitespace between Nodes
- Provides convenience properties for number units, colors, etc.
Usage
Using the parser is straightforward and minimalistic:
1const { parse } = require('postcss-values-parser'); 2 3const root = parse('#fff'); 4const node = root.first; 5 6// → Word { 7// raws: { before: '', after: '' }, 8// value: '#fff', 9// type: 'word', 10// isHex: true, 11// isColor: true, 12// isVariable: false, 13// ... 14// }
Please see the Documentation for further information on using the module.
Meta
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Mozilla Public License 2.0: LICENSE:0
Reason
Found 12/30 approved changesets -- score normalized to 4
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 13 are checked with a SAST tool
Reason
33 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
2.3
/10
Last Scanned on 2025-04-28
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More