Skeletonic Stylus

Hieu suat

• 45,7 KB nen · 8,3 KB gzip · 6,9 KB brotli cho stylesheet chinh day du.
• Khong JavaScript — Stylus thuan → CSS thuan, khong ton chi phi thoi gian chay.
• Phan tang cascade — ghi de thang ma khong can !important.
• Ngan sach size-limit duoc thuc thi trong CI moi commit.

Hieu suat la mot kiem soat bao mat. Moi byte khong duoc giao la mot byte it hon de kiem tra, ky va xac minh.

Tom tat chuoi cung ung

---

CycloneDX SBOM

Moi tarball xuat ban deu bao gom CycloneDX SBOM tai dist/sbom.json. Ban co the xac minh goi vua cai dat voi:

pnpm add @sebastienrousseau/skeletonic-stylus@2.0.0
jq '.metadata.component.version' \
  node_modules/@sebastienrousseau/skeletonic-stylus/dist/sbom.json
# → "2.0.0"

SBOM duoc tao bang cyclonedx-npm trong quy trinh xuat ban.

---

npm provenance

San pham xuat ban duoc ky bang npm package provenance.

Ban co the xac minh sau khi cai dat voi:

npm view @sebastienrousseau/skeletonic-stylus@2.0.0 --json | \
  jq '.dist."npm-signature"'

Chung chi ky lien ket tarball tro lai chinh xac lan chay GitHub Actions da tao ra no.

---

CVE da biet & ban va

Data table table

CVE	Muc do	Trang thai
CVE-2023-44270 (phan tich dong tra ve postcss)	Trung binh	Da va trong v2.0.0 qua pnpm.overrides nang cap postcss len ≥ 8.4.31

Co so du lieu khuyen cao Snyk va nguon cap GitHub Security Advisories duoc theo doi lien tuc; cac ban va bao mat duoc phat hanh nhu ban va cap patch.

---

Bao cao lo hong

Vui long khong mo issue cong khai tren GitHub cho bao cao bao mat. Thay vao do, su dung kenh rieng tu tai:

github.com/sebastienrousseau/skeletonic-stylus/security/advisories/new

Bao cao duoc xac nhan trong 72 gio va ban va duoc phat hanh trong 14 ngay cho cac van de trung binh, 48 gio cho cac van de nghiem trong.

Quay ve trang chu → · Doc nhat ky thay doi →