{"id":40817924,"url":"https://github.com/gofunky/cssauron","last_synced_at":"2026-01-21T21:43:28.805Z","repository":{"id":38305566,"uuid":"172568830","full_name":"gofunky/cssauron","owner":"gofunky","description":"build a matching function in CSS for any nested object structure without eval","archived":false,"fork":false,"pushed_at":"2025-01-23T18:33:48.000Z","size":433,"stargazers_count":1,"open_issues_count":25,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-12-19T02:56:28.133Z","etag":null,"topics":["css","js","library","match","parser","selector","selector-factory","selectors-match","stream","style-selectors","transform","traverse"],"latest_commit_sha":null,"homepage":"https://cssauron.gofunky.fun","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gofunky.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-02-25T19:16:59.000Z","updated_at":"2023-03-16T20:10:10.000Z","dependencies_parsed_at":"2024-07-21T15:59:29.661Z","dependency_job_id":null,"html_url":"https://github.com/gofunky/cssauron","commit_stats":{"total_commits":155,"total_committers":14,"mean_commits":"11.071428571428571","dds":0.6838709677419355,"last_synced_commit":"ca70a237e4ca0ed135741c511835b2d32dd6614d"},"previous_names":["gofunky/cssauron-noeval"],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/gofunky/cssauron","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gofunky%2Fcssauron","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gofunky%2Fcssauron/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gofunky%2Fcssauron/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gofunky%2Fcssauron/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gofunky","download_url":"https://codeload.github.com/gofunky/cssauron/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gofunky%2Fcssauron/sbom","scorecard":{"id":433796,"data":{"date":"2025-08-11","repo":{"name":"github.com/gofunky/cssauron","commit":"ca70a237e4ca0ed135741c511835b2d32dd6614d"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.8,"checks":[{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Code-Review","score":0,"reason":"Found 0/22 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/build.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pages.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/pages.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pages.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/pages.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/gofunky/cssauron/publish.yml/master?enable=pin","Info:   0 out of  13 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/build.yml:1","Warn: no topLevel permission defined: .github/workflows/pages.yml:1","Warn: no topLevel permission defined: .github/workflows/publish.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 24 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"19 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6","Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9","Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g","Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq","Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7","Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T04:05:35.485Z","repository_id":38305566,"created_at":"2025-08-19T04:05:35.485Z","updated_at":"2025-08-19T04:05:35.485Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28644149,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-21T21:29:11.980Z","status":"ssl_error","status_checked_at":"2026-01-21T21:24:31.872Z","response_time":86,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["css","js","library","match","parser","selector","selector-factory","selectors-match","stream","style-selectors","transform","traverse"],"created_at":"2026-01-21T21:43:28.253Z","updated_at":"2026-01-21T21:43:28.798Z","avatar_url":"https://github.com/gofunky.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cssauron\n\n[![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/gofunky/cssauron/build/master?style=for-the-badge)](https://github.com/gofunky/cssauron/actions)\n[![Codecov](https://img.shields.io/codecov/c/github/gofunky/cssauron?style=for-the-badge)](https://codecov.io/gh/gofunky/cssauron)\n[![Renovate Status](https://img.shields.io/badge/renovate-enabled-green?style=for-the-badge\u0026logo=renovatebot\u0026color=1a1f6c)](https://app.renovatebot.com/dashboard#github/gofunky/cssauron)\n[![Libraries.io dependency status for latest release](https://img.shields.io/librariesio/release/npm/@gofunky%2Fcssauron?style=for-the-badge)](https://libraries.io/npm/@gofunky%2Fcssauron)\n[![Snyk Vulnerabilities for npm package](https://img.shields.io/snyk/vulnerabilities/npm/@gofunky/cssauron?style=for-the-badge)](https://snyk.io/test/github/gofunky/cssauron)\n[![JavaScript Style Guide](https://img.shields.io/badge/code_style-standard-purple.svg?style=for-the-badge)](https://standardjs.com)\n[![CodeFactor](https://www.codefactor.io/repository/github/gofunky/cssauron/badge?style=for-the-badge)](https://www.codefactor.io/repository/github/gofunky/cssauron)\n[![node-current](https://img.shields.io/node/v/@gofunky/cssauron?style=for-the-badge)](https://www.npmjs.com/package/@gofunky/cssauron)\n[![NPM version](https://img.shields.io/npm/v/@gofunky/cssauron.svg?style=for-the-badge)](https://www.npmjs.com/package/@gofunky/cssauron)\n[![NPM Downloads](https://img.shields.io/npm/dm/@gofunky/cssauron?style=for-the-badge\u0026color=ff69b4)](https://www.npmjs.com/package/@gofunky/cssauron)\n[![GitHub License](https://img.shields.io/github/license/gofunky/cssauron.svg?style=for-the-badge)](https://github.com/gofunky/cssauron/blob/master/LICENSE)\n[![GitHub last commit](https://img.shields.io/github/last-commit/gofunky/cssauron.svg?style=for-the-badge\u0026color=9cf)](https://github.com/gofunky/cssauron/commits/master)\n\nbuild a matching function in CSS for any nested object structure without eval\n\n## Usage\n\n### Import\n\n#### Common JS\n\nFrom version `v2.0.0`, cssauron will only support ES6 modules.\nIn order to import cssauron with NodeJS versions prior v12, you may use [esm](https://github.com/standard-things/esm).\n\n#### Import default\n\n```js\nimport cssauron from '@gofunky/cssauron'\n\nconst language = cssauron({\n  tag: 'tagName',\n  contents: 'innerText',\n  id: 'id',\n  class: 'className',\n  parent: 'parentNode',\n  children: 'childNodes',\n  attr: 'getAttribute(attr)'\n})\n\nconst selector = language('body \u003e #header .logo')\nconst element = document.getElementsByClassName('logo')[0]\n\nif(selector(element)) {\n  // element matches selector\n} else {\n  // element does not match selector\n}\n```\n\n#### Import as class\n\n```js\nimport { CSSAuron } from '@gofunky/cssauron'\n\nconst language = new CSSAuron({})\nconst selector = language.parse('body \u003e #header .logo')\n```\n\n### Constructor options\n\n`options` are an object hash of lookup type to string attribute or `function(node)` lookups for queried\nnodes. You only need to provide the configuration necessary for the selectors you're planning on creating.\n(If you're not going to use `#id` lookups, there's no need to provide the `id` lookup in your options.)\n\n* `tag`: Extract tag information from a node for `div` style selectors.\n* `contents`: Extract text information from a node, for `:contains(xxx)` selectors.\n* `id`: Extract id for `#my_sweet_id` selectors.\n* `class`: `.class_name`\n* `parent`: Used to traverse up from the current node, for composite selectors `body #wrapper`, `body \u003e #wrapper`.\n* `children`: Used to traverse from a parent to its children for sibling selectors `div + span`, `a ~ p`.\n* `attr`: Used to extract attribute information, for `[attr=thing]` style selectors.\n\n### `language('some selector')` -\u003e match function\n\nCompiles a matching function.\n\n### `match(node)` -\u003e false | node | [subjects, ...]\n\nReturns `false` if the provided node does not match the selector.\nReturns `true` if the provided node *does* match.\nThe exact return value is determined by the selector, based on the \n[CSS4 subject selector spec](http://dev.w3.org/csswg/selectors4/#subject):\nIf only a single node matches, only this node is returned.\nIf multiple subjects match, a deduplicated array of those subjects is returned.\n\nFor example, given the following HTML:\n\n```html\n\u003cdiv id=\"gary-busey\"\u003e\n    \u003cp\u003e\n        \u003cspan class=\"jake-busey\"\u003e\n        \u003c/span\u003e\n    \u003c/p\u003e\n\u003c/div\u003e\n```\n\nChecking the following selectors against the `span.jake-busey` element yield:\n\n - `#gary-busey`: `false`, no match.\n - `#gary-busey *`: `span.jake-busey`, a single match.\n - `!#gary-busey *`: `div#gary-busey`, a single match using the `!` subject selector.\n - `#gary-busey *, p span`: `span.jake-busey`, a single match, though both selectors match.\n - `#gary-busey !* !*, !p \u003e !span`: `[p, span.jake-busey]`, two matches.\n\n## Supported pseudo-classes \n\n - `:first-child`\n - `:last-child`\n - `:nth-child`\n - `:empty`\n - `:root`\n - `:contains(text)`\n - `:any(selector, selector, selector)`\n\n## Supported attribute lookups\n\n - `[attr=value]`: Exact match\n - `[attr]`: Attribute exists and is not false-y.\n - `[attr$=value]`: Attribute ends with value\n - `[attr^=value]`: Attribute starts with value\n - `[attr*=value]`: Attribute contains value\n - `[attr~=value]`: Attribute, split by whitespace, contains value.\n - `[attr|=value]`: Attribute, split by `-`, contains value.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgofunky%2Fcssauron","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgofunky%2Fcssauron","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgofunky%2Fcssauron/lists"}