{"id":13696091,"url":"https://github.com/pelican-plugins/webassets","last_synced_at":"2026-02-16T00:30:59.135Z","repository":{"id":49256479,"uuid":"319685563","full_name":"pelican-plugins/webassets","owner":"pelican-plugins","description":"Use the webassets module to manage assets such as CSS and JS files","archived":false,"fork":false,"pushed_at":"2024-12-27T09:09:27.000Z","size":312,"stargazers_count":14,"open_issues_count":3,"forks_count":2,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-09-25T16:43:29.347Z","etag":null,"topics":["compilation","css","js","minimization","pelican","webassets"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/pelican-plugins.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"custom":"https://donate.getpelican.com","liberapay":"pelican"}},"created_at":"2020-12-08T15:47:22.000Z","updated_at":"2025-05-21T03:41:00.000Z","dependencies_parsed_at":"2025-04-10T18:42:51.754Z","dependency_job_id":"6eb46d0b-53da-45ef-a680-1d48fb0004e7","html_url":"https://github.com/pelican-plugins/webassets","commit_stats":{"total_commits":55,"total_committers":14,"mean_commits":"3.9285714285714284","dds":0.6909090909090909,"last_synced_commit":"13f082d3068de65ea54650fa3d8cfe4c6eeae5b9"},"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/pelican-plugins/webassets","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pelican-plugins%2Fwebassets","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pelican-plugins%2Fwebassets/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pelican-plugins%2Fwebassets/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pelican-plugins%2Fwebassets/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/pelican-plugins","download_url":"https://codeload.github.com/pelican-plugins/webassets/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/pelican-plugins%2Fwebassets/sbom","scorecard":{"id":726839,"data":{"date":"2025-08-11","repo":{"name":"github.com/pelican-plugins/webassets","commit":"e440f1a8b7162d76efb9991aa6f7e23197e6c3be"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.4,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":10,"reason":"GitHub workflow tokens follow principle of least privilege","details":["Warn: jobLevel 'contents' permission set to 'write': .github/workflows/main.yml:71","Info: topLevel 'contents' permission set to 'read': .github/workflows/main.yml:9"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":3,"reason":"Found 2/6 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/pelican-plugins/webassets/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/pelican-plugins/webassets/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/pelican-plugins/webassets/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/pelican-plugins/webassets/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/pelican-plugins/webassets/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/pelican-plugins/webassets/main.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/pelican-plugins/webassets/main.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/pelican-plugins/webassets/main.yml/main?enable=pin","Info:   0 out of   3 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   5 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact 2.1.0 not signed: https://api.github.com/repos/pelican-plugins/webassets/releases/183234161","Warn: release artifact 2.0.0 not signed: https://api.github.com/repos/pelican-plugins/webassets/releases/38068484","Warn: release artifact 2.1.0 does not have provenance: https://api.github.com/repos/pelican-plugins/webassets/releases/183234161","Warn: release artifact 2.0.0 does not have provenance: https://api.github.com/repos/pelican-plugins/webassets/releases/38068484"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/main.yml:63"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-cpwx-vrp4-4pq7","Warn: Project is vulnerable to: GHSA-gmj6-6f8f-6699","Warn: Project is vulnerable to: GHSA-q2x7-8rv6-6q7h"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 27 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-22T13:04:18.706Z","repository_id":49256479,"created_at":"2025-08-22T13:04:18.706Z","updated_at":"2025-08-22T13:04:18.706Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29494971,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-16T00:16:34.147Z","status":"ssl_error","status_checked_at":"2026-02-16T00:15:26.759Z","response_time":118,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["compilation","css","js","minimization","pelican","webassets"],"created_at":"2024-08-02T18:00:36.191Z","updated_at":"2026-02-16T00:30:59.118Z","avatar_url":"https://github.com/pelican-plugins.png","language":"Python","readme":"# Web Assets: A Plugin for Pelican\n\n[![Build Status](https://img.shields.io/github/actions/workflow/status/pelican-plugins/webassets/main.yml?branch=main)](https://github.com/pelican-plugins/webassets/actions)\n[![PyPI Version](https://img.shields.io/pypi/v/pelican-webassets)](https://pypi.org/project/pelican-webassets/)\n[![Downloads](https://img.shields.io/pypi/dm/pelican-webassets)](https://pypi.org/project/pelican-webassets/)\n![License](https://img.shields.io/pypi/l/pelican-webassets?color=blue)\n\nThis [Pelican](https://github.com/getpelican/pelican) plugin allows you to use\nthe [webassets][] module to perform a number\nof useful asset management functions on your web site, such as:\n\n* CSS minification (`cssmin`, `yui_css`, ...)\n* CSS compiling (`less`, `sass`, ...)\n* JS building (`uglifyjs`, `yui_js`, `closure`, ...)\n\nSome other interesting abilities of [webassets][] include:\n\n* [URL Expiry or\n  \"cache-busting\"](https://webassets.readthedocs.io/en/latest/expiring.html),\n  allowing you to set the cache headers for your assets long into the\n  future, saving bandwidth and reducing page load-times\n* a [`spritemapper`](https://yostudios.github.io/Spritemapper/) function to\n  automatically combine multiple icons into one large image with corresponding\n  position slices\n* a `datauri` function to minimize the number of HTTP requests by\n  replacing `url()` references in your stylesheets with internal\n  in-line [data URIs](https://en.wikipedia.org/wiki/Data_URI_scheme)\n\nFor the complete list of what [webassets][] can do, check out the **included\nfilters** section in the [webassets\ndocumentation](https://webassets.readthedocs.io/en/latest/builtin_filters.html).\n\n## Installation\n\nGetting started with [webassets][] couldn't be easier thanks to `pip`:\n\n```shell-session\npython -m pip install pelican-webassets\n```\n\nFor more detailed plugin installation instructions, please refer to the\n[Pelican Plugin Documentation](https://docs.getpelican.com/en/latest/plugins.html).\n\n💡 **Keep in Mind:** Each function you use in your `{% asset filters %}`\narguments (more on this later) will need to be installed\nseparately. For example, if you wanted to use the `libsass` filter, you\nwill need to `pip install libsass`. You can even [create a custom\nfilter](https://webassets.readthedocs.io/en/latest/custom_filters.html)\nif you wanted.\n\n## Usage\n\nWith the plugin installed, include one or more `{% assets %}` tags\ninto your web site's templates to generate everything your web page will\nneed. For example, something like this in your template…\n\n```html+jinja\n{% assets filters=\"libsass,cssmin\", output=\"css/style.min.css\", \"css/style.scss\" %}\n  \u003clink rel=\"stylesheet\" href=\"{{SITEURL}}/{{ASSET_URL}}\"\u003e\n{% endassets %}\n```\n\n… will tell [webassets][] to use `libsass` and `cssmin` to compile and\nminify the `css/style.scss` file in your theme, and save the compiled\nstylesheet as `css/style.min.css` in the output of your finished\nwebsite, along with the `link` element like this in your web page:\n\n```html+jinja\n\u003clink href=\"{SITEURL}/{THEME_STATIC_DIR}/css/style.min.css?b3a7c807\" rel=\"stylesheet\"\u003e\n```\n\n🌠 **The More You Know:** The `ASSET_URL` variable is the concatenation\nof your Pelican `THEME_STATIC_DIR` setting, the `output` argument, and\nthe \"cache-busting\" variable we already talked about.\n\n### JavaScript Example\n\nAs another example, we can use the [webassets][] `closure_js` function to\ncombine, minify, and compress two files in your web site's theme, `js/jQuery.js`\nand `js/widgets.js`:\n\n```html+jinja\n{% assets filters=\"closure_js\", output=\"js/packed.js\", \"js/jQuery.js\", \"js/widgets.js\" %}\n \u003cscript src=\"{{SITEURL}}/{{ASSET_URL}}\"\u003e\u003c/script\u003e\n{% endassets %}\n```\n\nThe resulting output will be a single `script` tag and its\ncorresponding file in your web site's generated output:\n\n```html+jinja\n\u003cscript src=\"{SITEURL}/{THEME_STATIC_DIR}/js/packed.js?00703b9d\"\u003e\u003c/script\u003e\n```\n\n## Configuration\n\nBeing a very small wrapper around the [webassets][] module, there are\nonly a few options that you may need.\n\n#### WEBASSETS_DEBUG\n\nBy default, if Pelican is in DEBUG mode (`pelican -D ...`), this\nplugin will put [webassets][] in DEBUG mode, to help you with\ndebugging. To override this behavior, set `WEBASSETS_DEBUG = False` to\nalways process files regardless of Pelican's DEBUG flag, or `True`\nto always force [webassets][] into DEBUG mode.\n\n```python\n# put webassets into DEBUG mode if Pelican is\nWEBASSETS_DEBUG = logger.getEffectiveLevel() \u003c= logging.DEBUG\n```\n\n#### WEBASSETS_CONFIG\n\nSome [webassets][] filters require extra configuration options to function\nproperly. You can use `WEBASSETS_CONFIG` to specify these options in a\nlist of `(key, value)` tuples that are passed along to the [webassets][]\nenvironment.\n\n```python\nWEBASSETS_CONFIG = [\n  (\"closure_compressor_optimization\", \"ADVANCED_OPTIMIZATIONS\"),\n  (\"libsass_style\", \"compressed\")\n]\n```\n\n#### WEBASSETS_BUNDLES\n\n[Bundles](https://webassets.readthedocs.io/en/latest/bundles.html) are\na convenient way to group a collection of assets together along with\nthe information on how to properly process the files. The\n`WEBASSETS_BUNDLES` option allows us to make these Bundles by taking a\nlist of `(name, args, kwargs)` arguments that will be passed to the\n[webassets][] environment.\n\n```python\nWEBASSETS_BUNDLES = (\n     (\"my_bundle\", (\"colors.scss\", \"style.scss\"),\n     {\"output\": \"style.min.css\", \"filters\": [\"libsass\", \"cssmin\"]}),\n)\n```\n\nAllowing you to simplify something like this in your web site's templates…\n\n```html+jinja\n{% assets filters=\"libsass,cssmin\", output=\"style.min.css\", \"colors.scss\", \"style.scss\" %}\n```\n\n… into this:\n\n```html+jinja\n{% assets 'my_bundle' %}\n```\n\n#### WEBASSETS_SOURCE_PATHS\n\nIf your raw assets are in directories other than your\n`THEME_STATIC_PATHS`, you can supply additional directories to search\nin with `WEBASSETS_SOURCE_PATHS`.\n\n```python\nWEBASSETS_SOURCE_PATHS = [\"stylesheets\", \"javascript\"]\n```\n\n## Contributing\n\nContributions are welcome and much appreciated. Every little bit\nhelps. You can contribute by improving the documentation, adding\nmissing features, and fixing bugs. You can also help out by reviewing\nand commenting on [existing issues][].\n\nTo start contributing to this plugin, review the [Contributing to\nPelican][] documentation, beginning with the **Contributing Code**\nsection.\n\n[existing issues]: https://github.com/pelican-plugins/webassets/issues\n[Contributing to Pelican]: https://docs.getpelican.com/en/latest/contribute.html\n\n## License\n\nThis project is licensed under the [AGPL-3.0\nlicense](https://tldrlegal.com/license/gnu-affero-general-public-license-v3-(agpl-3.0))\n\n![AGPL-3.0](https://img.shields.io/pypi/l/pelican-webassets?color=blue)\n\n\n[webassets]: https://github.com/miracle2k/webassets\n","funding_links":["https://donate.getpelican.com","https://liberapay.com/pelican"],"categories":["Plugins"],"sub_categories":["Migrated to new architecture"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpelican-plugins%2Fwebassets","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fpelican-plugins%2Fwebassets","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fpelican-plugins%2Fwebassets/lists"}