{"id":13426696,"url":"https://github.com/uncss/uncss","last_synced_at":"2025-12-16T16:50:06.626Z","repository":{"id":8110652,"uuid":"9526392","full_name":"uncss/uncss","owner":"uncss","description":"Remove unused styles from CSS","archived":false,"fork":false,"pushed_at":"2024-06-18T07:27:49.000Z","size":1751,"stargazers_count":9425,"open_issues_count":58,"forks_count":407,"subscribers_count":135,"default_branch":"master","last_synced_at":"2025-11-27T12:53:30.499Z","etag":null,"topics":["build-tool","cleanup","css","javascript","postcss","stylesheets","uncss","unusedcss"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/uncss.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2013-04-18T16:32:10.000Z","updated_at":"2025-11-26T20:18:07.000Z","dependencies_parsed_at":"2024-05-01T21:03:17.852Z","dependency_job_id":"1939fd11-ef62-41b6-9a62-b1d168046b2c","html_url":"https://github.com/uncss/uncss","commit_stats":{"total_commits":559,"total_committers":52,"mean_commits":10.75,"dds":0.6851520572450804,"last_synced_commit":"84f7ab089631993cd08f5fe3e780ca269e7d6e76"},"previous_names":["giakki/uncss"],"tags_count":18,"template":false,"template_full_name":null,"purl":"pkg:github/uncss/uncss","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uncss%2Funcss","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uncss%2Funcss/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uncss%2Funcss/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uncss%2Funcss/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/uncss","download_url":"https://codeload.github.com/uncss/uncss/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/uncss%2Funcss/sbom","scorecard":{"id":426039,"data":{"date":"2025-08-11","repo":{"name":"github.com/uncss/uncss","commit":"b07a1dbfe41d5ffc1e14221c9f6e4743f6bbbe00"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.2,"checks":[{"name":"Code-Review","score":0,"reason":"Found 1/13 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:21","Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:22","Warn: no topLevel permission defined: .github/workflows/codeql.yml:1","Warn: no topLevel permission defined: .github/workflows/lint.yml:1","Warn: no topLevel permission defined: .github/workflows/test.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":4,"reason":"dependency not pinned by hash detected -- score normalized to 4","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/uncss/uncss/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/uncss/uncss/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/uncss/uncss/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/uncss/uncss/codeql.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/uncss/uncss/lint.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/uncss/uncss/lint.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/uncss/uncss/test.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/uncss/uncss/test.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/uncss/uncss/test.yml/master?enable=pin","Info:   0 out of   8 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   2 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Info: FSF or OSI recognized license: MIT License: LICENSE.md:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":7,"reason":"SAST tool detected but not run on all commits","details":["Info: SAST configuration detected: CodeQL","Warn: 0 commits out of 20 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"11 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-19T02:16:47.010Z","repository_id":8110652,"created_at":"2025-08-19T02:16:47.010Z","updated_at":"2025-08-19T02:16:47.010Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27632948,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-10T02:00:12.818Z","response_time":54,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["build-tool","cleanup","css","javascript","postcss","stylesheets","uncss","unusedcss"],"created_at":"2024-07-31T00:01:41.717Z","updated_at":"2025-12-16T16:50:06.605Z","avatar_url":"https://github.com/uncss.png","language":"JavaScript","readme":"# UnCSS\n\n[![npm version](https://img.shields.io/npm/v/uncss?logo=npm\u0026logoColor=fff)](https://www.npmjs.com/package/uncss)\n[![Build Status](https://img.shields.io/github/actions/workflow/status/uncss/uncss/test.yml?branch=master\u0026label=Tests\u0026logo=github)](https://github.com/uncss/uncss/actions/workflows/test.yml?query=branch%3Amaster)\n[![Coverage Status](https://img.shields.io/coveralls/uncss/uncss?logo=coveralls)](https://coveralls.io/r/uncss/uncss?branch=master)\n\nUnCSS is a tool that removes unused CSS from your stylesheets.\nIt works across multiple files and supports Javascript-injected CSS.\n\n## How\n\nThe process by which UnCSS removes the unused rules is as follows:\n\n1. The HTML files are loaded by [jsdom](https://github.com/tmpvar/jsdom) and JavaScript is executed.\n2. All the stylesheets are parsed by [PostCSS](https://github.com/postcss/postcss).\n3. `document.querySelector` filters out selectors that are not found in the HTML files.\n4. The remaining rules are converted back to CSS.\n\n**Please note:**\n\n-   UnCSS cannot be run on non-HTML pages, such as templates or PHP files. If you need to run UnCSS against your templates, you should probably generate example HTML pages from your templates, and run uncss on those generated files; or run a live local dev server, and point uncss at that.\n-   UnCSS only runs the Javascript that is run on page load. It does not (and cannot) handle Javascript that runs on user interactions like button clicks. You must use the `ignore` option to preserve classes that are added by Javascript on user interaction.\n\n## Installation\n\n```shell\nnpm install -g uncss\n```\n\n## Usage\n\n### Online Server\n\n-   [https://uncss-online.com/](https://uncss-online.com/) - Unofficial server, very convenient for testing or one-off usage!\n\n### Within Node.js\n\n```js\nvar uncss = require('uncss');\n\nvar files = ['my', 'array', 'of', 'HTML', 'files', 'or', 'http://urls.com'],\n    options = {\n        banner: false,\n        csspath: '../public/css/',\n        htmlroot: 'public',\n        ignore: ['#added_at_runtime', /test\\-[0-9]+/],\n        ignoreSheets: [/fonts.googleapis/],\n        inject: function (window) {\n            window.document.querySelector('html').classList.add('no-csscalc', 'csscalc');\n        },\n        jsdom: {\n            userAgent: 'Mozilla/5.0 (iPhone; CPU iPhone OS 10_3 like Mac OS X)',\n        },\n        media: ['(min-width: 700px) handheld and (orientation: landscape)'],\n        raw: 'h1 { color: green }',\n        report: false,\n        strictSSL: true,\n        stylesheets: ['lib/bootstrap/dist/css/bootstrap.css', 'src/public/css/main.css'],\n        timeout: 1000,\n        uncssrc: '.uncssrc',\n        userAgent: 'Mozilla/5.0 (iPhone; CPU iPhone OS 10_3 like Mac OS X)',\n    };\n\nuncss(files, options, function (error, output) {\n    console.log(output);\n});\n\n/* Look Ma, no options! */\nuncss(files, function (error, output) {\n    console.log(output);\n});\n\n/* Specifying raw HTML */\nvar rawHtml = '...';\n\nuncss(rawHtml, options, function (error, output) {\n    console.log(output);\n});\n```\n\n### At build-time\n\nUnCSS can also be used in conjunction with other JavaScript build systems, such as [Grunt](https://github.com/gruntjs/grunt), [Broccoli](https://github.com/broccolijs/broccoli#readme) or [Gulp](https://github.com/gulpjs/gulp)!\n\n-   [grunt-uncss](https://github.com/uncss/grunt-uncss) – Thanks to [@addyosmani](https://github.com/addyosmani)\n-   [gulp-uncss](https://github.com/ben-eb/gulp-uncss) – Thanks to [@ben-eb](https://github.com/ben-eb)\n-   [broccoli-uncss](https://github.com/sindresorhus/broccoli-uncss) - Thanks to [@sindresorhus](https://github.com/sindresorhus)\n\n### From the command line\n\n```txt\nUsage: uncss [options] \u003cfile or URL, ...\u003e\n    e.g. uncss https://getbootstrap.com/docs/3.3/examples/jumbotron/ \u003e stylesheet.css\n\nOptions:\n\n  -h, --help                            output usage information\n  -V, --version                         output the version number\n  -i, --ignore \u003cselector, ...\u003e          Do not remove given selectors\n  -m, --media \u003cmedia_query, ...\u003e        Process additional media queries\n  -C, --csspath \u003cpath\u003e                  Relative path where the CSS files are located\n  -s, --stylesheets \u003cfile, ...\u003e         Specify additional stylesheets to process\n  -S, --ignoreSheets \u003cselector, ...\u003e    Do not include specified stylesheets\n  -r, --raw \u003cstring\u003e                    Pass in a raw string of CSS\n  -t, --timeout \u003cmilliseconds\u003e          Wait for JS evaluation\n  -H, --htmlroot \u003cfolder\u003e               Absolute paths' root location\n  -u, --uncssrc \u003cfile\u003e                  Load these options from \u003cfile\u003e\n  -n, --noBanner                        Disable banner\n  -a, --userAgent \u003cstring\u003e              Use a custom user agent string\n  -I, --inject \u003cfile\u003e                   Path to javascript file to be executed before uncss runs\n  -o, --output \u003cfile\u003e                   Path to write resulting CSS to\n```\n\n**Note that you can pass both local file paths (which are processed by [glob](https://github.com/isaacs/node-glob)) and URLs to the program.**\n\n-   **banner** (boolean, default: `true`): Whether a banner should be prepended before each file block in the processed CSS.\n\n-   **csspath** (string): Path where the CSS files are related to the HTML files. By default, UnCSS uses the path specified in the `\u003clink rel=\"stylesheet\" href=\"path/to/file.css\"/\u003e`.\n\n-   **htmlroot** (string): Where the project root is. Useful for example if you have HTML that references _local_ files with root-relative URLs, i.e. `href=\"/css/style.css\"`.\n\n-   **ignore** (string[]): provide a list of selectors that should not be removed by UnCSS. For example, styles added by user interaction with the page (hover, click), since those are not detectable by UnCSS yet. Both literal names and regex patterns are recognized. Otherwise, you can add a comment before specific selectors:\n\n    ```css\n    /* uncss:ignore */\n    .selector1 {\n        /* this rule will be ignored */\n    }\n\n    .selector2 {\n        /* this will NOT be ignored */\n    }\n\n    /* uncss:ignore start */\n\n    /* all rules in here will be ignored */\n\n    /* uncss:ignore end */\n    ```\n\n-   **ignoreSheets** (string[] | RegExp[]): Do not process these stylesheets, e.g. Google fonts. Accepts strings or regex patterns.\n\n-   **inject** (string / function(window)): Path to a local javascript file which is executed before uncss runs. A function can also be passed directly in.\n\n    Example inject.js file\n\n    ```js\n    'use strict';\n\n    module.exports = function (window) {\n        window.document.querySelector('html').classList.add('no-csscalc', 'csscalc');\n    };\n    ```\n\n    Example of passing inject as a function\n\n    ```js\n    {\n      inject: function(window){\n        window.document.querySelector('html').classList.add('no-csscalc', 'csscalc');\n      }\n    }\n    ```\n\n-   **jsdom** (object) (Supported only by API): Supply the options used to create the JSDOM pages ([https://github.com/jsdom/jsdom](https://github.com/jsdom/jsdom)). At the moment, `config.resources` is not yet supported.\n\n-   **media** (string[]): By default UnCSS processes only stylesheets with media query `_all_`, `_screen_`, and those without one. Specify here which others to include.\n\n-   **raw** (string): Give the task a raw string of CSS in addition to the existing stylesheet options; useful in scripting when your CSS hasn't yet been written to disk.\n\n-   **report** (boolean, default: `true`): Return the report object in callback.\n\n-   **strictSSL** (boolean, default: `true`): Disable SSL verification when retrieving html source\n\n-   **stylesheets** (string[]): Use these stylesheets instead of those extracted from the HTML files. Prepend paths with the `file://` protocol to force use of local stylesheets, otherwise paths will be resolved as a browser would for an anchor tag `href` on the HTML page.\n\n-   **timeout** (number): Specify how long to wait for the JS to be loaded.\n\n-   **uncssrc** (string): Load all options from a JSON file. Regular expressions for the `ignore` and `ignoreSheets` options should be wrapped in quotation marks.\n\n    Example uncssrc file:\n\n    ```json\n    {\n        \"ignore\": [\".unused\", \"/^#js/\"],\n        \"stylesheets\": [\"css/override.css\"]\n    }\n    ```\n\n-   **userAgent** (String, default: `'uncss'`): The user agent string that jsdom should send when requesting pages. May be useful when loading markup from services which use user agent based device detection to serve custom markup to mobile devices. Defaults to `uncss`.\n\n### As a PostCSS Plugin\n\nUnCSS can be used as a [PostCSS](https://github.com/postcss/postcss) Plugin.\n\n```js\npostcss([require('uncss').postcssPlugin]);\n```\n\nSee [PostCSS docs](https://github.com/postcss/postcss) for examples for your environment.\n\n**Note:** Depending on your environment, you might not be able to use uncss as a PostCSS plugin since the plugin is not directly exported. In such cases, use the wrapper library [postcss-uncss](https://github.com/RyanZim/postcss-uncss).\n\n#### Options\n\n-   **html** (string[]): provide a list of html files to parse for selectors and elements. Usage of [globs](https://github.com/isaacs/node-glob) is allowed.\n\n-   **ignore** (string[] | RegExp[]): provide a list of selectors that should not be removed by UnCSS. For example, styles added by user interaction with the page (hover, click), since those are not detectable by UnCSS yet. Both literal names and regex patterns are recognized. Otherwise, you can add a comment before specific selectors in your CSS:\n\n    ```css\n    /* uncss:ignore */\n    .selector1 {\n        /* this rule will be ignored */\n    }\n\n    .selector2 {\n        /* this will NOT be ignored */\n    }\n    ```\n\n##### Example Configuration\n\n```js\n{\n  html: ['index.html', 'about.html', 'team/*.html'],\n  ignore: ['.fade']\n}\n```\n\n## License\n\nCopyright (c) 2019 Giacomo Martino. See the [LICENSE](/LICENSE.md) file for license rights and limitations (MIT).\n","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funcss%2Funcss","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Funcss%2Funcss","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funcss%2Funcss/lists"}