Giter Site home page Giter Site logo

tuanductran / colour-a11y-for-tailwind Goto Github PK

View Code? Open in Web Editor NEW

This project forked from samrobbins85/colour-a11y-for-tailwind

2.0 2.0 0.0 212 KB

Check the accessibility of tailwind colours on your background

Home Page: https://colour-a11y.vercel.app

License: MIT License

JavaScript 98.59% CSS 1.41%

colour-a11y-for-tailwind's Introduction

Greetings!

Welcome to my space! I am Tran Tuan Duc, a dedicated Front-End Developer specializing in Vue.js and Nuxt.js. My passion lies in crafting dynamic, responsive, and high-performance web applications that deliver exceptional user experiences.

About Me

const myInfo = {
  name: 'Tran Tuan Duc',
  jobTitle: 'Front-End Developer',
  skills: {
    core: ['HTML', 'CSS', 'JavaScript'],
    frameworks: ['Vue.js', 'Nuxt.js'],
    design: ['Figma', 'Bootstrap', 'Tailwind CSS'],
    wordpress: ['Elementor', 'Page Builders'],
    os: ['Windows', 'Linux', 'macOS']
  },
  careerObjective: {
    primary: 'Front-End Development with Vue.js',
    secondary: 'WordPress Back-End Development'
  },
  socialMedia: {
    twitter: 'tuanducdesigner',
    linkedin: 'tuanductran',
    devTo: 'tuanductran',
    instagram: 'mi.profile.56'
  }
}

Professional Statistics

  • ๐Ÿ“… Account Age: 4 years.
  • ๐Ÿ’ป Total Commits: 6118
  • ๐Ÿ“ Issues Opened: 44
  • ๐Ÿš€ Pull Requests: 71
  • ๐Ÿ” Code Reviews: 2
  • โญ Stars Received: 62
  • ๐Ÿ“š Repositories Owned: 66
  • ๐Ÿค Repositories Contributed: 18

Top 5 most used languages across my repositories

TypeScript MDX JavaScript Python Other

Statistics are generated with teoxoy/profile-readme-stats

colour-a11y-for-tailwind's People

Contributors

dependabot[bot] avatar luuu-xu avatar mend-bolt-for-github[bot] avatar samrobbins85 avatar tuanductran avatar

Stargazers

avatar avatar

colour-a11y-for-tailwind's Issues

next-12.1.0.tgz: 1 vulnerabilities (highest severity is: 5.3)

Vulnerable Library - next-12.1.0.tgz

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Found in HEAD commit: 9141212263cc2368d8dd33fdab786d0abd32f78a

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (next version) Remediation Possible**
CVE-2023-44270 Medium 5.3 postcss-8.4.5.tgz Transitive 13.5.4-canary.8 โŒ

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2023-44270

Vulnerable Library - postcss-8.4.5.tgz

Tool for transforming styles with JS plugins

Library home page: https://registry.npmjs.org/postcss/-/postcss-8.4.5.tgz

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

  • next-12.1.0.tgz (Root Library)
    • โŒ postcss-8.4.5.tgz (Vulnerable Library)

Found in HEAD commit: 9141212263cc2368d8dd33fdab786d0abd32f78a

Found in base branch: master

Vulnerability Details

An issue was discovered in PostCSS before 8.4.31. The vulnerability affects linters using PostCSS to parse external untrusted CSS. An attacker can prepare CSS in such a way that it will contains parts parsed by PostCSS as a CSS comment. After processing by PostCSS, it will be included in the PostCSS output in CSS nodes (rules, properties) despite being included in a comment.

Publish Date: 2023-09-29

URL: CVE-2023-44270

CVSS 3 Score Details (5.3)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: Low
    • Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://www.cve.org/CVERecord?id=CVE-2023-44270

Release Date: 2023-09-29

Fix Resolution (postcss): 8.4.31

Direct dependency fix Resolution (next): 13.5.4-canary.8

Step up your Open Source Security Game with Mend here

tailwindcss-2.0.2.tgz: 1 vulnerabilities (highest severity is: 7.5)

Vulnerable Library - tailwindcss-2.0.2.tgz

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Found in HEAD commit: 9141212263cc2368d8dd33fdab786d0abd32f78a

Vulnerabilities

CVE Severity CVSS Dependency Type Fixed in (tailwindcss version) Remediation Possible**
CVE-2021-23382 High 7.5 postcss-6.0.23.tgz Transitive 2.1.2-internal.1 โŒ

**In some cases, Remediation PR cannot be created automatically for a vulnerability despite the availability of remediation

Details

CVE-2021-23382

Vulnerable Library - postcss-6.0.23.tgz

Tool for transforming styles with JS plugins

Library home page: https://registry.npmjs.org/postcss/-/postcss-6.0.23.tgz

Path to dependency file: /package.json

Path to vulnerable library: /package.json

Dependency Hierarchy:

  • tailwindcss-2.0.2.tgz (Root Library)
    • postcss-functions-3.0.0.tgz
      • โŒ postcss-6.0.23.tgz (Vulnerable Library)

Found in HEAD commit: 9141212263cc2368d8dd33fdab786d0abd32f78a

Found in base branch: master

Vulnerability Details

The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /*\s* sourceMappingURL=(.*).

Publish Date: 2021-04-26

URL: CVE-2021-23382

CVSS 3 Score Details (7.5)

Base Score Metrics:

  • Exploitability Metrics:
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Scope: Unchanged
  • Impact Metrics:
    • Confidentiality Impact: None
    • Integrity Impact: None
    • Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23382

Release Date: 2021-04-26

Fix Resolution (postcss): 7.0.36

Direct dependency fix Resolution (tailwindcss): 2.1.2-internal.1

Step up your Open Source Security Game with Mend here

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.