View polished on Snyk Open Source Advisor

Package Health Score

95 / 100

security
No known security issues
popularity
Key ecosystem project
maintenance
Healthy
community
Active

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

All Versions

Version				Vulnerabilities	License Risk
4.2.2	\|	04/2022	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
4.1.4	\|	01/2022		0 C 0 H 0 M 0 L	0 H 0 M 0 L
3.7.2	\|	05/2021		0 C 0 H 0 M 0 L	0 H 0 M 0 L
2.3.3	\|	01/2019		0 C 0 H 0 M 1 L	0 H 0 M 0 L
2.2.0	\|	09/2018		0 C 0 H 0 M 1 L	0 H 0 M 0 L

License

MIT

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Key ecosystem project

Weekly Downloads (4,115,597)

Dependents: 2.99K
GitHub Stars: 7.39K
Forks: 244
Contributors: 80

Direct Usage Popularity

The npm package polished receives a total of 4,115,597 downloads a week. As such, we scored polished popularity level to be Key ecosystem project.

Based on project statistics from the GitHub repository for the npm package polished, we found that it has been starred 7,386 times, and that 2,992 other projects in the ecosystem are dependent on it.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Active

Readme.md: Yes
Contributing.md: Yes
Code of Conduct: Yes
Contributors: 80
Funding: Yes

With more than 10 contributors for the polished repository, this is possibly a sign for a growing and inviting community.

Embed Package Health Score Badge

Maintenance

Healthy

Commit Frequency

Open Issues: 16
Open PR: 3
Last Release: 8 months ago
Last Commit: 2 months ago

Further analysis of the maintenance status of polished based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that polished demonstrates a positive version release cadence with at least one new version released in the past 12 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: >=10

Age: 6 years
Dependencies: 1 Direct
Versions: 95
Install Size: 2.8 MB
Dist-tags: 3
# of Files: 356
Maintainers: 3
TS Typings: Yes

polished has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Readme

A lightweight toolset for writing styles in JavaScript. ✨

Node CI Test

npm install --save polished
# or if you're using yarn
yarn add polished

Want to write styles in JavaScript, but also want Sass-style helper functions and mixins? Need a consistent color palette throughout your app? ✨ polished is for you!

Make your app look great without stress
Cross framework compatible: No matter if you're using styled-components, emotion, jss, aphrodite, radium, or plain inline styles, as long as you're writing your styles in JavaScript you can use polished!
Switching from a pre-processor to styles in JS made easy

Docs

See the full documentation at polished.js.org!

Usage

✨ polished modules are meant to be used as stand-alone imports. You should avoid importing the entire library directly:

import { clearFix, animation } from 'polished' ~import * as polished from 'polished~ ~import polished from 'polished'~

When ✨ polished modules are imported properly, tree shaking in webpack and Rollup can be leveraged to reduce your bundle size.

Browser Support

All Evergreen Browsers + IE11

As of v3.6.X we support >0.5%, not dead, ie >= 11, not op_mini all for all our builds.

Flow Type Definitions

✨ polished has first-class Flow support with zero configuration to assist you in finding type errors while using our modules.

Ignore ✨ polished source

Flow frequently updates and it is possible that the version you are running may cause you to run into errors coming from the polished package in your node_modules directory. You can add the following lines to your .flowconfig to ignore polished in those cases:

[ignore]
.*/node_modules/polished/.*

TypeScript Definitions

✨ polished has TypeScript definitions to allow the library to be used in any TypeScript project. You will need to set moduleResolution to node in your tsconfig.json in order to use ✨ polished with TypeScript.

Babel plugin

You can optionally also use babel-plugin-polished to compile the static function calls out and remove the (already tiny) runtime performance impact of using ✨ polished.

Object Spread Properties

In the documentation you will see examples using object spread properties ({ ...other }). To enable this syntax in your project add the transform-object-rest-spread plugin (or the stage-3 preset to enable all stage three features) to your Babel configuration.

Why?

When writing styles in JavaScript, many people need Sass-style helper functions to be productive. ✨ polished brings them to you in a nice, lightweight package tailor-made for styles in JavaScript.

The main difference with Sass is that it's written in a functional style and all color functions are curried. This means you can compose them together into your own reusable helpers with a compose function of your choice:

import { compose } from 'ramda' // Replace with any compose() function of your choice
import { lighten, desaturate } from 'polished'

// Create tone() helper
const tone = compose(lighten(0.1), desaturate(0.1))

Why not `package-xyz`?

First of all, we didn't find another library that had everything we needed, and we don't care about installing a dozen packages separately.

Specifically most other packages that provide color functions do so in an object-oriented style, often with a fluent API that's very different from the Sass-style helpers. This means people that aren't very familiar with JavaScript might shy away from using them.

✨ polished was made as a standard library for everybody, no matter if they know JS inside out or not.

Compatibility

✨ polished is compatible with any library that accepts styles as JS objects. This includes, but is by far not limited to, styled-components, radium, aphrodite, glamor, glamorous, jss and many more!

No matter if you're using inline styles or CSS-in-JS, polished is for you.

Contributors

This project exists thanks to all the people who contribute. [Contribute].

Backers

Thank you to all our backers! 🙏 [Become a backer]

License

polished dependencies

@babel/runtime

FAQs

What is polished?

A lightweight toolset for writing styles in Javascript. Visit Snyk Advisor to see a full health score report for polished, including popularity, security, maintenance & community analysis.

Is polished popular?

The npm package polished receives a total of 4,115,597 weekly downloads. As such, polished popularity was classified as a key ecosystem project. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is polished well maintained?

We found that polished demonstrated a healthy version release cadence and project activity. It has a community of 80 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is polished safe to use?

The npm package polished was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 1 December-2022, at 01:41 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (4,115,597)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Readme

Docs

Usage

Browser Support

Flow Type Definitions

Ignore ✨ polished source

TypeScript Definitions

Babel plugin

Object Spread Properties

Why?

Why not package-xyz?

Compatibility

Contributors

Backers

Sponsors

License

polished dependencies

polished development dependencies

Explore Packages From The Same Category

Explore Related Categories

FAQs

What is polished?

Is polished popular?

Is polished well maintained?

Is polished safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues

Why not `package-xyz`?