npmpackage.info

Gathering detailed insights and metrics for @alexjamesmalcolm/use-resource

@alexjamesmalcolm/use-resource

A React hook that assists in retrieving remote data and caching via redux by abstracting the Auto Effect pattern.

0.2.4

TypeScript

3.00 kB

6,452 2.9

Installations

npm install @alexjamesmalcolm/use-resource

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

12.22.6

NPM Version

6.14.15 Pull Requests

Open

2

Total

9

Closed

1

Merged

6

Issues

Open

2

Total

7

Closed

5

Releases

v0.2.4

Published on 01 Oct 2021

v0.2.3

Published on 10 Nov 2020

v0.2.2

Published on 07 Nov 2020

v0.2.1

Published on 07 Nov 2020

v0.2.0

Published on 15 Oct 2020

v0.1.25

Published on 10 Oct 2020

View all 30 releases

Contributors

Unable to fetch Contributors

View all 1 contributors

Languages

TypeScript

HTML

CSS

JavaScript

TypeScript (91.45%)

HTML (4.14%)

CSS (4.12%)

JavaScript (0.29%)

Love this project? Help keep it running — sponsor us today! 🚀

Developer

alexjamesmalcolm

Download Statistics

Total Downloads

6,452

Last Day

Last Week

Last Month

Last Year

571

GitHub Statistics

162 Commits

3 Watching

6 Branches

1 Contributors

Bundle Size

10.96 kB

Minified

3.00 kB

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

0.2.4

Package Id

@alexjamesmalcolm/use-resource@0.2.4

Unpacked Size

45.02 kB

Size

11.47 kB

File Count

NPM Version

6.14.15

Node Version

12.22.6

Total Downloads

Cumulative downloads

Total Downloads

6,452

Last day

Compared to previous day

Last week

-89.7%

Compared to previous week

Last month

1.5%

Compared to previous month

Last year

-61.8%

571

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Versions

MIT License

useResource

This is a React custom hook meant for assisting in the retrieval of remote data and the caching of it once acquired using redux.

Documentation

Read the documentation, if there's a concept you'd like further explained or a feature you would like requested you can open an issue.

TODO

Allow for custom reducer names
Internalize state management so reducer does not need to be exported
~~Allow passing a function instead of a number to ttl in case it needs to be determined programmatically.~~
Mask my personal email address with GitHub's privacy email address
Implement dependency array to replace resourceId
Somehow get a unique identifier from supplied getResource function to replace resourceId

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

7

SAST

Determines if the project uses static code analysis.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-test-publish.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-test-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-test-publish.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-test-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-test-publish.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-test-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-test-publish.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-test-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-test-publish.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-test-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-test-publish.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-test-publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-test.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/npm-test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/alexjamesmalcolm/use-resource/npm-test.yml/master?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/npm-publish.yml:19
Warn: npmCommand not pinned by hash: .github/workflows/npm-publish.yml:32
Warn: npmCommand not pinned by hash: .github/workflows/npm-publish.yml:47
Warn: npmCommand not pinned by hash: .github/workflows/npm-test-publish.yml:17
Warn: npmCommand not pinned by hash: .github/workflows/npm-test-publish.yml:30
Warn: npmCommand not pinned by hash: .github/workflows/npm-test-publish.yml:45
Warn: npmCommand not pinned by hash: .github/workflows/npm-test.yml:20
Info: 0 out of 18 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 1 third-party GitHubAction dependencies pinned
Info: 0 out of 7 npmCommand dependencies pinned

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

License

Determines if the project has defined a license.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

74 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-2rxp-v6pw-ch6m
Warn: Project is vulnerable to: GHSA-4xqq-m2hx-25v8
Warn: Project is vulnerable to: GHSA-5866-49gr-22v4
Warn: Project is vulnerable to: GHSA-r55c-59qm-vjw6
Warn: Project is vulnerable to: GHSA-vg3r-rm7w-2xgh
Warn: Project is vulnerable to: GHSA-vmwr-mc7x-5vc3
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
Warn: Project is vulnerable to: GHSA-6h5x-7c5m-7cr7
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-33f9-j839-rf8h
Warn: Project is vulnerable to: GHSA-c36v-fmgq-m8hx
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-rqff-837h-mm52
Warn: Project is vulnerable to: GHSA-8v38-pw62-9cw2
Warn: Project is vulnerable to: GHSA-hgjh-723h-mx2j
Warn: Project is vulnerable to: GHSA-jf5r-8hm2-f872
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

2.9

/10

Last Scanned on 2025-02-03

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

@alexjamesmalcolm/use-resource

Installations

Developer Guide

No

CommonJS

12.22.6

6.14.15

Pull Requests

2

9

1

6

Issues

2

7

5

Releases

Contributors

Unable to fetch Contributors

Languages

Developer

alexjamesmalcolm

Download Statistics

GitHub Statistics

Bundle Size

10.96 kB

3.00 kB

Maintainers

Package Meta Information

Total Downloads

6,452

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Peer Dependencies

Dev Dependencies

useResource

Documentation

TODO

10

10

7

0

0

0

0

0

0

0

0

0

2.9

/10