Gathering detailed insights and metrics for @andes/plex
Gathering detailed insights and metrics for @andes/plex
Installations
npm install @andes/plexDeveloper
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
14.21.1
NPM Version
6.14.17
Statistics
1 Stars
1,042 Commits
2 Forks
16 Watching
22 Branches
18 Contributors
Updated on 04 Nov 2024
Languages
TypeScript (54.37%)
HTML (25.35%)
SCSS (14.67%)
JavaScript (4.8%)
CSS (0.81%)
Total Downloads
Cumulative downloads
Total Downloads
136,252
Last day
65%
33
Compared to previous day
Last week
24.8%
201
Compared to previous week
Last month
-2%
877
Compared to previous month
Last year
-49.9%
11,756
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
30
@andes/icons@angular/material@fortawesome/fontawesome-free@mdi/font@types/estree@types/intro.js@types/jquery@types/tether-shepherdanimate.cssawesome-phonenumberbootstrapchart.jscore-jshammerjshttp-serverintro.jsjqueryloaders.cssmomentng2-chartsngx-infinite-scrollngx-simple-text-editornode-wavesrxjsselectizesweetalert2tether-shepherdtsliburl-parsezone.js
Dev Dependencies
42
@angular-devkit/build-angular@angular/animations@angular/cdk@angular/cli@angular/common@angular/compiler@angular/compiler-cli@angular/core@angular/forms@angular/language-service@angular/platform-browser@angular/platform-browser-dynamic@angular/platform-server@angular/router@applitools/eyes-cypress@commitlint/cli@commitlint/config-angular@semantic-release/changelog@semantic-release/git@types/cypress-axe@types/jasmine@types/nodeaxe-corecodelyzercommitlint-circlecypresscypress-axegh-pageshuskyjasmine-corejasmine-spec-reporterkarmakarma-chrome-launcherkarma-coverage-istanbul-reporterkarma-jasminekarma-jasmine-html-reporternpm-run-allsemantic-releasets-nodetslinttypescriptwait-on
Versions
Plex: UI/UX para ANDES
Plex es un conjunto de componentes de UI/UX para el proyecto ANDES.
Instalación
-
Crear una nueva aplicación con angular-cli
ng new my-app cd my-app -
Descargar desde npm
npm install @andes/plex --save -
Crear un nuevo archivo
src/styles.sassy editarlo para vincular al archivo.sassde Plex1@import '~andes-plex/src/lib/styles.sass'; -
Registrar en
angular-cli.jsonlos siguiente archivos:1... 2"styles": [ 3 "styles.sass", 4], 5"scripts": [ 6 "../node_modules/intro.js/intro.js" 7], 8... -
Modificar
app.component.htmlcon el siguiente contenido:1<plex-app> 2</plex-app> -
Crear un componente
home.component.tscon el siguiente contenido:1import { Component } from '@angular/core'; 2 3@Component({ 4 template: 'Hello World', 5}) 6export class HomeComponent { 7} -
Crear el archivo
app.routing.tsy registrar el componente:1import { Routes, RouterModule } from '@angular/router'; 2import { ModuleWithProviders } from '@angular/core'; 3import { HomeComponent } from './home.component'; 4 5const appRoutes: Routes = [ 6 { path: '**', component: HomeComponent } 7]; 8 9export const appRoutingProviders: any[] = []; 10export const routing: ModuleWithProviders = RouterModule.forRoot(appRoutes); -
En
app.module.tsimportarPlexModuley registrar los routings y el servicioPlex:1import { BrowserModule } from '@angular/platform-browser'; 2import { NgModule } from '@angular/core'; 3import { FormsModule } from '@angular/forms'; 4import { HttpModule } from '@angular/http'; 5import { Plex, PlexModule } from '@andes/plex'; 6import { routing, appRoutingProviders } from './app.routing'; 7 8// Components 9import { AppComponent } from './app.component'; 10import { HomeComponent } from './home.component'; 11 12@NgModule({ 13 declarations: [ 14 AppComponent, 15 HomeComponent 16 ], 17 imports: [ 18 BrowserModule, 19 FormsModule, 20 HttpModule, 21 PlexModule, 22 routing 23 ], 24 providers: [ 25 Plex, 26 appRoutingProviders 27 ], 28 bootstrap: [AppComponent] 29}) 30export class AppModule { } 31 -
Correr la aplicacion
ng serveng serve -
Navegar hasta
http://localhost:4200
Publicación
La siguiente secuencia de pasos permite publicar la librería en NPM:
- Incrementar la versión package.json y package-lock.json. Por ejemplo
"version": "1.1.17" - Realizar commit con la nueva versión
- Crear un tag con la versión, tiene que ser la misma que en package.json. Por ejemplo
git tag 1.1.17 - Realizar push de los cambios
- Realizar el PR con la versión y luego mergear a Master
- Volver a Master y obtener últimos cambios
- Ejecutar
npm login(usando las credenciales de Andes) - Ejecutar
npm publish
No vulnerabilities found.
Reason
14 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
all changesets reviewed
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: GNU General Public License v3.0: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:7: update your workflow using https://app.stepsecurity.io/secureworkflow/andes/plex/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/andes/plex/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/andes/plex/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/andes/plex/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/andes/plex/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/andes/plex/build.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:7: update your workflow using https://app.stepsecurity.io/secureworkflow/andes/plex/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/andes/plex/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/andes/plex/release.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/build.yml:31
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 3 out of 4 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/build.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
113 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-c75v-2vq8-878f
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-22h7-7wwg-qmgg
- Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
- Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
- Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-h68q-55jf-x68w
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-582f-p4pg-xc74
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-jc84-3g44-wf2q
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-qrmc-fj45-qfc2
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-8mmm-9v2q-x3f9
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-pc5p-h8pf-mvwp
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-6c3j-c64m-qhgq
- Warn: Project is vulnerable to: GHSA-gxr4-xjj5-5px2
- Warn: Project is vulnerable to: GHSA-jpcq-cgw6-v4j6
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
- Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
- Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
- Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
- Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
- Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
- Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
- Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
- Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
- Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
- Warn: Project is vulnerable to: GHSA-93f3-23rq-pjfp
- Warn: Project is vulnerable to: GHSA-jmqm-f2gx-4fjv
- Warn: Project is vulnerable to: GHSA-pw54-mh39-w3hc / GHSA-xgh6-85xh-479p
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-r2j6-p67h-q639
- Warn: Project is vulnerable to: GHSA-x2pg-mjhr-2m5x
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
- Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-46c4-8wrp-j99v
- Warn: Project is vulnerable to: GHSA-9m6j-fcg5-2442
- Warn: Project is vulnerable to: GHSA-hh27-ffr2-f2jc
- Warn: Project is vulnerable to: GHSA-rqff-837h-mm52
- Warn: Project is vulnerable to: GHSA-8v38-pw62-9cw2
- Warn: Project is vulnerable to: GHSA-hgjh-723h-mx2j
- Warn: Project is vulnerable to: GHSA-jf5r-8hm2-f872
- Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
5.1
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More