Gathering detailed insights and metrics for @angular-devkit/schematics-cli
Gathering detailed insights and metrics for @angular-devkit/schematics-cli
Installations
npm install @angular-devkit/schematics-cliDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
^20.19.0 || ^22.12.0 || >=24.0.0
Node Version
22.15.1
NPM Version
11.4.2
Score
94.3
Supply Chain
79.8
Quality
96.3
Maintenance
100
Vulnerability
99.6
License
Releases
851
Languages
8
TypeScript
Starlark
JavaScript
HTML
EJS
Shell
jq
CSS
TypeScript (95.02%)
Starlark (2.32%)
JavaScript (1.33%)
HTML (0.99%)
EJS (0.24%)
Shell (0.06%)
jq (0.03%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
26,933 Stars
16,835 Commits
11,950 Forks
989 Watchers
32 Branches
659 Contributors
Updated on Jul 14, 2025
Maintainers
2
Package Meta Information
Latest Version
20.1.0
Package Id
@angular-devkit/schematics-cli@20.1.0
Unpacked Size
45.63 kB
Size
13.15 kB
File Count
39
NPM Version
11.4.2
Node Version
22.15.1
Published on
Jul 09, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Schematics CLI
This package contains the executable for running a Schematic.
Usage
$ schematics [CollectionName:]SchematicName [options, ...]
By default, if the collection name is not specified, use the internal collection provided
by the Schematics CLI.
Options:
--debug Debug mode. This is true by default if the collection is a relative
path (in that case, turn off with --debug=false).
--allow-private Allow private schematics to be run from the command line. Default to
false.
--dry-run Do not output anything, but instead just show what actions would be
performed. Default to true if debug is also true.
--force Force overwriting files that would otherwise be an error.
--list-schematics List all schematics from the collection, by name. A collection name
should be suffixed by a colon. Example: '@angular-devkit/schematics-cli:'.
--no-interactive Disables interactive input prompts.
--verbose Show more information.
--help Show this message.
Any additional option is passed to the Schematics depending on its schema.
Examples
- Create a new NPM package that contains a blank schematic.
1$ schematics blank <name>
- Walkthrough example that demonstrates how to build a schematic.
1$ schematics schematic --name <name>
No vulnerabilities found.
Reason
update tool detected
Details
- Info: detected update tool: Dependabot: .github/dependabot.yml:1
- Info: detected update tool: RenovateBot: renovate.json:1
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
all changesets reviewed
Reason
30 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: jobLevel 'packages' permission set to 'read': .github/workflows/codeql.yml:17
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecard.yml:20
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecard.yml:19
- Info: topLevel 'contents' permission set to 'read': .github/workflows/assistant-to-the-branch-manager.yml:10
- Info: found token with 'none' permissions: .github/workflows/ci.yml:1
- Info: found token with 'none' permissions: .github/workflows/codeql.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/dev-infra.yml:9
- Info: topLevel 'contents' permission set to 'read': .github/workflows/feature-requests.yml:5
- Info: topLevel 'contents' permission set to 'read': .github/workflows/perf.yml:11
- Info: found token with 'none' permissions: .github/workflows/pr.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/scorecard.yml:12
- Info: no jobLevel write permissions found
Reason
no binaries found in the repo
Reason
all dependencies are pinned
Details
- Info: 13 out of 13 GitHub-owned GitHubAction dependencies pinned
- Info: 56 out of 56 third-party GitHubAction dependencies pinned
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
22 out of 22 merged PRs checked by a CI test -- score normalized to 10
Reason
project has 64 contributing companies or organizations
Details
- Info: found contributions from: AngularAir, AngularClass, FACTORYX, FEMR, FieldDB, HTTPArchive, Jasig, Many-Repo-Manager-PoC, Ninja-Squad, QwikDev, ReactWeek, RedditInsight, SofiaJavaScript, TrilonIO, angular, angular @google, angular-community, angular-redux, angularjs-in-action, app-demos, aspect-build, async-framework, beerjs, coddict, deployd, expert support, gethuman, google, google-gemini, googlers, guess-js, hackreactor, hizenapp, https://1fpga.com, keychain, kunai-consulting, mend, monsoonco, nestjs, newlinedotco, ng-cruise, ng-newsletter, ng-packagr, ngcommunity, nguniversal, ninja-squad, nko4, nrwl, obshtestvo, qwikifiers, rangle, rangleio, rectanglepodcast-com, source-map, storybookjs, testiumjs, trilonio co-founder, typed-typings, typings, uniform-team, vue-software, vuejs, wasmbinaries, webpack
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Warn: required approving review count is 1 on branch 'main'
- Warn: codeowners review is not required on branch 'main'
- Warn: no status checks found to merge onto branch 'main'
- Info: PRs are required in order to make changes on branch 'main'
Reason
6 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Reason
badge detected: InProgress
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
8.3
/10
Last Scanned on 2025-07-13T02:48:56Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More