Installations
npm install @angular/youtube-playerDeveloper Guide
Typescript
No
Module System
ESM
Node Version
18.19.1
NPM Version
10.2.4
Score
74.1
Supply Chain
66.9
Quality
96.6
Maintenance
100
Vulnerability
98.6
License
Releases
Contributors
Languages
TypeScript (75.92%)
SCSS (14.16%)
HTML (5.59%)
Starlark (2.99%)
JavaScript (0.74%)
CSS (0.5%)
Shell (0.09%)
Developer
Download Statistics
Total Downloads
4,244,168
Last Day
2,242
Last Week
24,937
Last Month
125,491
Last Year
1,311,949
GitHub Statistics
24,432 Stars
13,232 Commits
6,767 Forks
892 Watching
114 Branches
811 Contributors
Bundle Size
16.60 kB
Minified
4.50 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
19.0.4
Package Id
@angular/youtube-player@19.0.4
Unpacked Size
96.71 kB
Size
23.83 kB
File Count
12
NPM Version
10.2.4
Node Version
18.19.1
Publised On
18 Dec 2024
Total Downloads
Cumulative downloads
Total Downloads
4,244,168
Last day
-59.2%
2,242
Compared to previous day
Last week
-21.5%
24,937
Compared to previous week
Last month
11.2%
125,491
Compared to previous month
Last year
20.2%
1,311,949
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Peer Dependencies
3
Angular Material
The sources for this package are in the main Angular Material repo. Please file issues and pull requests against that repo.
License: MIT
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
23 out of 23 merged PRs checked by a CI test -- score normalized to 10
Reason
all changesets reviewed
Reason
24 different organizations found -- score normalized to 10
Details
- Info: contributors work for DevIntent,airpair,angular,angular @google,angular-eslint,angular-hispano,classdojo,devintent,good code,google,googlers,https://1fpga.com,iseatz,lemonade-hq,nachos,ng-packagr,ngxs,ngxs-labs,obshtestvo,reaviz,sass,storybookjs,swiss federal railways,willowtreeapps
Reason
no dangerous workflow patterns detected
Reason
update tool detected
Details
- Info: tool 'RenovateBot' is used: renovate.json:1
Reason
license file detected
Details
- Info: License file found in expected location: LICENSE:1
- Info: FSF or OSI recognized license: LICENSE:1
Reason
30 commit(s) out of 30 and 10 issue activity out of 30 found in the last 90 days -- score normalized to 10
Reason
all dependencies are pinned
Details
- Info: 9 out of 9 GitHub-owned GitHubAction dependencies pinned
- Info: 81 out of 81 third-party GitHubAction dependencies pinned
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: topLevel 'contents' permission set to 'read': .github/workflows/assistant-to-the-branch-manager.yml:10
- Info: topLevel permissions set to 'none': .github/workflows/ci.yml:1
- Warn: topLevel 'deployments' permission set to 'write': .github/workflows/deploy-dev-app-main-push.yml:8: Visit https://app.stepsecurity.io/secureworkflow/angular/components/deploy-dev-app-main-push.yml/main?enable=permissions Tick the 'Restrict permissions for GITHUB_TOKEN' Untick other options NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead. (Low effort)
- Info: topLevel permissions set to 'read-all': .github/workflows/dev-infra.yml:8
- Info: topLevel 'pull-requests' permission set to 'read': .github/workflows/google-internal-tests.yml:8
- Warn: topLevel 'statuses' permission set to 'write': .github/workflows/google-internal-tests.yml:9: Visit https://app.stepsecurity.io/secureworkflow/angular/components/google-internal-tests.yml/main?enable=permissions Tick the 'Restrict permissions for GITHUB_TOKEN' Untick other options NOTE: If you want to resolve multiple issues at once, you can visit https://app.stepsecurity.io/securerepo instead. (Low effort)
- Info: topLevel permissions set to 'none': .github/workflows/pr.yml:1
- Info: topLevel permissions set to 'read-all': .github/workflows/preview-build-dev-app.yml:14
- Info: topLevel permissions set to 'none': .github/workflows/scheduled-ci.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/scorecard.yml:12
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecard.yml:23
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecard.yml:24
- Info: no jobLevel write permissions found
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'force pushes' disabled on branch 'main'
- Info: 'allow deletion' disabled on branch 'main'
- Warn: no status checks found to merge onto branch 'main'
- Warn: number of required reviewers is only 1 on branch 'main'
- Warn: codeowner review is not required on branch 'main'
Reason
badge detected: in_progress
Reason
project is not fuzzed
Details
- Warn: no OSSFuzz integration found: Follow the steps in https://github.com/google/oss-fuzz to integrate fuzzing for your project. Over time, try to add fuzzing for more functionalities of your project. (High effort)
- Warn: no OneFuzz integration found: Follow the steps in https://github.com/microsoft/onefuzz to start fuzzing for your project. Over time, try to add fuzzing for more functionalities of your project. (High effort)
- Warn: no GoBuiltInFuzzer integration found: Follow the steps in https://go.dev/doc/fuzz/ to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no PythonAtherisFuzzer integration found: Follow the steps in https://github.com/google/atheris to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no CLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no CppLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no SwiftLibFuzzer integration found: Follow the steps in https://google.github.io/oss-fuzz/getting-started/new-project-guide/swift-lang/ to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no RustCargoFuzzer integration found: Follow the steps in https://rust-fuzz.github.io/book/cargo-fuzz.html to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no JavaJazzerFuzzer integration found: Follow the steps in https://github.com/CodeIntelligenceTesting/jazzer to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no ClusterFuzzLite integration found: Follow the steps in https://github.com/google/clusterfuzzlite to integrate fuzzing as part of CI. Over time, try to add fuzzing for more functionalities of your project. (High effort)
- Warn: no HaskellPropertyBasedTesting integration found: Use one of the following frameworks to fuzz your project: QuickCheck: https://hackage.haskell.org/package/QuickCheck hedgehog: https://hedgehog.qa/ validity: https://github.com/NorfairKing/validity smallcheck: https://hackage.haskell.org/package/smallcheck hspec: https://hspec.github.io/ tasty: https://hackage.haskell.org/package/tasty (High effort)
- Warn: no TypeScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)
- Warn: no JavaScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
- Warn: CodeQL tool not detected
Reason
53 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
- Warn: Project is vulnerable to: GHSA-7p89-p6hx-q4fw
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-rcm2-22f3-pqv3
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-h755-8qp9-cq85
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-cchq-frgv-rjh5
- Warn: Project is vulnerable to: GHSA-g644-9gfx-q4q4
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-7v5v-9h63-cj86
- Warn: Project is vulnerable to: GHSA-j4f2-536g-r55m
- Warn: Project is vulnerable to: GHSA-r7qp-cfhv-p84w
- Warn: Project is vulnerable to: GHSA-8gwj-8hxc-285w
- Warn: Project is vulnerable to: GHSA-8cf7-32gw-wr33
- Warn: Project is vulnerable to: GHSA-hjrf-2m68-5959
- Warn: Project is vulnerable to: GHSA-qwph-4952-7xr6
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-g954-5hwp-pp24
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-x3m3-4wpv-5vgc
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-fxwf-4rqh-v8g3
- Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
- Warn: Project is vulnerable to: GHSA-xfhh-g9f5-x4m4
- Warn: Project is vulnerable to: GHSA-qm95-pgcg-qqfq
- Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-3g92-w8c5-73pq
- Warn: Project is vulnerable to: GHSA-rv73-9c8w-jp4c
- Warn: Project is vulnerable to: GHSA-72mh-269x-7mh5
- Warn: Project is vulnerable to: GHSA-h4j5-c7cj-74xg
Score
7.4
/10
Last Scanned on 2024-12-23T08:36:47Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to @angular/youtube-player
angular-youtube-player
An Angular component module for using the embedded YouTube iframe player.
penpencil-player
PenpencilPlayer is HTML5 video player based ob videojs library. It gathers all the neccessary plugins or library at single place to play videos like:- Vimeo, Youtube , hls (m3us). PenpencilPlayer require angular v6 or above.
ng2-youtube-player-mini
Angular 2 lightweight wrapper for Youtube player - AoT ready.
@vime/angular
Angular bindings for the Vime media player.