npmpackage.info

Gathering detailed insights and metrics for @astowny/uppy-status-bar

@astowny/uppy-status-bar

The next open source file uploader for web browsers 🐶

3.3.3

29,439

MIT

TypeScript

141.99 kB

111 4.1

Installations

npm install @astowny/uppy-status-bar

Developer Guide

BETA

Typescript

Yes

Module System

ESM

Node Version

21.7.3

NPM Version

10.8.2 Score

74.6

Supply Chain

81.5

Quality

75.9

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

10

Total

3,249

Closed

285

Merged

2,954

Issues

Open

141

Total

2,369

Closed

2,228

Releases

132

Uppy 4.13.2

uppy@4.13.2

Published on 03 Feb 2025

Uppy 4.13.1

uppy@4.13.1

Published on 22 Jan 2025

Uppy 4.13.0

uppy@4.13.0

Published on 15 Jan 2025

Uppy 4.12.2

uppy@4.12.2

Published on 09 Jan 2025

Uppy 4.12.1

uppy@4.12.1

Published on 08 Jan 2025

Uppy 4.12.0

uppy@4.12.0

Published on 08 Jan 2025

View all 132 releases

Contributors

431

View all 431 contributors

Languages

TypeScript

JavaScript

SCSS

Svelte

HTML

Shell

Makefile

Dockerfile

Vue

TypeScript (71.88%)

JavaScript (22.25%)

SCSS (4.86%)

Svelte (0.28%)

HTML (0.25%)

Shell (0.25%)

Makefile (0.14%)

Dockerfile (0.05%)

Vue (0.02%)

Developer

transloadit

Download Statistics

Total Downloads

111

Last Day

Last Week

Last Month

Last Year

111

GitHub Statistics

29,439 Stars

10,121 Commits

2,025 Forks

325 Watching

71 Branches

431 Contributors

Maintainers

Package Meta Information

Latest Version

3.3.3

Package Id

@astowny/uppy-status-bar@3.3.3

Unpacked Size

141.99 kB

Size

36.27 kB

File Count

NPM Version

10.8.2

Node Version

21.7.3

Publised On

15 Sept 2024

Total Downloads

Cumulative downloads

Total Downloads

111

Last day

Compared to previous day

Last week

100%

Compared to previous week

Last month

75%

Compared to previous month

Last year

111

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@transloadit/prettier-bytes @uppy/utils classnames preact

Peer Dependencies

@uppy/core

Versions

@uppy/status-bar

The status-bar shows upload progress and speed, ETAs, pre- and post-processing information, and allows users to control (pause/resume/cancel) the upload. Best used together with a basic file source plugin, such as @uppy/file-input or @uppy/drag-drop, or a custom implementation. It’s also included in the @uppy/dashboard plugin.

Uppy is being developed by the folks at Transloadit, a versatile file encoding service.

Example

1import Uppy from '@uppy/core'
2import StatusBar from '@uppy/status-bar'
3
4const uppy = new Uppy()
5uppy.use(StatusBar, {
6  target: 'body',
7  hideUploadButton: false,
8  showProgressDetails: false,
9  hideAfterFinish: true,
10})

Installation

1$ npm install @uppy/status-bar

Alternatively, you can also use this plugin in a pre-built bundle from Transloadit’s CDN: Edgly. In that case Uppy will attach itself to the global window.Uppy object. See the main Uppy documentation for instructions.

Documentation

Documentation for this plugin can be found on the Uppy website.

License

The MIT License.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Security-Policy

Determines if the project has published a security policy.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

4

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

2

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 2

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundlers.yml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/bundlers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundlers.yml:226: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/bundlers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundlers.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/bundlers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundlers.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/bundlers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundlers.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/bundlers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundlers.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/bundlers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundlers.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/bundlers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundlers.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/bundlers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/bundlers.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/bundlers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/companion-deploy.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/companion-deploy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/companion-deploy.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/companion-deploy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/companion-deploy.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/companion-deploy.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/companion-deploy.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/companion-deploy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/companion-deploy.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/companion-deploy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/companion.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/companion.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/companion.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/companion.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/companion.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/companion.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/e2e.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:244: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:249: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:286: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linters.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/linters.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linters.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/linters.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linters.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/linters.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linters.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/linters.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lockfile_check.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/lockfile_check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lockfile_check.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/lockfile_check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lockfile_check.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/lockfile_check.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/manual-cdn.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/manual-cdn.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/manual-cdn.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/manual-cdn.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/manual-cdn.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/manual-cdn.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-candidate.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/release-candidate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-candidate.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/release-candidate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-candidate.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/release-candidate.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:143: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/transloadit/uppy/release.yml/main?enable=pin
Warn: containerImage not pinned by hash: Dockerfile:1
Warn: containerImage not pinned by hash: Dockerfile:20: pin your Docker image by updating node:18.17.1-alpine to node:18.17.1-alpine@sha256:3482a20c97e401b56ac50ba8920cc7b5b2022bfc6aa7d4e4c231755770cf892f
Warn: containerImage not pinned by hash: Dockerfile.test:1: pin your Docker image by updating node:18.17.1-alpine to node:18.17.1-alpine@sha256:3482a20c97e401b56ac50ba8920cc7b5b2022bfc6aa7d4e4c231755770cf892f
Warn: npmCommand not pinned by hash: Dockerfile.test:14
Warn: npmCommand not pinned by hash: .github/workflows/bundlers.yml:188
Warn: npmCommand not pinned by hash: .github/workflows/bundlers.yml:209
Warn: npmCommand not pinned by hash: .github/workflows/bundlers.yml:234
Warn: npmCommand not pinned by hash: .github/workflows/bundlers.yml:99
Warn: npmCommand not pinned by hash: .github/workflows/bundlers.yml:137
Warn: downloadThenRun not pinned by hash: .github/workflows/companion-deploy.yml:87
Warn: downloadThenRun not pinned by hash: .github/workflows/e2e.yml:138
Info: 0 out of 47 GitHub-owned GitHubAction dependencies pinned
Info: 10 out of 13 third-party GitHubAction dependencies pinned
Info: 0 out of 3 containerImage dependencies pinned
Info: 0 out of 6 npmCommand dependencies pinned
Info: 0 out of 2 downloadThenRun dependencies pinned

0

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

65 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: PYSEC-2018-66 / GHSA-562c-5r94-xh97
Warn: Project is vulnerable to: PYSEC-2019-179 / GHSA-5wv5-4vpf-pj6m
Warn: Project is vulnerable to: PYSEC-2023-62 / GHSA-m2qf-hxjv-5gpq
Warn: Project is vulnerable to: GHSA-84pr-m4jr-85g5
Warn: Project is vulnerable to: PYSEC-2024-71 / GHSA-hxwh-jpp2-84pm
Warn: Project is vulnerable to: PYSEC-2020-43 / GHSA-xc3p-ff3m-f46v
Warn: Project is vulnerable to: GHSA-2g68-c3qc-8985
Warn: Project is vulnerable to: PYSEC-2020-157 / GHSA-3p3h-qghp-hvh2
Warn: Project is vulnerable to: GHSA-f9vj-2wh5-fj8j
Warn: Project is vulnerable to: PYSEC-2019-140 / GHSA-gq9m-qvpx-68hc
Warn: Project is vulnerable to: PYSEC-2017-43 / GHSA-h2fp-xgx6-xh6f
Warn: Project is vulnerable to: PYSEC-2023-221 / GHSA-hrfv-mqp8-q5rw
Warn: Project is vulnerable to: GHSA-j544-7q9p-6xp8
Warn: Project is vulnerable to: PYSEC-2023-57 / GHSA-px8h-6qxv-m22q
Warn: Project is vulnerable to: GHSA-q34m-jh98-gwm2
Warn: Project is vulnerable to: PYSEC-2023-58 / GHSA-xg9f-g7g7-2323
Warn: Project is vulnerable to: PYSEC-2022-203
Warn: Project is vulnerable to: GHSA-mm7r-265w-jv6f
Warn: Project is vulnerable to: GHSA-9m4x-8w29-r78g
Warn: Project is vulnerable to: GHSA-q24h-5rq3-63j9
Warn: Project is vulnerable to: GHSA-r5fx-8r73-v86c
Warn: Project is vulnerable to: GHSA-28hp-fgcr-2r4h
Warn: Project is vulnerable to: GHSA-89mq-4x47-5v83
Warn: Project is vulnerable to: GHSA-5cp4-xmrw-59wf
Warn: Project is vulnerable to: GHSA-mhp6-pxh8-r675
Warn: Project is vulnerable to: GHSA-2qqx-w9hr-q5gx
Warn: Project is vulnerable to: GHSA-2vrf-hf26-jrp5
Warn: Project is vulnerable to: GHSA-mqm9-c95h-x2p6
Warn: Project is vulnerable to: GHSA-prc3-vjfx-vhm9
Warn: Project is vulnerable to: GHSA-qwqh-hm9m-p5hr
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-wm7h-9275-46v2
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-mph8-6787-r8hw
Warn: Project is vulnerable to: GHSA-7mhc-prgv-r3q4
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
Warn: Project is vulnerable to: GHSA-3g92-w8c5-73pq
Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975
Warn: Project is vulnerable to: GHSA-x8rq-rc7x-5fg5
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc

Score

4.1

/10

Last Scanned on 2025-01-27

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More