Gathering detailed insights and metrics for @bbc/moment-timezone-include
Gathering detailed insights and metrics for @bbc/moment-timezone-include
React component library for BBC World Service and more
Installations
npm install @bbc/moment-timezone-includeDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
12.21.0
NPM Version
6.14.11
Releases
Unable to fetch releases
Languages
3
JavaScript
Shell
CSS
JavaScript (99.88%)
Shell (0.11%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
NOASSERTION License
320 Stars
16,211 Commits
53 Forks
27 Watchers
37 Branches
77 Contributors
Updated on Jun 07, 2025
Maintainers
39
Package Meta Information
Latest Version
1.1.8
Package Id
@bbc/moment-timezone-include@1.1.8
Unpacked Size
23.42 kB
Size
5.14 kB
File Count
23
NPM Version
6.14.11
Node Version
12.21.0
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
4
Peer Dependencies
1
Dev Dependencies
1
@bbc/moment-timezone-include - 
This package allows you to exclude all moment timezones from being included, while including specific ones in the chunks you desire.
Installation
1npm install @bbc/moment-timezone-include --save
Usage - Exclude default timezones
1plugins: [new MomentTimezoneInclude({ startYear: 1990, endYear: 2025 })],
This does two things. Firstly it removes all timezones from the moment-timezone package so that they can be included individually. It also specifies the date range of the specifically included timezone data. If startYear isn't provided it defaults to the earliest available data and likewise if endYear isn't included it includes all known future data.
Usage - Include specific timezones
1import '@bbc/moment-timezone-include/tz/America/New_York'
This makes the specified timezone available to moment. It supports all moment timezones by replacing America/New_York in the example above with any moment timezone. The full list of timezones can be found here.
Contributing
Psammead is completely open source. We are grateful for any contributions, whether they be new components, bug fixes or general improvements. Please see our primary contributing guide which can be found at the root of the Psammead respository.
Code of Conduct
We welcome feedback and help on this work. By participating in this project, you agree to abide by the code of conduct. Please take a moment to read it.
License
Psammead is Apache 2.0 licensed.
No vulnerabilities found.
Reason
all changesets reviewed
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
dangerous workflow patterns detected
Details
- Warn: script injection with untrusted input ' github.head_ref ': .github/workflows/psammead-unit-tests.yml:40
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/cancel-previous-runs.yml:1
- Warn: no topLevel permission defined: .github/workflows/psammead-change-scanner.yml:1
- Warn: no topLevel permission defined: .github/workflows/psammead-chromaticqa.yml:1
- Warn: no topLevel permission defined: .github/workflows/psammead-publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/psammead-unit-tests.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/cancel-previous-runs.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/cancel-previous-runs.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/psammead-change-scanner.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/psammead-change-scanner.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/psammead-chromaticqa.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/psammead-chromaticqa.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/psammead-chromaticqa.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/psammead-chromaticqa.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/psammead-chromaticqa.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/psammead-chromaticqa.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/psammead-chromaticqa.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/psammead-chromaticqa.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/psammead-publish.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/psammead-publish.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/psammead-publish.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/psammead-publish.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/psammead-unit-tests.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/psammead-unit-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/psammead-unit-tests.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/BBC-archive/psammead/psammead-unit-tests.yml/latest?enable=pin
- Warn: downloadThenRun not pinned by hash: .github/workflows/psammead-unit-tests.yml:53
- Warn: downloadThenRun not pinned by hash: .github/workflows/psammead-unit-tests.yml:62
- Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 downloadThenRun dependencies pinned
Reason
75 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-p3vf-v8qc-cwcr
- Warn: Project is vulnerable to: GHSA-gx9m-whjm-85jf
- Warn: Project is vulnerable to: GHSA-mmhx-hmjr-r674
- Warn: Project is vulnerable to: GHSA-vhxf-7vqr-mrjg
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-8mmm-9v2q-x3f9
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-4wx3-54gh-9fr9
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
- Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
- Warn: Project is vulnerable to: GHSA-56x4-j7p9-fcf9
- Warn: Project is vulnerable to: GHSA-v78c-4p63-2j6c
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6
- Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
- Warn: Project is vulnerable to: GHSA-w5hq-hm5m-4548
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-4w2j-2rg4-5mjw
- Warn: Project is vulnerable to: GHSA-mrgp-mrhc-5jrq
- Warn: Project is vulnerable to: GHSA-7jxr-cg7f-gpgv
- Warn: Project is vulnerable to: GHSA-xj72-wvfv-8985
- Warn: Project is vulnerable to: GHSA-ch3r-j5x3-6q2m
- Warn: Project is vulnerable to: GHSA-p5gc-c584-jj6v
- Warn: Project is vulnerable to: GHSA-whpj-8f3w-67p5
- Warn: Project is vulnerable to: GHSA-cchq-frgv-rjh5
- Warn: Project is vulnerable to: GHSA-g644-9gfx-q4q4
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
3.1
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More