Build cross-platform Native Progressive Web Apps for iOS, Android, and the Web ⚡️
Installations
npm install @capacitor/coreDeveloper
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
18.20.4
NPM Version
10.7.0
Statistics
12,309 Stars
4,371 Commits
1,010 Forks
167 Watching
46 Branches
288 Contributors
Updated on 29 Nov 2024
Languages
TypeScript (30.2%)
Java (29.38%)
Swift (23.22%)
JavaScript (8.26%)
Objective-C (8.05%)
Shell (0.35%)
C (0.27%)
Ruby (0.27%)
Total Downloads
Cumulative downloads
Total Downloads
58,303,683
Last day
-5.8%
71,150
Compared to previous day
Last week
4.5%
389,072
Compared to previous week
Last month
3.4%
1,650,833
Compared to previous month
Last year
5%
18,641,869
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Capacitor lets you run web apps natively on iOS, Android, Web, and more with a single codebase and cross-platform APIs.
Capacitor provides a cross-platform API and code execution layer that makes it easy to call Native SDKs from web code and to write custom native plugins that your app may need. Additionally, Capacitor provides first-class Progressive Web App support so you can write one app and deploy it to the app stores and the mobile web.
Capacitor comes with a Plugin API for building native plugins. Plugins can be written inside Capacitor apps or packaged into an npm dependency for community use. Plugin authors are encouraged to use Swift to develop plugins in iOS and Kotlin (or Java) in Android.
Getting Started
Capacitor was designed to drop-in to any existing modern web app. Run the following commands to initialize Capacitor in your app:
npm install @capacitor/core @capacitor/cli
npx cap init
Next, install any of the desired native platforms:
npm install @capacitor/android
npx cap add android
npm install @capacitor/ios
npx cap add ios
New App?
For new apps, we recommend trying the Ionic Framework with Capacitor.
To begin, install the Ionic CLI (npm install -g @ionic/cli) and start a new app:
ionic start --capacitor
FAQ
What are the differences between Capacitor and Cordova?
In spirit, Capacitor and Cordova are very similar. Capacitor offers backward compatibility with a vast majority of Cordova plugins.
Capacitor and Cordova differ in that Capacitor:
- takes a more modern approach to tooling and plugin development
- treats native projects as source artifacts as opposed to build artifacts
- is maintained by the Ionic Team 💙😊
See the docs for more details.
Do I need to use Ionic Framework with Capacitor?
No, you do not need to use Ionic Framework with Capacitor. Without the Ionic Framework, you may need to implement Native UI yourself. Without the Ionic CLI, you may need to configure tooling yourself to enable features such as livereload. See the docs for more details.
Contributing
See CONTRIBUTING.md.
Contributors
Made possible by the Capacitor community. 💖
No vulnerabilities found.
Reason
30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 existing vulnerabilities detected
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/ionic-team/.github/SECURITY.md:1
- Info: Found linked content: github.com/ionic-team/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/ionic-team/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/ionic-team/.github/SECURITY.md:1
Reason
Found 24/30 approved changesets -- score normalized to 8
Reason
binaries present in source code
Details
- Warn: binary detected: android-template/gradle/wrapper/gradle-wrapper.jar:1
- Warn: binary detected: android/gradle/wrapper/gradle-wrapper.jar:1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish-android.yml:27
- Warn: jobLevel 'packages' permission set to 'write': .github/workflows/publish-android.yml:28
- Warn: no topLevel permission defined: .github/workflows/capacitor-bot.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/needs-reply.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-android.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-ios.yml:1
- Warn: topLevel 'packages' permission set to 'write': .github/workflows/publish-latest.yml:8
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/publish-latest.yml:6
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/publish-npm-alpha.yml:6
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/publish-npm-beta.yml:6
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/publish-npm-dev.yml:6
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/publish-npm-latest-from-pre.yml:13
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/publish-npm-latest.yml:13
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/publish-npm-nightly.yml:8
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/publish-npm-rc.yml:6
- Warn: no topLevel permission defined: .github/workflows/publish-spm-release.yaml:1
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/capacitor-bot.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/capacitor-bot.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/capacitor-bot.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/capacitor-bot.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:124: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/needs-reply.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/needs-reply.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-android.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-android.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-ios.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-ios.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-alpha.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-alpha.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-alpha.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-alpha.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-beta.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-beta.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-beta.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-beta.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-dev.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-dev.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-dev.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-dev.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-latest-from-pre.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-latest-from-pre.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-latest-from-pre.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-latest-from-pre.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-latest.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-latest.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-latest.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-latest.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-nightly.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-nightly.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-nightly.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-nightly.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-rc.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-rc.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm-rc.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/ionic-team/capacitor/publish-npm-rc.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:47
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:66
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:87
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:113
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:139
- Warn: npmCommand not pinned by hash: .github/workflows/publish-npm-alpha.yml:25
- Warn: npmCommand not pinned by hash: .github/workflows/publish-npm-beta.yml:25
- Warn: npmCommand not pinned by hash: .github/workflows/publish-npm-dev.yml:26
- Warn: npmCommand not pinned by hash: .github/workflows/publish-npm-latest-from-pre.yml:33
- Warn: npmCommand not pinned by hash: .github/workflows/publish-npm-latest.yml:33
- Warn: npmCommand not pinned by hash: .github/workflows/publish-npm-nightly.yml:28
- Warn: npmCommand not pinned by hash: .github/workflows/publish-npm-rc.yml:25
- Info: 0 out of 38 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 0 out of 12 npmCommand dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 28 are checked with a SAST tool
Score
6.1
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More