Gathering detailed insights and metrics for @cerebral/mobx-state-tree
Installations
npm install @cerebral/mobx-state-treeDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
8.11.1
NPM Version
5.6.0
Releases
122
Release v2025-02-27_0058
v2025-02-27_0058
Updated on Feb 27, 2025
release_2020-03-21_1721
release_2020-03-21_1721
Updated on Mar 21, 2020
release_2019-10-10_1642
release_2019-10-10_1642
Updated on Oct 10, 2019
release_2019-05-18_1030
release_2019-05-18_1030
Updated on May 18, 2019
release_2019-02-24_1519
release_2019-02-24_1519
Updated on Feb 24, 2019
release_2019-02-24_1445
release_2019-02-24_1445
Updated on Feb 24, 2019
Contributors
78
Unable to fetch Contributors
Languages
4
JavaScript
CSS
HTML
Shell
JavaScript (73.08%)
CSS (24.6%)
HTML (2.03%)
Shell (0.29%)
validate.email 🚀
Verify real, reachable, and deliverable emails with instant MX records, SMTP checks, and disposable email detection.
Developer
Download Statistics
Total Downloads
141,749
Last Day
6
Last Week
25
Last Month
278
Last Year
3,281
GitHub Statistics
MIT License
1,995 Stars
2,251 Commits
125 Forks
44 Watchers
18 Branches
78 Contributors
Updated on Mar 03, 2025
Bundle Size
5.61 kB
Minified
1.73 kB
Minified + Gzipped
Maintainers
5
Package Meta Information
Latest Version
3.2.2
Package Id
@cerebral/mobx-state-tree@3.2.2
Unpacked Size
27.82 kB
Size
8.05 kB
File Count
7
NPM Version
5.6.0
Node Version
8.11.1
Total Downloads
Cumulative downloads
Total Downloads
141,749
Last Day
100%
6
Compared to previous day
Last Week
316.7%
25
Compared to previous week
Last Month
1.8%
278
Compared to previous month
Last Year
-62.5%
3,281
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
3
Dev Dependencies
1
Cerebral
A declarative state and side effects management solution for popular JavaScript frameworks
Maintainer needed
https://gist.github.com/christianalfoni/f1c4bfe320dcb24c403635d9bca3fa40
Documentation
Contribute
The entire Cerebral codebase has been rewritten to encourage contributions. The code is cleaned up, commented and all code is in a "monorepo". That means you can run tests across projects and general management of the code is simplified a lot.
- Clone the monorepo:
git clone https://github.com/cerebral/cerebral.git - In root:
npm install
The packages are located under packages folder and there is no need to run npm install for each package.
Using monorepo for your own apps
If you want to use Cerebral 2 directly from your cloned repo, you can create a symlinks for following
directories into the node_modules directory of your app:
packages/node_modules/cerebralpackages/node_modules/function-treepackages/node_modules/@cerebral
If your app and the cerebral monorepo are in the same folder you can do from inside your app directory:
1$ ln -s ../../cerebral/packages/node_modules/cerebral/ node_modules/ 2# ...
Just remember to unlink the package before installing it from npm:
1$ unlink node_modules/cerebral 2# ...
Running demos
Go to the respective packages/demos/some-demo-folder and run npm start
Testing
You can run all tests in all packages from root:
npm test
Or you can run tests for specific packages by going to package root and do the same:
npm test
Changing the code
When you make a code change you should create a branch first. When the code is changed and backed up by a test you can commit it from the root using:
npm run commit
This will give you a guide to creating a commit message. Then you just push and create a pull request as normal on Github.
Release process
- Review and merge PRs into
nextbranch. It is safe to use "Update branch", the commit created by Github will not be part ofnexthistory - If changes to
repo-cooker, clean Travis NPM cache - From command line:
1git switch next 2git pull 3npm install # make sure any new dependencies are installed 4npm run release # and check release notes 5git switch master 6git pull 7git merge --ff-only next 8git push
No vulnerabilities found.
Reason
30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/release.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/release.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/release.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/release.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/test.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/test.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/website.yml/next?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/website.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/website.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/website.yml/next?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/website.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/cerebral/cerebral/website.yml/next?enable=pin
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 4 third-party GitHubAction dependencies pinned
- Info: 3 out of 3 npmCommand dependencies pinned
Reason
8 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-c75v-2vq8-878f
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-xf5p-87ch-gxw2
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
- Warn: Project is vulnerable to: GHSA-5j4c-8p2g-v4jx
Reason
dangerous workflow patterns detected
Details
- Warn: untrusted code checkout '${{ github.event.workflow_run.head_branch }}': .github/workflows/release.yml:16
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Warn: no topLevel permission defined: .github/workflows/website.yml:1
- Info: no jobLevel write permissions found
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
2.9
/10
Last Scanned on 2025-03-10
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More