A powerful JavaScript library for interacting with the Discord API
Installations
npm install @discordjs/collectionReleases
248
Developer
Developer Guide
BETA
Module System
CommonJS, ESM
Min. Node Version
>=18
Typescript Support
Yes
Node Version
20.17.0
NPM Version
10.8.2
Statistics
25,461 Stars
8,206 Commits
3,969 Forks
430 Watching
17 Branches
494 Contributors
Updated on 27 Nov 2024
Languages
TypeScript (62.36%)
JavaScript (34.4%)
MDX (3.1%)
Handlebars (0.08%)
CSS (0.05%)
Dockerfile (0.02%)
Lua (0.01%)
Total Downloads
Cumulative downloads
Total Downloads
70,827,592
Last day
9.6%
82,469
Compared to previous day
Last week
6.9%
514,404
Compared to previous week
Last month
12.4%
2,155,956
Compared to previous month
Last year
8.5%
20,175,511
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
About
This repository contains multiple packages with separate releases. You can find the assembled Discord API wrapper at discord.js. It is a powerful Node.js module that allows you to easily interact with the Discord API.
Packages
discord.js(source) - A powerful Node.js module for interacting with the Discord API@discordjs/brokers(source) - A collection of brokers for use with discord.js@discordjs/builders(source) - A utility package for easily building Discord API payloads@discordjs/collection(source) - A powerful utility data structure@discordjs/core(source) - A thinly abstracted wrapper around the core components of the Discord API@discordjs/formatters(source) - A collection of functions for formatting strings@discordjs/proxy(source) - A wrapper around@discordjs/restfor running an HTTP proxy@discordjs/rest(source) - A module for interacting with the Discord REST API@discordjs/voice(source) - A module for interacting with the Discord Voice API@discordjs/util(source) - A collection of utility functions@discordjs/ws(source) - A wrapper around Discord's gateway
Links
- Website (source)
- Documentation
- Guide (source) Also see the v13 to v14 Update Guide, which includes updated and removed items from the library.
- discord.js Discord server
- Discord API Discord server
- GitHub
- npm
- Related libraries
Extensions
Contributing
Please read through our contribution guidelines before starting a pull request. We welcome contributions of all kinds, not just code! If you're stuck for ideas, look for the good first issue label on issues in the repository. If you have any questions about the project, feel free to ask them on Discord. Before creating your own issue or pull request, always check to see if one already exists! Don't rush contributions, take your time and ensure you're doing it correctly.
Help
If you don't understand something in the documentation, you are experiencing problems, or you just need a gentle nudge in the right direction, please join our Discord server.
No vulnerabilities found.
Reason
all changesets reviewed
Reason
30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
no binaries found in the repo
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish-dev-docker.yml:7
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/cleanup-cache.yml:1
- Warn: no topLevel permission defined: .github/workflows/deploy-website.yml:1
- Warn: no topLevel permission defined: .github/workflows/deprecate-version.yml:1
- Warn: no topLevel permission defined: .github/workflows/documentation.yml:1
- Warn: no topLevel permission defined: .github/workflows/issue-triage.yml:1
- Warn: no topLevel permission defined: .github/workflows/label-sync.yml:1
- Warn: no topLevel permission defined: .github/workflows/lock.yml:1
- Warn: no topLevel permission defined: .github/workflows/pr-triage.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-dev-docker.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-dev.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-docker.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests.yml:1
- Info: no jobLevel write permissions found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cleanup-cache.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/cleanup-cache.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-website.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/deploy-website.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-website.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/deploy-website.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deprecate-version.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/deprecate-version.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deprecate-version.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/deprecate-version.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/documentation.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/documentation.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/documentation.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/documentation.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation.yml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/documentation.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/documentation.yml:217: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/documentation.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/issue-triage.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label-sync.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/label-sync.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/label-sync.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/label-sync.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/lock.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-triage.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/pr-triage.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-dev-docker.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-dev-docker.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-dev-docker.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-dev-docker.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-dev-docker.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-dev-docker.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-dev.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-dev.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-dev.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-dev.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docker.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-docker.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-docker.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-docker.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-docker.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-docker.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/publish-release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/discordjs/discord.js/tests.yml/main?enable=pin
- Warn: containerImage not pinned by hash: packages/proxy-container/Dockerfile:1
- Warn: containerImage not pinned by hash: packages/proxy-container/Dockerfile:15
- Warn: containerImage not pinned by hash: packages/proxy-container/Dockerfile:20
- Warn: containerImage not pinned by hash: packages/proxy-container/Dockerfile:24
- Info: 0 out of 24 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 4 third-party GitHubAction dependencies pinned
- Info: 0 out of 4 containerImage dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
17 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-43wq-xrcm-3vgr
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-96g7-g7g9-jxw8
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-g77x-44xx-532m
- Warn: Project is vulnerable to: GHSA-gp8f-8m3g-qvj9
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-pqhp-25j4-6hq9
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
Score
5.2
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More