npmpackage.info

Gathering detailed insights and metrics for @dnd-kit/sortable

Gathering detailed insights and metrics for @dnd-kit/sortable

@dnd-kit/sortable - 10.0.0 | npmpackage.info

@dnd-kit/sortable

The modern, lightweight, performant, accessible and extensible drag & drop toolkit for React.

10.0.0

14,485

MIT

TypeScript

3.70 kB

162,173,422 3.4

Installations

npm install @dnd-kit/sortable

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

12.22.12

NPM Version

6.14.16

Score

94.3

Supply Chain

71.2

Quality

81.7

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

47

Total

356

Closed

70

Merged

239

Issues

Open

466

Total

983

Closed

517

Releases

185

@dnd-kit/abstract@0.1.2

@dnd-kit/abstract@0.1.2

Updated on Apr 23, 2025

@dnd-kit/state@0.1.2

@dnd-kit/state@0.1.2

Updated on Apr 23, 2025

@dnd-kit/react@0.1.2

@dnd-kit/react@0.1.2

Updated on Apr 23, 2025

@dnd-kit/geometry@0.1.2

@dnd-kit/geometry@0.1.2

Updated on Apr 23, 2025

@dnd-kit/dom@0.1.2

@dnd-kit/dom@0.1.2

Updated on Apr 23, 2025

@dnd-kit/helpers@0.1.2

@dnd-kit/helpers@0.1.2

Updated on Apr 23, 2025

View All 185 releases

Languages

4

TypeScript

CSS

JavaScript

HTML

TypeScript (92.59%)

CSS (6.73%)

JavaScript (0.49%)

HTML (0.19%)

Developer

Download Statistics

Total Downloads

162,173,422

Last Day

445,920

Last Week

2,595,672

Last Month

11,331,680

Last Year

96,123,657

GitHub Statistics

MIT License

14,485 Stars

477 Commits

719 Forks

41 Watchers

28 Branches

49 Contributors

Updated on Apr 26, 2025

Bundle Size

9.88 kB

Minified

3.70 kB

Minified + Gzipped

Bundlephobia

Maintainers

1

View All 49 Contributors

Package Meta Information

Latest Version

10.0.0

Package Id

@dnd-kit/sortable@10.0.0

Unpacked Size

228.54 kB

Size

56.74 kB

File Count

40

NPM Version

6.14.16

Node Version

12.22.12

Published on

Dec 04, 2024

Total Downloads

Cumulative downloads

Total Downloads

162,173,422

Last Day

40.4%

445,920

Compared to previous day

Last Week

-0.1%

2,595,672

Compared to previous week

Last Month

1%

11,331,680

Compared to previous month

Last Year

117.2%

96,123,657

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

2

@dnd-kit/utilities tslib

Peer Dependencies

2

react @dnd-kit/core

Dev Dependencies

1

@dnd-kit/sortable

The sortable preset provides the building blocks to build sortable interfaces with @dnd-kit.

Installation

To get started, install the sortable preset via npm or yarn:

npm install @dnd-kit/sortable

Architecture

The sortable preset builds on top of the primitives exposed by @dnd-kit/core to help building sortable interfaces.

The sortable preset exposes two main concepts: SortableContext and the useSortable hook:

The SortableContext provides information via context that is consumed by the useSortable hook.
The useSortable hook is an abstraction that composes the useDroppable and useDraggable hooks.

The useSortable hook is an abstraction that composes the useDroppable and useDraggable hooks

Usage

Visit docs.dndkit.com to learn how to use the Sortable preset.

Empty State

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

5

Maintained

Determines if the project is "actively maintained".

5

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromatic.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/chromatic.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromatic.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/chromatic.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/chromatic.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/chromatic.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/integration.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/integration.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/integration.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/integration.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/lint.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/lint.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/main.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/main.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-experimental.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/release-experimental.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-experimental.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/release-experimental.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/size.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/size.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/clauderic/dnd-kit/size.yml/master?enable=pin
Info: 0 out of 12 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 8 third-party GitHubAction dependencies pinned

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

91 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-7r3h-m5j6-3q42
Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-vfrc-7r7c-w9mx
Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-4wx3-54gh-9fr9
Warn: Project is vulnerable to: GHSA-xf5p-87ch-gxw2
Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-79jw-6wg7-r9g4
Warn: Project is vulnerable to: GHSA-r5cq-9537-9rpf
Warn: Project is vulnerable to: GHSA-84p7-fh9c-6g8h
Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
Warn: Project is vulnerable to: GHSA-4p35-cfcx-8653
Warn: Project is vulnerable to: GHSA-7f3x-x4pr-wqhj
Warn: Project is vulnerable to: GHSA-jpp7-7chh-cf67
Warn: Project is vulnerable to: GHSA-q6wq-5p59-983w
Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-wvhm-4hhf-97x9
Warn: Project is vulnerable to: GHSA-h4hr-7fg3-h35w
Warn: Project is vulnerable to: GHSA-gj77-59wh-66hg
Warn: Project is vulnerable to: GHSA-hqhp-5p83-hx96
Warn: Project is vulnerable to: GHSA-3949-f494-cm99
Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-w5hq-hm5m-4548
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

3.4

/10

Last Scanned on 2025-04-21

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.