npmpackage.info

Gathering detailed insights and metrics for @dynatrace/barista-components

Other packages similar to @dynatrace/barista-components

@dynatrace/barista-fonts

1.0.1

This package provides the required OpenSans fonts for the barista-components package

@dynatrace/barista-components

Barista - the Dynatrace design system. Tailored to scale.

16.0.4

144

Apache-2.0

TypeScript

182.00 B

126,877 3.8

Installations

npm install @dynatrace/barista-components

Developer Guide

BETA

Typescript

No

Module System

ESM

Node Version

16.20.2

NPM Version

8.19.4 Pull Requests

Open

10

Total

2,181

Closed

487

Merged

1,684

Issues

Open

2

Total

648

Closed

646

Releases

130

16.0.4

Published on 26 Feb 2024

16.0.3

Published on 31 Jan 2024

16.0.2

Published on 22 Jan 2024

16.0.0

Published on 12 Sept 2023

15.0.0

Published on 11 Sept 2023

14.0.0

Published on 28 Aug 2023

View all 130 releases

Contributors

Unable to fetch Contributors

View all 95 contributors

Languages

TypeScript

HTML

SCSS

JavaScript

Dockerfile

Shell

Handlebars

TypeScript (87.01%)

HTML (8.51%)

SCSS (4.22%)

JavaScript (0.15%)

Dockerfile (0.08%)

Shell (0.02%)

Handlebars (0.01%)

Developer

dynatrace-oss

Download Statistics

Total Downloads

126,877

Last Day

Last Week

122

Last Month

262

Last Year

6,586

GitHub Statistics

144 Stars

4,767 Commits

78 Forks

14 Watching

48 Branches

95 Contributors

Bundle Size

211.00 B

Minified

182.00 B

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

16.0.4

Package Id

@dynatrace/barista-components@16.0.4

Unpacked Size

13.11 MB

Size

2.97 MB

File Count

1,308

NPM Version

8.19.4

Node Version

16.20.2

Publised On

26 Feb 2024

Total Downloads

Cumulative downloads

Total Downloads

126,877

Last day

150%

Compared to previous day

Last week

221.1%

122

Compared to previous week

Last month

-25.1%

262

Compared to previous month

Last year

-85.8%

6,586

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

tslib

Peer Dependencies

@angular/cdk @angular/core @angular/common @angular/animations @angular/forms @dynatrace/barista-icons @dynatrace/barista-fonts d3-scale d3-shape highcharts lodash-es dompurify

Versions

ERROR: No README data found!

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Security-Policy

Determines if the project has published a security policy.

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

2

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 2

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/barista-preview.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/barista-preview.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/barista-preview.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/barista-preview.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/barista-preview.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/barista-preview.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/barista-preview.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/barista-preview.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/barista-preview.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/barista-preview.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cherry-picker.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/cherry-picker.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request-labeler.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/pull-request-labeler.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/slack-barista-production-promotion.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/slack-barista-production-promotion.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/slack-release-notifier.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/slack-release-notifier.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/dynatrace-oss/barista/stale.yml/master?enable=pin
Warn: containerImage not pinned by hash: .deployment/barista/internal/Dockerfile:1: pin your Docker image by updating nginx:alpine to nginx:alpine@sha256:814a8e88df978ade80e584cc5b333144b9372a8e3c98872d07137dbf3b44d0e4
Warn: containerImage not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:6
Warn: containerImage not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:34
Warn: containerImage not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:46
Warn: containerImage not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:73
Warn: containerImage not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:80
Warn: containerImage not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:92
Warn: containerImage not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:117
Warn: containerImage not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:126
Warn: containerImage not pinned by hash: libs/tools/barista/Dockerfile:1: pin your Docker image by updating node:12-alpine to node:12-alpine@sha256:d4b15b3d48f42059a15bd659be60afe21762aae9d6cbea6f124440895c27db68
Warn: containerImage not pinned by hash: tools/cherry-picker/Dockerfile:1: pin your Docker image by updating node:12-alpine to node:12-alpine@sha256:d4b15b3d48f42059a15bd659be60afe21762aae9d6cbea6f124440895c27db68
Warn: containerImage not pinned by hash: tools/pull-request-labeler/Dockerfile:1: pin your Docker image by updating node:12-alpine to node:12-alpine@sha256:d4b15b3d48f42059a15bd659be60afe21762aae9d6cbea6f124440895c27db68
Warn: containerImage not pinned by hash: tools/slack-release-notifier/Dockerfile:1: pin your Docker image by updating node:12-alpine to node:12-alpine@sha256:d4b15b3d48f42059a15bd659be60afe21762aae9d6cbea6f124440895c27db68
Warn: npmCommand not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:87
Warn: npmCommand not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:102-109
Warn: npmCommand not pinned by hash: .deployment/k8s-barista-builder/Dockerfile:119
Warn: npmCommand not pinned by hash: libs/tools/barista/Dockerfile:4
Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 3 third-party GitHubAction dependencies pinned
Info: 6 out of 10 npmCommand dependencies pinned
Info: 0 out of 13 containerImage dependencies pinned

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

66 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-prr3-c3m5-p7q2
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-36jr-mh4h-2g58
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
Warn: Project is vulnerable to: GHSA-gr4j-r575-g665
Warn: Project is vulnerable to: GHSA-8j65-4pcq-xq95
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-xvf7-4v9q-58w6
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-x565-32qp-m3vf
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-7mwh-4pqv-wmr8
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
Warn: Project is vulnerable to: GHSA-92r3-m2mg-pj97
Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Warn: Project is vulnerable to: GHSA-7r3h-m5j6-3q42
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-qgmg-gppg-76g5
Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf

Score

3.8

/10

Last Scanned on 2025-01-27

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More