Gathering detailed insights and metrics for @elastic/javascript-typescript-langserver
Installations
npm install @elastic/javascript-typescript-langserverDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>=6.0.0
Score
60.9
Supply Chain
95.7
Quality
80.6
Maintenance
50
Vulnerability
84.4
License
Releases
Unable to fetch releases
Contributors
2,034
Unable to fetch Contributors
Languages
4
TypeScript
JavaScript
Shell
Dockerfile
TypeScript (99.48%)
JavaScript (0.33%)
Shell (0.15%)
Dockerfile (0.04%)
Developer
elastic
Download Statistics
Total Downloads
145,694
Last Day
6
Last Week
52
Last Month
133
Last Year
2,319
GitHub Statistics
1 Stars
792 Commits
2 Forks
3 Watching
43 Branches
2,034 Contributors
Maintainers
62
Package Meta Information
Latest Version
0.3.3
Package Id
@elastic/javascript-typescript-langserver@0.3.3
Unpacked Size
798.54 kB
Size
138.02 kB
File Count
113
Total Downloads
Cumulative downloads
Total Downloads
145,694
Last day
0%
6
Compared to previous day
Last week
100%
52
Compared to previous week
Last month
26.7%
133
Compared to previous month
Last year
-49.2%
2,319
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
21
Dev Dependencies
28
@commitlint/cli@commitlint/config-conventional@sourcegraph/prettierrc@sourcegraph/tsconfig@sourcegraph/tslint-config@types/chai@types/chai-as-promised@types/glob@types/lodash@types/mocha@types/mz@types/node@types/object-hash@types/rimraf@types/sinon@types/tempcz-conventional-changeloghuskymochanycprettierrimrafsemantic-releasesinonsource-map-supporttemptslinttslint-language-service
Versions
Notice
This is a fork of: https://github.com/sourcegraph/javascript-typescript-langserver
The goal of this fork is:
- Simplify file system model (only use local file system)
- Largely Reduce memory footprint
- Replace Observable with promise
- Add APIs that specific for Elastic Code
Non goal
- Make it a full featured langserver that do best for all LSP calls, specifically, it will optimize for readonly use cases
Q: Why not https://github.com/theia-ide/typescript-language-server? A: the fact it calls tsserver bring a lot of overhead, making the indexing speed very slow. However, we are going to brow code from them
JavaScript/TypeScript language server
This is a language server for JavaScript and TypeScript that adheres to the Language Server Protocol (LSP). It uses TypeScript's LanguageService to perform source code analysis.
Try it out
- On sourcegraph.com
- In Visual Studio Code (as an alternative to the built-in TypeScript integration)
- In Eclipse Che
- In NeoVim
- In Sublime Text
Features
- Hovers
- Goto definition
- Goto type definition
- Find all references
- Document symbols
- Workspace symbol search
- Rename
- Completion
- Signature help
- Diagnostics
- Quick fixes
Run it from source
1# install dependencies 2npm install 3 4# compile 5npm run build 6# or compile on file changes 7npm run watch 8 9# run over STDIO 10node lib/language-server-stdio 11# or run over TCP 12node lib/language-server 13 14# run tests 15npm test
Options
Usage: language-server [options]
Options:
-h, --help output usage information
-V, --version output the version number
-s, --strict enabled strict mode
-p, --port [port] specifies LSP port to use (2089)
-c, --cluster [num] number of concurrent cluster workers (defaults to number of CPUs, 8)
-t, --trace print all requests and responses
-l, --logfile [file] log to this file
-j, --enable-jaeger enable OpenTracing through Jaeger
Extensions
This language server implements some LSP extensions, prefixed with an x.
- Files extension Allows the server to request file contents without accessing the file system
- SymbolDescriptor extension Get a SymbolDescriptor for a symbol, search the workspace for symbols or references to it
- Streaming Supports streaming partial results for all endpoints through JSON Patches
- Packages extension Methods to get information about dependencies
- TCP / multiple client support
When running over TCP, the
exitnotification will not kill the process, but close the TCP socket
Versioning
This project follows semver for command line arguments and standard LSP methods. Any change to command line arguments, Node version or protocol breaking changes will result in a major version increase.
Debugging Performance with OpenTracing
The language server is fully traced through OpenTracing, which allows to debug what exact operations caused method calls to take long.
You can pass a span context through an optional meta field on the JSON RPC message object.
For local development, there is built-in support for the open source OpenTracing implementation Jaeger, which can be set up to run on localhost with just one command (you need Docker installed):
docker run -d -p5775:5775/udp -p6831:6831/udp -p6832:6832/udp \
-p5778:5778 -p16686:16686 -p14268:14268 jaegertracing/all-in-one:latest
After that, run the language server with the --enable-jaeger command line flag and do some requests from your client.
Open http://localhost:16686 in your browser and you will see method calls broken down into spans.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/elastic/.github/SECURITY.md:1
- Info: Found linked content: github.com/elastic/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/elastic/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/elastic/.github/SECURITY.md:1
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'master'
- Info: 'force pushes' disabled on branch 'master'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'master'
- Warn: 'stale review dismissal' is disabled on branch 'master'
- Warn: required approving review count is 1 on branch 'master'
- Warn: codeowners review is not required on branch 'master'
- Warn: 'last push approval' is disabled on branch 'master'
- Warn: no status checks found to merge onto branch 'master'
- Info: PRs are required in order to make changes on branch 'master'
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: containerImage not pinned by hash: test/Dockerfile:2
- Info: 0 out of 1 containerImage dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 2 are checked with a SAST tool
Reason
78 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-2mj8-pj3j-h362
- Warn: Project is vulnerable to: GHSA-gqf6-75v8-vr26
- Warn: Project is vulnerable to: GHSA-v45m-2wcp-gg98
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-8gh8-hqwg-xf34
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
- Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
- Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
- Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-pc5p-h8pf-mvwp
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-4xcv-9jjx-gfj3
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
- Warn: Project is vulnerable to: GHSA-m6cx-g6qm-p2cx
- Warn: Project is vulnerable to: GHSA-x8qc-rrcw-4r46
- Warn: Project is vulnerable to: GHSA-4328-8hgf-7wjr
- Warn: Project is vulnerable to: GHSA-93f3-23rq-pjfp
- Warn: Project is vulnerable to: GHSA-jmqm-f2gx-4fjv
- Warn: Project is vulnerable to: GHSA-pw54-mh39-w3hc
- Warn: Project is vulnerable to: GHSA-xgh6-85xh-479p
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-r2j6-p67h-q639
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
- Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-29xr-v42j-r956
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
- Warn: Project is vulnerable to: GHSA-hjxc-462x-x77j
- Warn: Project is vulnerable to: GHSA-5xf4-f2fq-f69j
- Warn: Project is vulnerable to: GHSA-8mfc-v7wv-p62g
- Warn: Project is vulnerable to: GHSA-mpwj-fcr6-x34c
Score
3
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More