Gathering detailed insights and metrics for @esfx/async-semaphore
Installations
npm install @esfx/async-semaphoreDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS, ESM
Node Version
16.17.1
NPM Version
lerna/3.22.1/node@v16.17.1+x64 (linux)
Score
71
Supply Chain
81.3
Quality
76.2
Maintenance
100
Vulnerability
86.9
License
Releases
31
v1.1.0-alpha.202307260322
v1.1.0-alpha.202307260322
Published on 26 Jul 2023
v1.1.0-alpha.202306080253
v1.1.0-alpha.202306080253
Published on 08 Jun 2023
v1.1.0-alpha.202306061406
v1.1.0-alpha.202306061406
Published on 06 Jun 2023
v1.1.0-alpha.202306061316
v1.1.0-alpha.202306061316
Published on 06 Jun 2023
v1.1.0-alpha.202306051228
v1.1.0-alpha.202306051228
Published on 05 Jun 2023
v1.1.0-alpha.202305082104
v1.1.0-alpha.202305082104
Published on 08 May 2023
Contributors
2
Unable to fetch Contributors
Languages
8
TypeScript
JavaScript
WebAssembly
Perl
Raku
C++
CSS
Python
TypeScript (77.02%)
JavaScript (21.85%)
WebAssembly (0.62%)
Perl (0.19%)
Raku (0.11%)
C++ (0.11%)
CSS (0.07%)
Python (0.03%)
Developer
Download Statistics
Total Downloads
100,798
Last Day
11
Last Week
31
Last Month
290
Last Year
28,207
GitHub Statistics
220 Stars
270 Commits
5 Forks
6 Watching
14 Branches
2 Contributors
Maintainers
1
Package Meta Information
Latest Version
1.0.0
Package Id
@esfx/async-semaphore@1.0.0
Unpacked Size
38.63 kB
Size
8.88 kB
File Count
9
NPM Version
lerna/3.22.1/node@v16.17.1+x64 (linux)
Node Version
16.17.1
Total Downloads
Cumulative downloads
Total Downloads
100,798
Last day
-8.3%
11
Compared to previous day
Last week
-69%
31
Compared to previous week
Last month
-2.7%
290
Compared to previous month
Last year
25%
28,207
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Dev Dependencies
1
Versions
@esfx
The @esfx suite of packages is designed to provide low-level interoperability between 3rd-party packages for a number of common operations.
Packages
The main packages in the @esfx suite include:
@esfx/async- Provides a number of asynchronous coordination primitives from the following packages:@esfx/async-autoresetevent@esfx/async-barrier@esfx/async-canceltoken@esfx/async-conditionvariable@esfx/async-countdown@esfx/async-deferred@esfx/async-delay@esfx/async-lazy@esfx/async-lockable@esfx/async-manualresetevent@esfx/async-mutex@esfx/async-queue@esfx/async-readerwriterlock@esfx/async-semaphore@esfx/async-stack@esfx/async-waitqueue
@esfx/cancelable- A low-level Symbol-based API for defining a common cancellation protocol.@esfx/collection-core- A low-level Symbol-based API for defining common collection behaviors.@esfx/collections- A common collections API composed of the following packages:@esfx/disposable- A low-level Symbol-based API for defining explicit resource management.@esfx/equatable- A low-level Symbol-based API for defining equality.@esfx/events- A low-level API for defining events.@esfx/indexed-object- A base class for custom integer-indexed objects.@esfx/lazy- Provides a class to simplify lazy-initialization logic.@esfx/metadata- An API for defining metadata about an object.@esfx/ref- A low-level API for defining forward references.@esfx/threading- Thread synchronization primitives for use with Workers:@esfx/type-model- A number of useful types for TypeScript.
Shims
Shim packages augment built-in objects with functionality from the main packages.
@esfx/cancelable-dom-shim@esfx/collection-core-shim@esfx/collection-core-dom-shim@esfx/equatable-shim@esfx/metadata-shim@esfx/reflect-metadata-compat
Adapters
Adapter packages provide functionality to simplify interoperability scenarios with different platforms:
Documentation
You can read more about the API here.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
no binaries found in the repo
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:181: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:234: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:250: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:278: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:301: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:167: update your workflow using https://app.stepsecurity.io/secureworkflow/esfx/esfx/publish.yml/main?enable=pin
- Info: 0 out of 22 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 3 are checked with a SAST tool
Reason
28 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-897m-rjf5-jp39
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-3f95-r44v-8mrg
- Warn: Project is vulnerable to: GHSA-28xr-mwxg-3qc8
- Warn: Project is vulnerable to: GHSA-9p95-fxvg-qgq2
- Warn: Project is vulnerable to: GHSA-9w5j-4mwv-2wj8
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Score
2.5
/10
Last Scanned on 2024-12-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More