Installations
npm install @gerhobbelt/babel-plugin-syntax-dynamic-importDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
8.11.1
NPM Version
5.6.0
Releases
422
Contributors
1,104
Languages
6
TypeScript
JavaScript
Shell
Makefile
HTML
Batchfile
TypeScript (68.83%)
JavaScript (30.42%)
Shell (0.6%)
Makefile (0.09%)
HTML (0.06%)
Developer
Download Statistics
Total Downloads
3,887
Last Day
1
Last Week
5
Last Month
41
Last Year
490
GitHub Statistics
43,364 Stars
16,763 Commits
5,657 Forks
804 Watching
15 Branches
1,104 Contributors
Bundle Size
1.81 kB
Minified
922.00 B
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
7.2.1-26
Package Id
@gerhobbelt/babel-plugin-syntax-dynamic-import@7.2.1-26
Unpacked Size
2.90 kB
Size
1.54 kB
File Count
5
NPM Version
5.6.0
Node Version
8.11.1
Total Downloads
Cumulative downloads
Total Downloads
3,887
Last day
-83.3%
1
Compared to previous day
Last week
-66.7%
5
Compared to previous week
Last month
-45.3%
41
Compared to previous month
Last year
4.5%
490
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Peer Dependencies
1
Dev Dependencies
1
Versions
@gerhobbelt/babel-plugin-syntax-dynamic-import
Allow parsing of import()
See our website @gerhobbelt/babel-plugin-syntax-dynamic-import for more information.
Install
Using npm:
1npm install --save-dev @gerhobbelt/babel-plugin-syntax-dynamic-import
or using yarn:
1yarn add @gerhobbelt/babel-plugin-syntax-dynamic-import --dev
No vulnerabilities found.
Reason
30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
no binaries found in the repo
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:58
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:237
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/update-compat-data.yml:15
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/update-parser-tests.yml:17
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/update-windows-fixtures.yml:16
- Info: jobLevel 'pull-requests' permission set to 'read': .github/workflows/update-windows-fixtures.yml:17
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:6
- Info: topLevel 'contents' permission set to 'read': .github/workflows/e2e-tests-breaking-esm.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/e2e-tests.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/issue-triage.yml:8
- Info: found token with 'none' permissions: .github/workflows/lock.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:20
- Info: topLevel 'contents' permission set to 'read': .github/workflows/repl.yml:6
- Warn: no topLevel permission defined: .github/workflows/update-compat-data.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/update-parser-tests.yml:11
- Info: topLevel 'contents' permission set to 'read': .github/workflows/update-windows-fixtures.yml:11
Reason
Found 23/29 approved changesets -- score normalized to 7
Reason
badge detected: InProgress
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:283: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:285: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:359: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:361: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:368: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:384: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:386: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:393: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:150: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:532: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:534: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:541: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:582: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:584: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:589: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:604: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:619: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:621: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:627: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:633: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:646: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:663: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:198: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:219: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:249: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:255: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:270: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:557: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:559: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:566: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:323: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:325: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:331: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:413: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:415: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:442: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:454: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:460: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:466: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:472: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:478: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:484: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:490: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:496: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:502: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:508: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:514: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:520: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:674: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:676: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:678: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:680: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:682: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:684: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:686: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:688: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:696: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:701: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests-breaking-esm.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests-breaking-esm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-tests.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/e2e-tests.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/issue-triage.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/issue-triage.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/issue-triage.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/issue-triage.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/lock.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:186: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:202: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:220: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:252: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:304: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:317: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/reminders.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/reminders.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repl.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/repl.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/repl.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/repl.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-compat-data.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-compat-data.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-compat-data.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-compat-data.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-compat-data.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-compat-data.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-compat-data.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-compat-data.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-parser-tests.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-parser-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-parser-tests.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-parser-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-parser-tests.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-parser-tests.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-parser-tests.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-parser-tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-windows-fixtures.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-windows-fixtures.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-windows-fixtures.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-windows-fixtures.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-windows-fixtures.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel/update-windows-fixtures.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-create-react-app.sh:22
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-create-react-app.sh:60
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-create-react-app.sh:63
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-nextjs-10.sh:28
- Warn: npmCommand not pinned by hash: scripts/integration-tests/e2e-react-native.sh:47
- Info: 0 out of 109 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 15 third-party GitHubAction dependencies pinned
- Info: 3 out of 8 npmCommand dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 24 are checked with a SAST tool
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
23 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-4xcv-9jjx-gfj3
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-x6fg-f45m-jf5q
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
6.2
/10
Last Scanned on 2025-01-13
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More