Gathering detailed insights and metrics for @guanghechen/npm-helper
Gathering detailed insights and metrics for @guanghechen/npm-helper
Installations
npm install @guanghechen/npm-helperDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>= 14.15.0
Node Version
16.15.1
NPM Version
lerna/5.1.8/node@v16.15.1+x64 (linux)
Releases
Unable to fetch releases
Contributors
1
Unable to fetch Contributors
Love this project? Help keep it running — sponsor us today! 🚀
Developer
guanghechen
Download Statistics
Total Downloads
9,588
Last Day
2
Last Week
2
Last Month
67
Last Year
1,222
GitHub Statistics
1 Stars
11 Commits
1 Watching
2 Branches
1 Contributors
Bundle Size
34.72 kB
Minified
10.19 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
1.9.8
Package Id
@guanghechen/npm-helper@1.9.8
Unpacked Size
10.34 kB
Size
3.40 kB
File Count
7
NPM Version
lerna/5.1.8/node@v16.15.1+x64 (linux)
Node Version
16.15.1
Total Downloads
Cumulative downloads
Total Downloads
9,588
Last day
0%
2
Compared to previous day
Last week
-88.9%
2
Compared to previous week
Last month
179.2%
67
Compared to previous month
Last year
-30.9%
1,222
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Versions
@guanghechen/npm-helper
A collection of utility functions for npm packages.
Install
-
npm
1npm install --save-dev @guanghechen/npm-helper -
yarn
1yarn add --dev @guanghechen/npm-helper
Usage
-
detectMonorepo: Check whether if it is a monorepo under thecurrentDir.1function detectMonorepo(currentDir: string): boolean -
detectPackageAuthor: Detect package author.1function detectPackageAuthor(currentDir: string): string | null -
createDependencyFields: Return default dependency field names.1function createDependencyFields(): ReadonlyArray< 2 |'dependencies' 3 |'optionalDependencies' 4 |'peerDependencies' 5> -
collectAllDependencies: Collect all dependencies declared in thepackage.jsonand the dependencies of them and so on.1function collectAllDependencies( 2 packageJsonPath: string | null, 3 dependenciesFields?: ReadonlyArray<string>, 4 additionalDependencies?: ReadonlyArray<string> | null, 5 isAbsentAllowed?: ((moduleName: string) => boolean) | null, 6): string[]packageJsonPath: Filepath ofpackage.jsondependenciesFields: Package dependency field names. (such as['dependencies', 'devDependencies'])additionalDependencies: Additional dependency names appended to the results.isAbsentAllowed: Determine whether if a given moduleName can miss. (called onMODULE_NOT_FOUNDerror thrown)
Related
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
Found 0/11 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/guanghechen/guanghechen/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/guanghechen/guanghechen/ci.yml/main?enable=pin
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Score
3.1
/10
Last Scanned on 2025-02-03
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More