Gathering detailed insights and metrics for @hebcal/leyning
Gathering detailed insights and metrics for @hebcal/leyning
Javascript Torah Reading API for Parashat HaShavua and holidays
Installations
npm install @hebcal/leyningDeveloper Guide
BETA
Typescript
No
Module System
ESM
Min. Node Version
>=18
Node Version
22.11.0
NPM Version
10.8.1
Releases
94
Languages
2
JavaScript
TypeScript
JavaScript (66.83%)
TypeScript (33.17%)
Developer
Download Statistics
Total Downloads
39,122
Last Day
16
Last Week
79
Last Month
515
Last Year
8,522
GitHub Statistics
BSD-2-Clause License
9 Stars
389 Commits
2 Forks
3 Watchers
5 Branches
6 Contributors
Updated on May 06, 2025
Bundle Size
103.59 kB
Minified
30.42 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
9.1.0
Package Id
@hebcal/leyning@9.1.0
Unpacked Size
310.26 kB
Size
80.85 kB
File Count
37
NPM Version
10.8.1
Node Version
22.11.0
Published on
Apr 21, 2025
Total Downloads
Cumulative downloads
Total Downloads
39,122
Last Day
0%
16
Compared to previous day
Last Week
-24.8%
79
Compared to previous week
Last Month
-37.4%
515
Compared to previous month
Last Year
-21.3%
8,522
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
@hebcal/leyning
Javascript Torah Reading API for Parashat HaShavua and holidays
This package includes both traditional (full kriyah) and weekday Torah readings.
Triennial Torah Readings have moved to @hebcal/triennial
Installation
1$ npm install @hebcal/leyning
Synopsis
1import {HebrewCalendar, HDate, Event} from '@hebcal/core'; 2import {getLeyningForParshaHaShavua, formatAliyahWithBook} from '@hebcal/leyning'; 3 4const events = HebrewCalendar.calendar({sedrot: true, noHolidays: true}); 5const ev = events.find((ev) => ev.getDesc() == 'Parashat Pinchas'); 6const reading = getLeyningForParshaHaShavua(ev, false); 7console.log(`${ev.getDesc()}: ${reading.summary}`); 8console.log(`Haftara: ${reading.haftara}`); 9for (const [num, aliyah] of Object.entries(reading.fullkriyah)) { 10 const number = num == 'M' ? 'maftir' : `aliyah ${num}`; 11 let str = formatAliyahWithBook(aliyah); 12 if (aliyah.reason) { 13 str += ' | ' + aliyah.reason; 14 } 15 str += ` (${aliyah.v} verses)`; 16 console.log(`${number}: ${str}`); 17}
API Documentation
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: BSD 2-Clause "Simplified" License: LICENSE:0
Reason
SAST tool is run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Info: all commits (17) are checked with a SAST tool
Reason
0 existing vulnerabilities detected
Reason
11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9
Reason
Found 3/16 approved changesets -- score normalized to 1
Reason
dependency not pinned by hash detected -- score normalized to 1
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/hebcal/hebcal-leyning/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/hebcal/hebcal-leyning/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/hebcal/hebcal-leyning/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/hebcal/hebcal-leyning/codeql-analysis.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/hebcal/hebcal-leyning/node.js.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/hebcal/hebcal-leyning/node.js.yml/main?enable=pin
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:28
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:29
- Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
- Warn: no topLevel permission defined: .github/workflows/node.js.yml:1
- Info: no jobLevel write permissions found
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Score
5.6
/10
Last Scanned on 2025-05-05
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More