Gathering detailed insights and metrics for @intlify/unplugin-vue-i18n
Gathering detailed insights and metrics for @intlify/unplugin-vue-i18n
Installations
npm install @intlify/unplugin-vue-i18nReleases
142
@intlify/unplugin-vue-i18n@6.0.0
unplugin-vue-i18n@6.0.0
Published on 16 Nov 2024
@intlify/bundle-utils@10.0.0
bundle-utils@10.0.0
Published on 16 Nov 2024
@intlify/unplugin-vue-i18n@5.3.1
unplugin-vue-i18n@5.3.1
Published on 10 Nov 2024
@intlify/unplugin-vue-i18n@5.3.0
unplugin-vue-i18n@5.3.0
Published on 09 Nov 2024
@intlify/bundle-utils@9.0.0
bundle-utils@9.0.0
Published on 07 Nov 2024
@intlify/unplugin-vue-i18n@5.2.0
unplugin-vue-i18n@5.2.0
Published on 22 Sept 2024
Developer
intlify
Developer Guide
BETA
Module System
ESM
Min. Node Version
>= 18
Typescript Support
Yes
Node Version
18.19.1
NPM Version
9.5.1
Statistics
245 Stars
424 Commits
37 Forks
9 Watching
12 Branches
29 Contributors
Updated on 27 Nov 2024
Languages
TypeScript (79.25%)
JavaScript (17.13%)
Vue (2.85%)
HTML (0.76%)
Shell (0.01%)
Total Downloads
Cumulative downloads
Total Downloads
17,427,649
Last day
-1.8%
65,396
Compared to previous day
Last week
3.8%
335,195
Compared to previous week
Last month
9.8%
1,391,285
Compared to previous month
Last year
180.4%
12,744,851
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
16
Peer Dependencies
3
Dev Dependencies
2
Versions
@intlify/bundle-tools
The bundle tools for Vue I18n
📦 Packages
| Package | Bundler | Version (click for changelogs) | Status |
|---|---|---|---|
| @intlify/unplugin-vue-i18n | vite / webpack |  | Stable |
| @intlify/vite-plugin-vue-i18n | vite |  (until Vite 3) | Hot fix maintenance only |
| @intlify/vue-i18n-loader | webpack |  (for vue-i18n@9.x) | Hot fix maintenance only |
| @intlify/rollup-plugin-vue-i18n | rollup |  | Hot fix maintenance only |
💪 Contribution
See Contributing Guide.
©️ License
No vulnerabilities found.
Reason
23 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: topLevel 'contents' permission set to 'read': .github/workflows/build.yml:14
- Info: topLevel 'contents' permission set to 'read': .github/workflows/lint.yml:14
- Info: topLevel 'contents' permission set to 'read': .github/workflows/test.yml:14
- Info: no jobLevel write permissions found
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 5/28 approved changesets -- score normalized to 1
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/intlify/bundle-tools/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/intlify/bundle-tools/build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/intlify/bundle-tools/lint.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/intlify/bundle-tools/lint.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/intlify/bundle-tools/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/intlify/bundle-tools/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/intlify/bundle-tools/test.yml/main?enable=pin
- Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 18 are checked with a SAST tool
Reason
19 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-7q7g-4xm8-89cq
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-5j4c-8p2g-v4jx
- Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
Score
4.9
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More