Gathering detailed insights and metrics for @isomorphic-git/idb-keyval
Gathering detailed insights and metrics for @isomorphic-git/idb-keyval
Installations
npm install @isomorphic-git/idb-keyvalScore
83.1
Supply Chain
100
Quality
79
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Contributors
6
Developer
isomorphic-git
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
12.16.0
NPM Version
6.13.4
Statistics
6 Stars
75 Commits
2 Forks
4 Watching
5 Branches
6 Contributors
Updated on 15 Nov 2023
Languages
TypeScript (88.48%)
JavaScript (11.52%)
Total Downloads
Cumulative downloads
Total Downloads
1,435,317
Last day
15.5%
900
Compared to previous day
Last week
9.9%
4,953
Compared to previous week
Last month
-0.1%
20,473
Compared to previous month
Last year
-28.7%
266,823
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
IDB-Keyval (fork)
This is a super-simple-small promise-based keyval store implemented with IndexedDB, largely based on async-storage by Mozilla.
localForage offers similar functionality, but supports older browsers with broken/absent IDB implementations. Because of that, it's 7.4k, whereas idb-keyval is < 600 bytes. Also, it's tree-shaking friendly, so you'll probably end up using fewer than 500 bytes. Pick whichever works best for you!
This is only a keyval store. If you need to do more complex things like iteration & indexing, check out IDB on NPM (a little heavier at 1.7k). The first example in its README is how to recreate this library.
Usage
set:
1import { set } from 'idb-keyval'; 2 3set('hello', 'world'); 4set('foo', 'bar');
Since this is IDB-backed, you can store anything structured-clonable (numbers, arrays, objects, dates, blobs etc).
All methods return promises:
1import { set } from 'idb-keyval'; 2 3set('hello', 'world') 4 .then(() => console.log('It worked!')) 5 .catch(err => console.log('It failed!', err));
get:
1import { get } from 'idb-keyval'; 2 3// logs: "world" 4get('hello').then(val => console.log(val));
If there is no 'hello' key, then val will be undefined.
keys:
1import { keys } from 'idb-keyval'; 2 3// logs: ["hello", "foo"] 4keys().then(keys => console.log(keys));
del:
1import { del } from 'idb-keyval'; 2 3del('hello');
clear:
1import { clear } from 'idb-keyval'; 2 3clear();
close:
Closes the IDB connection. May be useful to handle when the page is frozen. The connection is reopened automatically the next time any other API is called.
1import { close } from 'idb-keyval'; 2 3close();
Custom stores:
By default, the methods above use an IndexedDB database named keyval-store and an object store named keyval. You can create your own store, and pass it as an additional parameter to any of the above methods:
1import { Store, set } from 'idb-keyval'; 2 3const customStore = new Store('custom-db-name', 'custom-store-name'); 4set('foo', 'bar', customStore);
That's it!
Installing
Via npm + webpack/rollup
1npm install idb-keyval
Now you can require/import idb-keyval:
1import { get, set } from 'idb-keyval';
If you're targeting older versions of IE, you may have more luck with:
1const idb = require('idb-keyval/dist/idb-keyval-cjs-compat.min.js');
Via <script>
dist/idb-keyval.mjsis a valid JS module.dist/idb-keyval-iife.jscan be used in browsers that don't support modules.idbKeyvalis created as a global.dist/idb-keyval-iife.min.jsAs above, but minified.dist/idb-keyval-iife-compat.min.jsAs above, but works in older browsers such as IE 10.dist/idb-keyval-amd.jsis an AMD module.dist/idb-keyval-amd.min.jsAs above, but minified.
These built versions are also available on jsDelivr, e.g.:
1<script src="https://cdn.jsdelivr.net/npm/idb-keyval@3/dist/idb-keyval-iife.min.js"></script> 2<!-- Or in modern browsers: --> 3<script type="module"> 4 import { get, set } from 'https://cdn.jsdelivr.net/npm/idb-keyval@3/dist/idb-keyval.mjs'; 5</script>
Updating from 2.x
2.x exported an object with methods:
1// This no longer works in 3.x 2import idbKeyval from 'idb-keyval'; 3 4idbKeyval.set('foo', 'bar');
Whereas in 3.x you import the methods directly:
1import { set } from 'idb-keyval'; 2 3set('foo', 'bar');
This is better for minification, and allows tree shaking.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENCE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'fork'
Reason
51 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-c6rq-rjc2-86v2
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-hr2v-3952-633q
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-qrmc-fj45-qfc2
- Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
- Warn: Project is vulnerable to: MAL-2023-462
- Warn: Project is vulnerable to: GHSA-xf7w-r453-m56c
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-44pw-h2cw-w3vq
- Warn: Project is vulnerable to: GHSA-jp4x-w63m-7wgm
- Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
- Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-6g33-f262-xjp4
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-2m39-62fm-q8r3
- Warn: Project is vulnerable to: GHSA-mf6x-7mm4-x2g7
- Warn: Project is vulnerable to: GHSA-j44m-qm6p-hp7m
- Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-g7q5-pjjr-gqvp
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Score
1.7
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More