npmpackage.info

Gathering detailed insights and metrics for @jcayzac/image-information

@jcayzac/image-information

A collection of ESM modules I use in my projects.

1.1.1

MIT

TypeScript

5.59 kB

584 6.5

Installations

npm install @jcayzac/image-information

Developer Guide

BETA

Typescript

Yes

Module System

ESM

Node Version

20.17.0

NPM Version

10.8.2 Score

68.1

Supply Chain

97.8

Quality

77.6

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

4

Total

148

Closed

1

Merged

143

Issues

Open

0

Total

2

Closed

2

Releases

@jcayzac/astro-image-service-ng@0.4.2-dev.0

Published on 01 Jan 2025

@jcayzac/atom-feeds@0.0.3-dev.0

Published on 31 Dec 2024

@copepod/kv@0.0.2

Published on 08 Oct 2024

@jcayzac/astro-image-service-ng@0.4.1

Published on 08 Oct 2024

@jcayzac/astro-image-service-ng@0.4.1-dev.0

Published on 08 Oct 2024

@copepod/kv@0.0.2-dev.0

Published on 08 Oct 2024

View all 98 releases

Contributors

View all 1 contributors

Languages

TypeScript

CSS

JavaScript

Shell

TypeScript (90.24%)

CSS (8.99%)

JavaScript (0.65%)

Shell (0.12%)

Developer

jcayzac

Download Statistics

Total Downloads

584

Last Day

Last Week

Last Month

Last Year

584

GitHub Statistics

5 Stars

259 Commits

2 Forks

1 Watching

6 Branches

1 Contributors

Bundle Size

17.28 kB

Minified

5.59 kB

Minified + Gzipped

Bundlephobia

Sponsor this package

https://github.com/sponsors/jcayzac

Maintainers

Package Meta Information

Latest Version

1.1.1

Package Id

@jcayzac/image-information@1.1.1

Unpacked Size

17.02 kB

Size

5.91 kB

File Count

NPM Version

10.8.2

Node Version

20.17.0

Publised On

03 Sept 2024

Total Downloads

Cumulative downloads

Total Downloads

584

Last day

66.7%

Compared to previous day

Last week

-56.3%

Compared to previous week

Last month

72%

Compared to previous month

Last year

584

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

image-size

Versions

`@jcayzac/image-information`

Lightweight detection of local or remote images' type, orientation & size in pure Javascript.

This module detect informations about local or remote images. For remote images, it streams the data only until it finds information.

Images in the following formats are supported: GIF, HEIC, HEIF, AVIF, J2C, JP2, JPEG, PNG, SVG & WebP.

Usage

1# pnpm
2pnpm add @jcayzac/image-information
3
4# bun
5bunx add @jcayzac/image-information
6
7# npm
8npx add @jcayzac/image-information
9
10# yarn
11yarn add @jcayzac/image-information
12
13# deno
14deno add npm:@jcayzac/image-information

Getting information about an image from a URL

1import { imageInformation } from '@jcayzac/image-information'
2
3// Remote URL
4const info = await imageInformation('https://example.com/image.jpg')
5if (info !== undefined) {
6  const {
7    // intrinsic width.
8    width,
9
10    // intrinsic height.
11    height,
12
13    // inferred file extension (doesn't care about URL).
14    extension,
15
16    // inferred MIME type.
17    type,
18
19    // detected EXIF orientation, if any.
20    orientation,
21  } = info
22
23  console.log(`Found information:`, info)
24}
25
26// File URL
27const info2 = await imageInformation('file:///tmp/image.jpg')

[!NOTE]

The function accepts strings as a convenience, but those are expected to represent valid URLs. For local images, you must use the file:// URL scheme. Passing paths directly will not work.

Getting information about an image from a buffer

The probe() function can be used to get information about an image from a buffer (either an Uint8Array or a node Buffer).

1import { readFile } from 'node:fs/promises'
2import { probe } from '@jcayzac/image-information'
3
4const buffer = await readFile('image.jpg')
5const info = await probe(buffer)

Like it? Buy me a coffee!

If you like anything here, consider buying me a coffee using one of the following platforms:

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

CI-Tests

Determines if the project runs tests before pull requests are merged.

10

Contributors

Determines if the project has a set of contributors from multiple organizations (e.g., companies).

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Dependency-Update-Tool

Determines if the project uses a dependency update tool.

10

License

Determines if the project has defined a license.

10

Maintained

Determines if the project is "actively maintained".

10

SAST

Determines if the project uses static code analysis.

10

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

3

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

1

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 1

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-labeled.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/issue-labeled.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-labeled.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/issue-labeled.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-needs-repro.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/issue-needs-repro.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-opened.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/issue-opened.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/main.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scorecard.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/jcayzac/copepod-modules/scorecard.yml/main?enable=pin
Info: 2 out of 12 GitHub-owned GitHubAction dependencies pinned
Info: 1 out of 9 third-party GitHubAction dependencies pinned

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Fuzzing

Determines if the project uses fuzzing.

Reason

project is not fuzzed

Details

Warn: no OSSFuzz integration found: Follow the steps in https://github.com/google/oss-fuzz to integrate fuzzing for your project. Over time, try to add fuzzing for more functionalities of your project. (High effort)
Warn: no OneFuzz integration found: Follow the steps in https://github.com/microsoft/onefuzz to start fuzzing for your project. Over time, try to add fuzzing for more functionalities of your project. (High effort)
Warn: no GoBuiltInFuzzer integration found: Follow the steps in https://go.dev/doc/fuzz/ to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
Warn: no PythonAtherisFuzzer integration found: Follow the steps in https://github.com/google/atheris to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
Warn: no CLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
Warn: no CppLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
Warn: no SwiftLibFuzzer integration found: Follow the steps in https://google.github.io/oss-fuzz/getting-started/new-project-guide/swift-lang/ to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
Warn: no RustCargoFuzzer integration found: Follow the steps in https://rust-fuzz.github.io/book/cargo-fuzz.html to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
Warn: no JavaJazzerFuzzer integration found: Follow the steps in https://github.com/CodeIntelligenceTesting/jazzer to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
Warn: no ClusterFuzzLite integration found: Follow the steps in https://github.com/google/clusterfuzzlite to integrate fuzzing as part of CI. Over time, try to add fuzzing for more functionalities of your project. (High effort)
Warn: no HaskellPropertyBasedTesting integration found: Use one of the following frameworks to fuzz your project: QuickCheck: https://hackage.haskell.org/package/QuickCheck hedgehog: https://hedgehog.qa/ validity: https://github.com/NorfairKing/validity smallcheck: https://hackage.haskell.org/package/smallcheck hspec: https://hspec.github.io/ tasty: https://hackage.haskell.org/package/tasty (High effort)
Warn: no TypeScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)
Warn: no JavaScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)

0

Security-Policy

Determines if the project has published a security policy.

Reason

security policy file not detected

Details

Warn: no security policy file detected: On GitHub: Enable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository Add a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities. On GitLab: Add a section in your SECURITY.md indicating the process to disclose vulnerabilities for your project. Examples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. For additional information on vulnerability disclosure, see https://github.com/ossf/oss-vulnerability-guide/blob/main/maintainer-guide.md. (Medium effort)
Warn: no security file to analyze: On GitHub: Enable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository Add a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities. On GitLab: Provide a point of contact in your SECURITY.md. Examples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. (Low effort)
Warn: no security file to analyze: On GitHub: Enable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository Add a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities. On GitLab: Add a section in your SECURITY.md indicating the process to disclose vulnerabilities for your project. Examples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. (Low effort)
Warn: no security file to analyze: On GitHub: Enable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository Add a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities. On GitLab: Add a section in your SECURITY.md indicating the process to disclose vulnerabilities for your project. Examples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. (Low effort)

Score

6.5

/10

Last Scanned on 2025-01-03T18:48:53Z

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More