Gathering detailed insights and metrics for @jedmao/location
Gathering detailed insights and metrics for @jedmao/location
A Location class that implements the Location interface of the Web API.
Installations
npm install @jedmao/locationDeveloper
jedmao
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
12.16.1
NPM Version
6.14.2
Statistics
8 Stars
213 Commits
2 Forks
2 Watching
12 Branches
3 Contributors
Updated on 16 Aug 2023
Bundle Size
347.00 B
Minified
250.00 B
Minified + Gzipped
Languages
TypeScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
11,123,217
Last day
-6.6%
26,551
Compared to previous day
Last week
1%
132,113
Compared to previous week
Last month
10.8%
553,490
Compared to previous month
Last year
73%
6,066,919
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
21
@commitlint/cli@commitlint/config-conventional@jedmao/semantic-release-npm-github-config@jedmao/tsconfig@types/jest@types/node@typescript-eslint/eslint-plugin@typescript-eslint/parsercommitizencz-conventional-changelogeslinteslint-config-prettierhuskyjestjest-watch-typeaheadlint-stagedprettierrimrafsemantic-releasets-jesttypescript
Versions
@jedmao/location
A LocationMock class that extends URL and implements the Location interface of the Web API. As always, with first-class TypeScript support!
Installation
1npm i --save-dev @jedmao/location
Usage
1import { LocationMock } from '@jedmao/location' 2 3const loc = new LocationMock('http://foo.com/') 4loc.assign('http://bar.com/') 5loc.replace('http://baz.com/') 6loc.reload()
Because this package extends URL, many features are provided for free. This means you can do this:
1new LocationMock('http://jed:secret@test:42/foo?bar=baz#qux')Which returns the following object:
1LocationMock { 2 href: 'http://jed:secret@test:42/foo?bar=baz#qux', 3 origin: 'http://test:42', 4 protocol: 'http:', 5 username: 'jed', 6 password: 'secret', 7 host: 'test:42', 8 hostname: 'test', 9 port: '42', 10 pathname: '/foo', 11 search: '?bar=baz', 12 searchParams: URLSearchParams { 'bar' => 'baz' }, 13 hash: '#qux' }
Mocking
A common use for this package is to mock the window.location, which you can do in Jest like so:
1const { location: savedLocation } = window 2 3beforeAll(() => { 4 delete window.location 5}) 6 7beforeEach(() => { 8 window.location = new LocationMock('http://test/') 9}) 10 11afterAll(() => { 12 window.location = savedLocation 13}) 14 15it('assigns /login', () => { 16 const assign = jest 17 .spyOn(window.location, 'assign') 18 .mockImplementationOnce(() => {}) 19 20 window.location.assign('/login') 21 22 expect(assign).toHaveBeenCalledWith('/login') 23})
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/jednano/location/master.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/jednano/location/master.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/jednano/location/master.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/master.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/jednano/location/master.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/jednano/location/pr.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/jednano/location/pr.yml/master?enable=pin
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 3 out of 3 npmCommand dependencies pinned
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/master.yml:1
- Warn: no topLevel permission defined: .github/workflows/pr.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact v3.0.0 not signed: https://api.github.com/repos/jednano/location/releases/24322703
- Warn: release artifact v2.0.4 not signed: https://api.github.com/repos/jednano/location/releases/20259418
- Warn: release artifact v2.0.3 not signed: https://api.github.com/repos/jednano/location/releases/20254775
- Warn: release artifact v2.0.2 not signed: https://api.github.com/repos/jednano/location/releases/20254488
- Warn: release artifact v2.0.1 not signed: https://api.github.com/repos/jednano/location/releases/20232413
- Warn: release artifact v3.0.0 does not have provenance: https://api.github.com/repos/jednano/location/releases/24322703
- Warn: release artifact v2.0.4 does not have provenance: https://api.github.com/repos/jednano/location/releases/20259418
- Warn: release artifact v2.0.3 does not have provenance: https://api.github.com/repos/jednano/location/releases/20254775
- Warn: release artifact v2.0.2 does not have provenance: https://api.github.com/repos/jednano/location/releases/20254488
- Warn: release artifact v2.0.1 does not have provenance: https://api.github.com/repos/jednano/location/releases/20232413
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
46 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-2h3h-q99f-3fhc
- Warn: Project is vulnerable to: GHSA-gmw6-94gg-2rc2
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
- Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
- Warn: Project is vulnerable to: GHSA-hj9c-8jmm-8c52
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-x2pg-mjhr-2m5x
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
2.5
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More