Gathering detailed insights and metrics for @jsreport/jsreport-xlsx
Gathering detailed insights and metrics for @jsreport/jsreport-xlsx
Installations
npm install @jsreport/jsreport-xlsxDeveloper
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>=18.15
Typescript Support
No
Node Version
18.20.4
NPM Version
10.8.3
Statistics
1,196 Stars
2,191 Commits
231 Forks
56 Watching
10 Branches
15 Contributors
Updated on 28 Nov 2024
Languages
JavaScript (97.8%)
Python (0.79%)
CSS (0.72%)
Handlebars (0.26%)
HTML (0.22%)
Dockerfile (0.14%)
Shell (0.03%)
XSLT (0.03%)
Total Downloads
Cumulative downloads
Total Downloads
165,065
Last day
13.4%
517
Compared to previous day
Last week
8.6%
2,836
Compared to previous week
Last month
35.1%
10,802
Compared to previous month
Last year
59.4%
84,480
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
15
Versions
jsreport
An open-source platform for designing and rendering various reports.
jsreport is a reporting server letting developers define reports using javascript templating engines like handlebars. It supports various report output formats like html, pdf, excel, docx, and others. It also includes advanced reporting features like user management, REST API, scheduling, designer, or sending emails.
You can find more information on the official project website https://jsreport.net
Installation
Basic installation from the npm
1npm install -g @jsreport/jsreport-cli 2jsreport init 3jsreport configure 4jsreport start
You can also download compiled binary or pull from the official docker images. See https://jsreport.net/on-prem for the details.
Documentation
See the https://jsreport.net/learn for an overview of concepts, guides, clients, and general documentation.
Extensions
The jsreport official distribution in npm, docker, or compiled binary includes the most commonly used extensions. However, the list of available extensions is much longer, and you may want to install some of the missing ones as well. See the list of available packages here or in the documentation.
You are also not limited to extensions we provide to you. You can implement your extensions. See the Implementing custom extension article.
Node.js
You can find documentation for adapting this jsreport distribution using nodejs and also information for integrating it into an existing nodejs application in the article adapting jsreport.
The official jsreport distribution wires the most popular extensions into the ready-to-use package. However, if you are skilled, you are free to start from the ground using jsreport-core.
Development
We use yarn to manage the monorepo. The basic workflow is the following
1git clone https://github.com/jsreport/jsreport 2yarn install 3yarn start
The tests for the individual package runs the following way
yarn workspace @jsreport/jsreport-scripts test
The studio extensions development with the hot reload can be started using
set NODE_ENV=jsreport-development&&yarn start
Roadmap
- adding more features to docx/pptx/xlsx recipes
- pdf compression
- version control extension direct git integration and improvements
- studio editor intellisense
- html-to-xlsx - images, filters...
More in the backlog.
Missing a feature? Submit a feature request.
Vulnerabilities
We update vulnerable jsreport dependencies based on npm and Snyk audits during every release. Please wait until we release the next version when you notice a security warning in your audit. There is no need to create a ticket for it. In case you see a direct impact on jsreport security that you can replicate, please send us an email to support@jsreport.net and we will make sure it's fixed ASAP. Note there is no need to panic when there is a vulnerability mentioned in the audit because it is the most likely in the code path that is not used. A typical example of a vulnerability is an eventual DDoS attack through a dependency parsing some internal config, which in fact can't happen and isn't a vulnerability at all.
Licensing
Copyright (C) 2024 Jan Blaha
Do you want to use jsreport for a personal purpose, in a school project or a non-profit organization? Then you don't need the author's permission, just go on and use it. You can use jsreport without the author's permission also when having a maximum 5 templates stored in jsreport storage.
For commercial projects using more than 5 stored report templates see Pricing page.
Under any of the licenses, free or not, you are allowed to download the source code and make your own edits.
In every case, there are no warranties of any kind provided:
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
No vulnerabilities found.
Reason
30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: executable-license.txt:0
- Info: FSF or OSI recognized license: GNU Lesser General Public License v3.0: executable-license.txt:0
Reason
no binaries found in the repo
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/docker-build-default.yaml:8
Reason
Found 2/28 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/docker-build-default.yaml:1
- Warn: no topLevel permission defined: .github/workflows/docker-build-full.yaml:1
- Warn: no topLevel permission defined: .github/workflows/docker-build-windows.yaml:1
- Warn: no topLevel permission defined: .github/workflows/linux-binary.yaml:1
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Warn: no topLevel permission defined: .github/workflows/osx-binary.yaml:1
- Warn: no topLevel permission defined: .github/workflows/windows-binary.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact 4.7.0 not signed: https://api.github.com/repos/jsreport/jsreport/releases/182559888
- Warn: release artifact 4.6.0 not signed: https://api.github.com/repos/jsreport/jsreport/releases/170042098
- Warn: release artifact 4.5.0 not signed: https://api.github.com/repos/jsreport/jsreport/releases/161180179
- Warn: release artifact 4.4.0 not signed: https://api.github.com/repos/jsreport/jsreport/releases/156561697
- Warn: release artifact 4.3.1 not signed: https://api.github.com/repos/jsreport/jsreport/releases/148919443
- Warn: release artifact 4.7.0 does not have provenance: https://api.github.com/repos/jsreport/jsreport/releases/182559888
- Warn: release artifact 4.6.0 does not have provenance: https://api.github.com/repos/jsreport/jsreport/releases/170042098
- Warn: release artifact 4.5.0 does not have provenance: https://api.github.com/repos/jsreport/jsreport/releases/161180179
- Warn: release artifact 4.4.0 does not have provenance: https://api.github.com/repos/jsreport/jsreport/releases/156561697
- Warn: release artifact 4.3.1 does not have provenance: https://api.github.com/repos/jsreport/jsreport/releases/148919443
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 4 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-default.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-default.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-default.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-default.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-default.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-default.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-default.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-default.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-default.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-default.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-default.yaml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-default.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-full.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-full.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-full.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-full.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-full.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-full.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-full.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-full.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-full.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-full.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docker-build-windows.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-windows.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docker-build-windows.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/docker-build-windows.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linux-binary.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/linux-binary.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linux-binary.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/linux-binary.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/linux-binary.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/linux-binary.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/osx-binary.yaml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/osx-binary.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/osx-binary.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/osx-binary.yaml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/osx-binary.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/osx-binary.yaml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/windows-binary.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/windows-binary.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/windows-binary.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/windows-binary.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/windows-binary.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/jsreport/jsreport/windows-binary.yml/master?enable=pin
- Warn: containerImage not pinned by hash: packages/jsreport/docker/default/Dockerfile:1: pin your Docker image by updating node:18.20-alpine3.19 to node:18.20-alpine3.19@sha256:4580c24f98e6a7f7e3f4945fa049a93e0927b53bea2da75b78838d51678bf68d
- Warn: containerImage not pinned by hash: packages/jsreport/docker/default/Dockerfile.local:1: pin your Docker image by updating node:18.20-alpine3.19 to node:18.20-alpine3.19@sha256:4580c24f98e6a7f7e3f4945fa049a93e0927b53bea2da75b78838d51678bf68d
- Warn: containerImage not pinned by hash: packages/jsreport/docker/full/Dockerfile:1: pin your Docker image by updating ubuntu:focal to ubuntu:focal@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
- Warn: containerImage not pinned by hash: packages/jsreport/docker/full/Dockerfile.local:1: pin your Docker image by updating ubuntu:focal to ubuntu:focal@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
- Warn: containerImage not pinned by hash: packages/jsreport/docker/windowsservercore/Dockerfile:1: pin your Docker image by updating mcr.microsoft.com/windows/servercore:ltsc2019 to mcr.microsoft.com/windows/servercore:ltsc2019@sha256:d14e163a476ddf6bfe08997551777cf1382288784825158263e002d1f4eeb29c
- Warn: containerImage not pinned by hash: packages/worker/Dockerfile:1: pin your Docker image by updating ubuntu:focal to ubuntu:focal@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
- Warn: containerImage not pinned by hash: packages/worker/Dockerfile.fast:1
- Warn: containerImage not pinned by hash: packages/worker/Dockerfile.local:1: pin your Docker image by updating ubuntu:focal to ubuntu:focal@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
- Warn: npmCommand not pinned by hash: packages/jsreport/docker/default/Dockerfile:80
- Warn: npmCommand not pinned by hash: packages/jsreport/docker/default/Dockerfile:82
- Warn: npmCommand not pinned by hash: packages/jsreport/docker/default/Dockerfile.local:82
- Warn: downloadThenRun not pinned by hash: packages/jsreport/docker/full/Dockerfile:52
- Warn: npmCommand not pinned by hash: packages/jsreport/docker/full/Dockerfile:59
- Warn: npmCommand not pinned by hash: packages/jsreport/docker/full/Dockerfile:75-89
- Warn: downloadThenRun not pinned by hash: packages/jsreport/docker/full/Dockerfile.local:53
- Warn: npmCommand not pinned by hash: packages/jsreport/docker/full/Dockerfile.local:59
- Warn: npmCommand not pinned by hash: packages/jsreport/docker/windowsservercore/Dockerfile:20
- Warn: downloadThenRun not pinned by hash: packages/worker/Dockerfile:37-38
- Warn: npmCommand not pinned by hash: packages/worker/Dockerfile:47
- Warn: downloadThenRun not pinned by hash: packages/worker/Dockerfile.local:41-42
- Warn: npmCommand not pinned by hash: packages/worker/Dockerfile.local:52
- Info: 0 out of 11 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 13 third-party GitHubAction dependencies pinned
- Info: 0 out of 9 npmCommand dependencies pinned
- Info: 0 out of 4 downloadThenRun dependencies pinned
- Info: 0 out of 8 containerImage dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
107 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-m5vv-6r4h-3vj9
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-crh6-fp67-6883
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-g74r-ffvr-5q9f
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-h452-7996-h45h
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-qgfr-5hqp-vrw9
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-7fv9-m79r-j9x8
- Warn: Project is vulnerable to: GHSA-4w88-rjj3-x7wp
- Warn: Project is vulnerable to: GHSA-w222-53c6-c86p
- Warn: Project is vulnerable to: GHSA-fjqr-fx3f-g4rv
- Warn: Project is vulnerable to: GHSA-6vrv-94jv-crrg
- Warn: Project is vulnerable to: GHSA-f9mq-jph6-9mhm
- Warn: Project is vulnerable to: GHSA-h9jc-284h-533g
- Warn: Project is vulnerable to: GHSA-m93v-9qjc-3g79
- Warn: Project is vulnerable to: GHSA-hvf8-h2qh-37m9
- Warn: Project is vulnerable to: GHSA-mpjm-v997-c4h4
- Warn: Project is vulnerable to: GHSA-3p22-ghq8-v749
- Warn: Project is vulnerable to: GHSA-77xc-hjv8-ww97
- Warn: Project is vulnerable to: GHSA-mq8j-3h7h-p8g7
- Warn: Project is vulnerable to: GHSA-p2jh-44qj-pf2v
- Warn: Project is vulnerable to: GHSA-p7v2-p9m8-qqg7
- Warn: Project is vulnerable to: GHSA-7x97-j373-85x5
- Warn: Project is vulnerable to: GHSA-7m48-wc93-9g85
- Warn: Project is vulnerable to: GHSA-qqvq-6xgj-jw8g
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-44pw-h2cw-w3vq
- Warn: Project is vulnerable to: GHSA-jp4x-w63m-7wgm
- Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-jv3g-j58f-9mq9
- Warn: Project is vulnerable to: GHSA-hhhv-q57g-882q
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-8cf7-32gw-wr33
- Warn: Project is vulnerable to: GHSA-hjrf-2m68-5959
- Warn: Project is vulnerable to: GHSA-qwph-4952-7xr6
- Warn: Project is vulnerable to: GHSA-jg8v-48h5-wgxg
- Warn: Project is vulnerable to: GHSA-36fh-84j7-cv5h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-ch52-vgq2-943f
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-56x4-j7p9-fcf9
- Warn: Project is vulnerable to: GHSA-v78c-4p63-2j6c
- Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-7jg2-jgv3-fmr4
- Warn: Project is vulnerable to: GHSA-wgrm-67xf-hhpq
- Warn: Project is vulnerable to: GHSA-x43g-gj9x-838x
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-gqgv-6jq5-jjj9
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-7xfp-9c55-5vqj
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-mxhp-79qh-mcx6
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-qhv9-728r-6jqg
- Warn: Project is vulnerable to: GHSA-g7q5-pjjr-gqvp
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-xc7v-wxcw-j472
- Warn: Project is vulnerable to: GHSA-qgmg-gppg-76g5
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-3x9f-74h4-2fqr
- Warn: Project is vulnerable to: GHSA-8vcr-vxm8-293m
- Warn: Project is vulnerable to: GHSA-g973-978j-2c3p
- Warn: Project is vulnerable to: GHSA-4r6h-8v6p-xvw6
- Warn: Project is vulnerable to: GHSA-5pgg-2g8v-p4x9
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
- Warn: Project is vulnerable to: GHSA-h6q6-9hqw-rwfv
- Warn: Project is vulnerable to: GHSA-5fg8-2547-mr8q
Score
3.5
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More