Installations
npm install @leanup/cli-angularDeveloper Guide
BETA
Typescript
No
Module System
N/A
Node Version
20.14.0
NPM Version
10.7.0
Releases
798
Contributors
3
Unable to fetch Contributors
Languages
8
TypeScript
JavaScript
HTML
Vue
Shell
Sass
Svelte
Gherkin
TypeScript (70.88%)
JavaScript (13.46%)
HTML (7.34%)
Vue (2.74%)
Shell (2.35%)
Sass (1.98%)
Svelte (1.03%)
Gherkin (0.22%)
Developer
leanupjs
Download Statistics
Total Downloads
252,515
Last Day
62
Last Week
497
Last Month
2,336
Last Year
36,654
GitHub Statistics
33 Stars
3,532 Commits
5 Forks
3 Watching
293 Branches
3 Contributors
Maintainers
1
Package Meta Information
Latest Version
1.3.54
Package Id
@leanup/cli-angular@1.3.54
Unpacked Size
66.81 kB
Size
41.81 kB
File Count
26
NPM Version
10.7.0
Node Version
20.14.0
Publised On
11 Jun 2024
Total Downloads
Cumulative downloads
Total Downloads
252,515
Last day
-71.6%
62
Compared to previous day
Last week
-33.3%
497
Compared to previous week
Last month
117.3%
2,336
Compared to previous month
Last year
-8.3%
36,654
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
1
Dev Dependencies
3
Versions
@leanup/cli-angular
This package contains the Angular CLI adapter. You can create a new or switch a existing project to the @leanup/stack.
Installation
You can create a new project folder or go in a existing folder.
Create a new project folder:
mkdir new-angular-appcd new-angular-appnpm install -D @leanup/cli @leanup/cli-angularnpx angular create
Go in a existing folder
cd my-angular-appnpm install -D @leanup/cli @leanup/cli-angularnpx angular create --only-config --overwrite- Proof the configuration changes and adopt it for your.
Usage
Execute npm run in your terminal. It lists all preconfigured tools commands of the @leanup/stack.
For example: npm start 😉
Feedback
Please give us feedback of you experience, so that we can continuously improve @leanup.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
SAST tool detected: CodeQL
Details
- Info: SAST configuration detected: CodeQL
- Warn: no pull requests merged into dev branch
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.md:0
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Warn: no linked content found
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:28
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:29
- Warn: no topLevel permission defined: .github/workflows/auto-dependency-updater.yml:1
- Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
- Warn: no topLevel permission defined: .github/workflows/deploy-docs.yml:1
- Warn: no topLevel permission defined: .github/workflows/node-12-to-14.npm-6.test.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-to-npmjs.dry.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-to-npmjs.yml:1
- Warn: no topLevel permission defined: .github/workflows/update-changelog.yml:1
- Warn: no topLevel permission defined: .github/workflows/weekly-releases.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-dependency-updater.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/auto-dependency-updater.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-dependency-updater.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/auto-dependency-updater.yml/release/2.0?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-dependency-updater.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/auto-dependency-updater.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/codeql-analysis.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/codeql-analysis.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/codeql-analysis.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/codeql-analysis.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-docs.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/deploy-docs.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-docs.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/deploy-docs.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-docs.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/deploy-docs.yml/release/2.0?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy-docs.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/deploy-docs.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node-12-to-14.npm-6.test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/node-12-to-14.npm-6.test.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node-12-to-14.npm-6.test.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/node-12-to-14.npm-6.test.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-to-npmjs.dry.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/publish-to-npmjs.dry.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-to-npmjs.dry.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/publish-to-npmjs.dry.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-to-npmjs.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/publish-to-npmjs.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-to-npmjs.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/publish-to-npmjs.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-changelog.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/update-changelog.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-changelog.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/update-changelog.yml/release/2.0?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-changelog.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/update-changelog.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weekly-releases.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/weekly-releases.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weekly-releases.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/weekly-releases.yml/release/2.0?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/weekly-releases.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/weekly-releases.yml/release/2.0?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/weekly-releases.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/leanupjs/leanup/weekly-releases.yml/release/2.0?enable=pin
- Warn: npmCommand not pinned by hash: docs/assets/demo.sh:18
- Warn: npmCommand not pinned by hash: scripts/wake-up.sh:4
- Warn: npmCommand not pinned by hash: .github/workflows/auto-dependency-updater.yml:32
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.dry.yml:45
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.dry.yml:53
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.dry.yml:61
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.dry.yml:69
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.dry.yml:77
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.yml:35
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.yml:43
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.yml:51
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.yml:59
- Warn: npmCommand not pinned by hash: .github/workflows/publish-to-npmjs.yml:67
- Warn: npmCommand not pinned by hash: .github/workflows/update-changelog.yml:37
- Info: 0 out of 20 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 4 third-party GitHubAction dependencies pinned
- Info: 1 out of 15 npmCommand dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'release/2.0'
- Warn: branch protection not enabled for branch 'release/1.3'
- Warn: branch protection not enabled for branch 'release/1.2'
- Warn: branch protection not enabled for branch 'release/1.1'
- Warn: branch protection not enabled for branch 'release/1.0'
Reason
43 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-8266-84wp-wv5c
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-353f-5xf4-qw67
- Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
- Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
- Warn: Project is vulnerable to: GHSA-f9xv-q969-pqx4
- Warn: Project is vulnerable to: GHSA-x565-32qp-m3vf
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
3.4
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More