Gathering detailed insights and metrics for @lidofinance/transition
Gathering detailed insights and metrics for @lidofinance/transition
Installations
npm install @lidofinance/transitionDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
14.20.0
NPM Version
6.14.17
Releases
42
v4.0.0-alpha.71
v4.0.0-alpha.71
Updated on Jul 11, 2025
v4.0.0-alpha.70
v4.0.0-alpha.70
Updated on Jul 11, 2025
v4.0.0-alpha.69
v4.0.0-alpha.69
Updated on Jul 10, 2025
v4.0.0-alpha.68
v4.0.0-alpha.68
Updated on Jul 10, 2025
v4.0.0-alpha.67
v4.0.0-alpha.67
Updated on Jul 10, 2025
v4.0.0-alpha.66
v4.0.0-alpha.66
Updated on Jul 09, 2025
Languages
5
TypeScript
HTML
JavaScript
Dockerfile
Shell
TypeScript (83.26%)
HTML (15.9%)
JavaScript (0.79%)
Dockerfile (0.04%)
Shell (0.01%)
Developer
lidofinance
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
20 Stars
1,089 Commits
21 Forks
26 Watchers
83 Branches
43 Contributors
Updated on Jul 10, 2025
Maintainers
8
Package Meta Information
Latest Version
2.3.0
Package Id
@lidofinance/transition@2.3.0
Unpacked Size
12.96 kB
Size
3.59 kB
File Count
19
NPM Version
6.14.17
Node Version
14.20.0
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Transition HOC
React HOC based on React Transition Group for Lido Finance projects. Part of Lido UI Components
Install
1yarn add @lidofinance/transition
Usage
1import { withTransition } from '@lidofinance/transition' 2 3const WrappedComponent = withTransition(SomeComponent)
Check out our Storybook at https://ui.lido.fi
No vulnerabilities found.
Reason
all changesets reviewed
Reason
30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.txt:0
Reason
no binaries found in the repo
Reason
SAST tool is run on all commits
Details
- Info: all commits (30) are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-preview-demolish.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/lidofinance/ui/ci-preview-demolish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-preview-deploy.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/lidofinance/ui/ci-preview-deploy.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-preview-deploy.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/lidofinance/ui/ci-preview-deploy.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/deploy.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/lidofinance/ui/deploy.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/lidofinance/ui/test.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/lidofinance/ui/test.yml/main?enable=pin
- Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating node:20-alpine to node:20-alpine@sha256:fa316946c0cb1f041fe46dda150f3085b71168555e5706ec0c7466a5bae12244
- Info: 20 out of 20 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 6 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: found token with 'none' permissions: .github/workflows/ci-preview-demolish.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci-preview-deploy.yml:22
- Info: topLevel 'pull-requests' permission set to 'read': .github/workflows/ci-preview-deploy.yml:23
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/deploy.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/test.yml:8
- Warn: topLevel 'security-events' permission set to 'write': .github/workflows/test.yml:9
- Info: no jobLevel write permissions found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
22 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-vp56-6g26-6827
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
- Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-f9xv-q969-pqx4
Score
5.8
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More