Gathering detailed insights and metrics for @lion/form-core
Gathering detailed insights and metrics for @lion/form-core
Installations
npm install @lion/form-coreDeveloper Guide
BETA
Typescript
Yes
Module System
ESM
Node Version
16.17.0
NPM Version
8.15.0
Score
82.3
Supply Chain
94.9
Quality
79.9
Maintenance
100
Vulnerability
100
License
Releases
2,002
providence-analytics@0.18.4
providence-analytics@0.18.4
Updated on Feb 03, 2025
providence-analytics@0.18.3
providence-analytics@0.18.3
Updated on Feb 03, 2025
providence-analytics@0.18.2
providence-analytics@0.18.2
Updated on Jan 31, 2025
@lion/ui@0.11.0
@lion/ui@0.11.0
Updated on Jan 30, 2025
@lion/ui@0.10.1
@lion/ui@0.10.1
Updated on Jan 29, 2025
providence-analytics@0.18.1
providence-analytics@0.18.1
Updated on Jan 29, 2025
Contributors
144
Languages
3
JavaScript
TypeScript
HTML
JavaScript (97.1%)
TypeScript (2.45%)
HTML (0.45%)
Love this project? Help keep it running — sponsor us today! 🚀
Developer
Download Statistics
Total Downloads
607,844
Last Day
361
Last Week
2,283
Last Month
11,947
Last Year
133,269
GitHub Statistics
MIT License
1,796 Stars
2,865 Commits
304 Forks
32 Watchers
123 Branches
144 Contributors
Updated on Feb 14, 2025
Bundle Size
113.73 kB
Minified
27.85 kB
Minified + Gzipped
Maintainers
2
Package Meta Information
Latest Version
0.18.3
Package Id
@lion/form-core@0.18.3
Unpacked Size
1.76 MB
Size
218.12 kB
File Count
160
NPM Version
8.15.0
Node Version
16.17.0
Total Downloads
Cumulative downloads
Total Downloads
607,844
Last Day
-21.4%
361
Compared to previous day
Last Week
-22.7%
2,283
Compared to previous week
Last Month
70.9%
11,947
Compared to previous month
Last Year
-4.2%
133,269
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Systems >> Form >> Overview ||10
This page should be used as a starting point when first using the Form System. It provides an overview of its essential building blocks and provides links to detailed explanations of most of its core concepts.
Building Blocks
Our Form System is built from a set of very fundamental building blocks: form controls, fields and fieldsets.
Form Controls
Form controls are the most fundamental building blocks of our Form System.
They are the fundament of both fields, and fieldsets and provide a normalized, predictable API throughout the whole form. Every form element inherits from FormControlMixin.
FormControlMixin creates the default html structure and accessibility is designed to be used in conjunction with the ValidateMixin and the FormatMixin.
Fields
Fields (think of an input, textarea, select) are the actual form controls the end user interacts with. They extend LionField, which in turn uses the FormControlMixin. Fields provide a normalized API for both platform components and custom made form controls.
On top of this, they feature:
- formatting/parsing/serializing of view values.
- Advanced validation possibilities.
- Creation of advanced user interaction scenarios via interaction states.
- Provision of labels and help texts in an easy, declarative manner.
- Accessibility out of the box.
- Advanced styling possibilities: map your own Design System to the internal HTML structure.
Form controls are the most fundamental building block of the Forms. They are the basis of bothfields andfieldsets, and theformitself.
Platform fields (wrappers)
- LionInput, a wrapper for
<input>. - LionTextarea, a wrapper for
<textarea>. - LionSelect, a wrapper for
<select>.
Custom fields (wrappers)
Whenever a native form control doesn't exist or is not sufficient, a custom form field should be created. One could think of components like:
- LionCombobox, a custom implementation of a combobox.
- LionDate, an alternative for
<input type="date">. - LionDatepicker, an alternative for
<input type="date">including a calendar dropdown. - LionListbox, a custom implementation of a listbox.
- LionInputAmount, an alternative for
<input type="number">special for amounts. - LionInputEmail, an alternative for
<input type="email">. - LionInputIban, an ING specific for an input with IBAN numbers.
- LionInputRange, an alternative for
<input type="range">. - LionInputStepper, an alternative for
<input type="number">. - LionSelectRich, an alternative for
<select>with multiline options.
Choice Input Fields
For form controls which return a checked-state you can use the lion-choice-input mixin. It is used in:
- LionCheckbox, a wrapper for
<input type="checkbox">. - LionOption, an alternative for
<option>. - LionRadio, a wrapper for
<input type="radio">. - LionSwitch, a custom implementation of a switch.
Which contains the following features:
- Get or set the value of the choice -
choiceValue(). - Get or set the modelValue (value and checked-state) of the choice -
.modelValue. - Pre-select an option by setting the
checkedboolean attribute.
Fieldsets
Fieldsets are groups of fields. They can be considered fields on their own as well, since they partly share the normalized API via FormControlMixin. Fieldsets are the basis for:
- LionFieldset, a wrapper around multiple input fields or other fieldsets.
- LionForm, enhances the functionality of the native
<form>component. - LionCheckboxGroup, a wrapper component for multiple checkboxes.
- LionRadioGroup, a wrapper component for multiple radio inputs.
Other Resources
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
30 commit(s) and 6 issue activity found in the last 90 days -- score normalized to 10
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
no binaries found in the repo
Reason
Found 18/21 approved changesets -- score normalized to 8
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/verify-pr.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify-pr.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/verify-pr.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-pr.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/verify-pr.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-pr.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/verify-pr.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify-pr.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/verify-pr.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-pr.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/verify-pr.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-pr.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/verify-pr.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/verify-pr.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/verify-pr.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-pr.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/verify-pr.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/verify-pr.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/ing-bank/lion/verify-pr.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/release.yml:30
- Warn: npmCommand not pinned by hash: .github/workflows/verify-pr.yml:24
- Warn: npmCommand not pinned by hash: .github/workflows/verify-pr.yml:46
- Warn: npmCommand not pinned by hash: .github/workflows/verify-pr.yml:72
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 5 third-party GitHubAction dependencies pinned
- Info: 0 out of 4 npmCommand dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 27 are checked with a SAST tool
Reason
26 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
- Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-r7jx-5m6m-cpg9
- Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-593f-38f6-jp5m
- Warn: Project is vulnerable to: GHSA-45rm-2893-5f49
- Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-p493-635q-r6gr
- Warn: Project is vulnerable to: GHSA-3965-hpx2-q597
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-gp95-ppv5-3jc5
- Warn: Project is vulnerable to: GHSA-54xq-cgqr-rpm3
- Warn: Project is vulnerable to: GHSA-pqhp-25j4-6hq9
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
4.6
/10
Last Scanned on 2025-02-10
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More