npmpackage.info

Gathering detailed insights and metrics for @luigi-project/client-support-angular

Other packages similar to @luigi-project/client-support-angular

@luigi-project/testing-utilities

2.18.0

Luigi testing utilities for standalone testing of microfrontends

@luigi-project/client

2.18.0

Javascript library supporting consumers of the Luigi framework

@luigi-project/core

2.18.0

Javascript library supporting consumers of the Luigi framework

@luigi-project/plugin-auth-oidc

2.18.0

OpenID Connect provider plugin for @luigi-project/core

Gathering detailed insights and metrics for @luigi-project/client-support-angular

@luigi-project/client-support-angular

Micro frontend framework

2.18.0

834

Apache-2.0

JavaScript

288,334 5.7

Installations

npm install @luigi-project/client-support-angular

Pull Requests

Open

14

Total

2,459

Closed

351

Merged

2,094

Issues

Open

21

Total

1,544

Closed

1,523

Releases

127

v2.18.0

Published on 06 Nov 2024

container/v1.4.0

Published on 06 Nov 2024

v2.17.0

Published on 02 Oct 2024

v2.16.0

Published on 27 Sept 2024

v2.15.0

Published on 28 Aug 2024

container/v1.3.0

Published on 27 Aug 2024

View all 127 releases

Developer

SAP

Developer Guide

BETA

Module System

ESM

Min. Node Version

Typescript Support

No

Node Version

20.14.0

NPM Version

10.7.0 Statistics

834 Stars

2,257 Commits

172 Forks

19 Watching

64 Branches

650 Contributors

Updated on 27 Nov 2024

Languages

JavaScript (56.09%)

Svelte (16.31%)

HTML (11.89%)

TypeScript (9.99%)

SCSS (3.18%)

Shell (2.03%)

CSS (0.44%)

Vue (0.06%)

Total Downloads

Cumulative downloads

Total Downloads

288,334

Last day

-4.6%

334

Compared to previous day

Last week

-3.8%

2,684

Compared to previous week

Last month

60.6%

11,824

Compared to previous month

Last year

34.8%

102,169

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

tslib

Peer Dependencies

@angular/core @angular/common @luigi-project/client @luigi-project/testing-utilities

Versions

Luigi

Description

Luigi is a micro frontend JavaScript framework that enables you to create an administrative user interface driven by local and distributed views. Luigi allows a web application to communicate with the micro frontends which the application contains. To make sure the communication runs smoothly, you can easily configure the settings such as routing, navigation, authorization, and user experience elements.

Luigi consists of Luigi Core application and Luigi Client libraries. They establish secure communication between the core application and the micro frontend using postMessage API.

Read the Getting started guide to learn more about micro frontends and the structure of Luigi.

Requirements

Luigi can run on any operating system and there are no specific requirements for installing it.

Download and installation

Follow the instructions in this document to install Luigi Core. Read this document to install the Luigi Client.

Usage

Examples

View the application examples to explore Luigi's features.

Go to the Luigi Fiddle site to see Luigi in action and configure a sample application.

Documentation

For details, see Luigi documentation.

Development

Development guidelines for micro frontend developers

For security reasons, follow these guidelines when developing a micro frontend:

Make the micro frontend accessible only through HTTPS.
Add Content Security Policies (CSPs).
Make the Access-Control-Allow-Origin HTTP header as restrictive as possible.
Maintain an allowlist with trusted domains and compare it with the origin of the Luigi Core application. The origin will be passed when you call the init listener in your micro frontend. Stop further processing if the origin does not match.

NOTE: Luigi follows these sandbox rules for iframes.

Code formatting for contributors

All projects in the repository use Prettier to format source code. Run the npm install command in the root folder to install it along with husky, the Git hooks manager. Both tools ensure proper codebase formatting before committing it.

Unit tests

To ensure that existing features still work as expected after your changes, run unit tests using the npm run test command in the core folder.

E2E tests

To ensure that existing features still work as expected after your changes, you need to run UI tests from the Angular example application. Before running the tests, you need to start our two test applications:

Start the Angular example application by using the npm start command in the application folder.
Start the js test application by using the npm run dev command in the application folder.

Once the applications are ready:

Run npm run e2e:open in the test/e2e-test-application folder to start tests in the interactive mode.
Run npm run e2e:run in the test/e2e-test-application folder to start tests in the headless browser.

Backward compatibility tests

Use these tests to ensure that applications written for previous versions of Luigi still work after Luigi gets updated with npm. Before running the tests, bundle Luigi by running npm run bundle in the main repository folder.

Install jq using the brew install jq command. It is required for the script to work, however, you can omit it if the command you are using to run your tests is tagged latest.

Run npm run test:compatibility in the main repository folder to start regression testing. The system will prompt you to select the previous version.
Run npm run test:compatibility -- --tag latest in the main repository folder to start regression testing with the last version preselected.
On the CI, run npm run test:compatibility -- --install --tag latest in the main repository folder to install dependencies, bundle Luigi and run the tests with the last version preselected.

How to obtain support

If you have further questions about Luigi, you can check the GitHub Discussions page or contact us on our Slack channel. If you find a specific problem or bug, you can also open a GitHub issue on our repository. Please describe the problem and the steps to reproduce it in your issue.

Contributing

Please refer to the CONTRIBUTING.md file in this repository for instructions on how to contribute to Luigi.

Licensing

Please see our LICENSE for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available via the REUSE tool.

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Maintained

Determines if the project is "actively maintained".

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Security-Policy

Determines if the project has published a security policy.

2

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 2

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auth-oidc-pkce-plugin-release.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/auth-oidc-pkce-plugin-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auth-oidc-pkce-plugin-release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/auth-oidc-pkce-plugin-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auth-oidc-pkce-plugin-release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/auth-oidc-pkce-plugin-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checkmarx.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/checkmarx.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code_checks.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/code_checks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code_checks.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/code_checks.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/compatibility.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/compatibility.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/compatibility.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/compatibility.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/compatibility.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/compatibility.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/container-release.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/container-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/container-release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/container-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/container-release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/container-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/luigi-client-support-ui5-release.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/luigi-client-support-ui5-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/luigi-client-support-ui5-release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/luigi-client-support-ui5-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/luigi-client-support-ui5-release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/luigi-client-support-ui5-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mend.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/mend.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mend.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/mend.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mend.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/mend.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-release.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/nightly-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-release.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/nightly-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nightly-release.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/nightly-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepare.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/prepare.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepare.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/prepare.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/prepare.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/prepare.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_cra.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/publish_cra.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_cra.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/publish_cra.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rc-release.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/rc-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rc-release.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/rc-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rc-release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/rc-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/setupScripts.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/setupScripts.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:109: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/SAP/luigi/test.yml/main?enable=pin
Warn: npmCommand not pinned by hash: scripts/setup/angular.sh:16
Warn: npmCommand not pinned by hash: scripts/setup/no-framework.sh:20
Warn: npmCommand not pinned by hash: scripts/setup/openui5.sh:46
Warn: npmCommand not pinned by hash: scripts/setup/react.sh:19
Warn: npmCommand not pinned by hash: scripts/setup/react.sh:20
Warn: npmCommand not pinned by hash: scripts/setup/react.sh:71
Warn: npmCommand not pinned by hash: scripts/setup/vue.sh:23
Warn: npmCommand not pinned by hash: scripts/shared/bashHelpers.sh:34
Warn: npmCommand not pinned by hash: scripts/testCompatibility.sh:184
Warn: npmCommand not pinned by hash: test/setuptests.sh:44
Warn: npmCommand not pinned by hash: website/landingpage/build.sh:6
Warn: npmCommand not pinned by hash: .github/workflows/code_checks.yml:24
Warn: npmCommand not pinned by hash: .github/workflows/mend.yml:28
Warn: npmCommand not pinned by hash: .github/workflows/mend.yml:29
Warn: npmCommand not pinned by hash: .github/workflows/test.yml:54
Warn: npmCommand not pinned by hash: .github/workflows/test.yml:55
Warn: npmCommand not pinned by hash: .github/workflows/test.yml:118
Info: 0 out of 56 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 1 third-party GitHubAction dependencies pinned
Info: 10 out of 27 npmCommand dependencies pinned

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

40 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-c75v-2vq8-878f
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-7q7g-4xm8-89cq
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-8266-84wp-wv5c
Warn: Project is vulnerable to: GHSA-28mc-g557-92m7
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-xwcq-pm8m-c4vf
Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
Warn: Project is vulnerable to: GHSA-qhv9-728r-6jqg
Warn: Project is vulnerable to: GHSA-g7q5-pjjr-gqvp
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-mh2x-fcqh-fmqv
Warn: Project is vulnerable to: GHSA-rjjv-87mx-6x3h
Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj

Score

5.7

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More