Gathering detailed insights and metrics for @luma.gl/shadertools
Gathering detailed insights and metrics for @luma.gl/shadertools
High-performance Toolkit for WebGL-based Data Visualization
Installations
npm install @luma.gl/shadertoolsDeveloper Guide
BETA
Typescript
Yes
Module System
ESM
Node Version
18.19.1
NPM Version
lerna/8.1.3/node@v18.19.1+x64 (linux)
Score
96.7
Supply Chain
75.3
Quality
97
Maintenance
100
Vulnerability
100
License
Releases
61
Contributors
64
Languages
7
TypeScript
JavaScript
HTML
MDX
WGSL
CSS
Shell
TypeScript (84.96%)
JavaScript (13.97%)
HTML (0.61%)
MDX (0.15%)
WGSL (0.13%)
CSS (0.12%)
Shell (0.07%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
2,333 Stars
2,266 Commits
215 Forks
1,526 Watching
39 Branches
64 Contributors
Maintainers
6
Package Meta Information
Latest Version
9.0.28
Package Id
@luma.gl/shadertools@9.0.28
Unpacked Size
1.46 MB
Size
313.21 kB
File Count
322
NPM Version
lerna/8.1.3/node@v18.19.1+x64 (linux)
Node Version
18.19.1
Publised On
11 Dec 2024
Total Downloads
Cumulative downloads
Total Downloads
0
Last day
0%
0
Compared to previous day
Last week
0%
0
Compared to previous week
Last month
0%
0
Compared to previous month
Last year
0%
0
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Peer Dependencies
1
Versions
@luma.gl/shadertools
This is the shader module system module for luma.gl.
See luma.gl for documentation.
No vulnerabilities found.
Reason
18 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Reason
security policy file detected
Details
- Info: security policy file detected: .github/SECURITY.md:1
- Info: Found linked content: .github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: .github/SECURITY.md:1
- Info: Found text in security policy: .github/SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
all dependencies are pinned
Details
- Info: 5 out of 5 GitHub-owned GitHubAction dependencies pinned
- Info: 5 out of 5 third-party GitHubAction dependencies pinned
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
Found 5/26 approved changesets -- score normalized to 1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:36
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/website.yml:30
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Warn: no topLevel permission defined: .github/workflows/website.yml:1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 28 are checked with a SAST tool
Reason
13 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Score
5.2
/10
Last Scanned on 2024-12-16
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More