npmpackage.info

Gathering detailed insights and metrics for @luminati-io/cheerio-select

@luminati-io/cheerio-select

CSS selector engine supporting jQuery selectors, based on css-select

1.5.0-lum.3

BSD-2-Clause

TypeScript

29.28 kB

8,996 6.5

Installations

npm install @luminati-io/cheerio-select

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Node Version

14.19.0

NPM Version

6.14.16 Score

70.1

Supply Chain

Quality

80.9

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

4

Total

909

Closed

83

Merged

822

Issues

Open

0

Total

9

Closed

9

Releases

v2.1.0

Published on 16 May 2022

v2.0.0

Published on 30 Apr 2022

v1.6.0

Published on 28 Mar 2022

v1.5.0

Published on 07 Jun 2021

v1.4.0

Published on 16 Apr 2021

v1.3.0

Published on 08 Apr 2021

View all 11 releases

Contributors

View all 5 contributors

Languages

TypeScript

TypeScript (100%)

Developer

cheeriojs

Download Statistics

Total Downloads

8,996

Last Day

Last Week

Last Month

Last Year

5,099

GitHub Statistics

20 Stars

877 Commits

8 Forks

6 Watching

5 Branches

5 Contributors

Bundle Size

92.71 kB

Minified

29.28 kB

Minified + Gzipped

Bundlephobia

Sponsor this package

https://github.com/sponsors/fb55

Maintainers

Package Meta Information

Latest Version

1.5.0-lum.3

Package Id

@luminati-io/cheerio-select@1.5.0-lum.3

Unpacked Size

21.77 kB

Size

6.96 kB

File Count

NPM Version

6.14.16

Node Version

14.19.0

Publised On

25 Jul 2023

Total Downloads

Cumulative downloads

Total Downloads

8,996

Last day

66.7%

Compared to previous day

Last week

Compared to previous week

Last month

-61%

Compared to previous month

Last year

30.8%

5,099

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

css-select css-what domelementtype domhandler domutils

Dev Dependencies

@types/jest @typescript-eslint/eslint-plugin @typescript-eslint/parser coveralls eslint eslint-config-prettier htmlparser2 jest prettier ts-jest typescript

Versions

cheerio-select

CSS selector engine supporting jQuery selectors, based on css-select.

Supports all jQuery positional pseudo-selectors:

:first
:last
:eq
:nth
:gt
:lt
:even
:odd
:not(:positional), where :positional is any of the above.

This library is a thin wrapper around css-select. Only use this module if you will actually use jQuery positional selectors.

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Maintained

Determines if the project is "actively maintained".

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

SAST

Determines if the project uses static code analysis.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

4

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 4

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/cheeriojs/cheerio-select/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/cheeriojs/cheerio-select/codeql-analysis.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/cheeriojs/cheerio-select/codeql-analysis.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependabot-automerge.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/cheeriojs/cheerio-select/dependabot-automerge.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/cheeriojs/cheerio-select/nodejs-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-test.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/cheeriojs/cheerio-select/nodejs-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-test.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/cheeriojs/cheerio-select/nodejs-test.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-test.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/cheeriojs/cheerio-select/nodejs-test.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs-test.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/cheeriojs/cheerio-select/nodejs-test.yml/master?enable=pin
Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 2 third-party GitHubAction dependencies pinned
Info: 2 out of 2 npmCommand dependencies pinned

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

Score

6.5

/10

Last Scanned on 2025-01-27

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More