Gathering detailed insights and metrics for @midwayjs/info
Gathering detailed insights and metrics for @midwayjs/info
Installations
npm install @midwayjs/infoDeveloper
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>=12
Typescript Support
No
Node Version
18.20.4
NPM Version
lerna/7.4.2/node@v18.20.4+arm64 (darwin)
Statistics
7,410 Stars
4,005 Commits
576 Forks
102 Watching
35 Branches
169 Contributors
Updated on 28 Nov 2024
Languages
TypeScript (62.11%)
Shell (34.71%)
JavaScript (3%)
CSS (0.16%)
HTML (0.03%)
Total Downloads
Cumulative downloads
Total Downloads
110,131
Last day
39%
139
Compared to previous day
Last week
52.5%
932
Compared to previous week
Last month
10.6%
4,004
Compared to previous month
Last year
49.8%
49,560
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
Midway - 一个面向未来的云端一体 Node.js 框架
English | 简体中文
资源
特性
- 🐘 全功能:支持 Web 应用/Serverless/FaaS/微服务/小程序后端等多种场景,基于装饰器和依赖注入开发企业级应用
- 🐦 前端集成:全新的云端一体应用研发体验,零 API 调用,使用 "React Hooks " 风格一体研发
- 🐴 跨平台:支持部署至普通 Server 或 Serverless/FaaS 环境
- 🐶 扩展:组件化扩展能力,另外支持使用 Koa/Express/Egg.js 生态插件
- 🐂 示例: 官方提供多种场景的示例代码,方便开发者快速上手
- 🛡 TypeScript 全面支持
描述
Midway 是一个适用于构建 Serverless 服务,传统应用、微服务,小程序后端的 Node.js 框架。
Midway 可以使用 Koa,Express 或 Egg.js 作为基础 Web 框架。它还提供了独立使用的基本解决方案,例如 Socket.io,GRPC,Dubbo.js 和 RabbitMQ 等。
此外,Midway 也适用于前端/全栈开发人员的 Node.js 无服务器框架。构建下一个十年的应用程序。可在 AWS,阿里云,腾讯云和传统 VM /容器上运行。与 React 和 Vue 轻松集成。 🌈
Demo
使用装饰器开发 Web 应用
1import { Controller, Get, Provide } from '@midwayjs/decorator'; 2 3@Provide() 4@Controller('/') 5export class HomeController { 6 7 @Get('/') 8 async home() { 9 return `Welcome to midwayjs!`; 10 } 11}
使用函数开发全栈应用
后端代码 src/apis/lambda/index.ts
1import { 2 Api, 3 Get, 4 Query, 5 useContext, 6} from '@midwayjs/hooks'; 7 8export default Api( 9 Get(), 10 Query<{ 11 page: string; 12 limit: string; 13 }>(), 14 async () => { 15 const ctx = useContext(); 16 return { 17 page: ctx.query.page, 18 limit: ctx.query.limit, 19 }; 20 } 21);
前端调用 src/page/index.tsx
1import getArticles from './api'; 2const response = await getArticles({ 3 query: { page: '0', limit: '10' }, 4}); 5console.log(response); // { page: '0', limit: '10' }
手动调用
1fetch('/api/articles?page=0&limit=10') 2 .then((res) => res.json()) 3 .then((res) => console.log(res)); // { page: '0', limit: '10' }
快速上手
1$ npm -v 2 3## 选择模版 4$ npm init midway 5 6## 进入项目路径 7cd my_midway_app && npm run dev
文档和社区
社区优秀示例展示
1、Cool-Admin - 一个很酷的后台权限管理框架
VSC Plugin
答疑
群里会有热心的朋友,也会有新版本发布推送。
贡献
请告知我们可以为你做些什么,不过在此之前,请检查一下是否有 已经存在的Bug或者意见。
如果你是一个代码贡献者,请参考代码贡献规范。
谁在使用
你也想加 Logo ?可以点击 这里 添加。
License
我们的代码使用 MIT 协议,请放心使用。
No vulnerabilities found.
Reason
30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
no binaries found in the repo
Reason
Found 4/23 approved changesets -- score normalized to 1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/benchmark.yml:1
- Warn: no topLevel permission defined: .github/workflows/nodejs.yml:1
- Warn: no topLevel permission defined: .github/workflows/precheck.yml:1
- Warn: no topLevel permission defined: .github/workflows/presite.yml:1
- Warn: no topLevel permission defined: .github/workflows/site.yml:1
- Info: no jobLevel write permissions found
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 26 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/benchmark.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/benchmark.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmark.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/benchmark.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/lock.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/precheck.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/precheck.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/precheck.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/precheck.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/precheck.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/precheck.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/presite.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/presite.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/presite.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/presite.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/site.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/site.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/site.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/site.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/site.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/site.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/site.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/site.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/site.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/midwayjs/midway/site.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: benchmark/ready.sh:5
- Warn: npmCommand not pinned by hash: benchmark/ready.sh:15
- Warn: npmCommand not pinned by hash: scripts/install_npm.sh:10
- Warn: npmCommand not pinned by hash: .github/workflows/benchmark.yml:49
- Warn: npmCommand not pinned by hash: .github/workflows/benchmark.yml:51
- Warn: npmCommand not pinned by hash: .github/workflows/nodejs.yml:99
- Warn: npmCommand not pinned by hash: .github/workflows/nodejs.yml:99
- Warn: npmCommand not pinned by hash: .github/workflows/precheck.yml:89
- Warn: npmCommand not pinned by hash: .github/workflows/presite.yml:28
- Warn: npmCommand not pinned by hash: .github/workflows/presite.yml:30
- Warn: npmCommand not pinned by hash: .github/workflows/site.yml:28
- Info: 0 out of 11 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 7 third-party GitHubAction dependencies pinned
- Info: 0 out of 11 npmCommand dependencies pinned
Reason
32 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
- Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-325j-24f4-qv5x
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
3.9
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More