Gathering detailed insights and metrics for @mole-inc/bin-wrapper
Gathering detailed insights and metrics for @mole-inc/bin-wrapper
Binary wrapper that makes your programs seamlessly available as local dependencies
Installations
npm install @mole-inc/bin-wrapperDeveloper Guide
BETA
Typescript
No
Module System
ESM
Min. Node Version
^12.20.0 || ^14.13.1 || >=16.0.0
Node Version
18.12.1
NPM Version
9.1.2
Releases
Unable to fetch releases
Languages
2
JavaScript
Shell
JavaScript (98.75%)
Shell (1.25%)
Developer
mole-inc
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
2 Stars
223 Commits
2 Forks
1 Branches
Updated on Mar 20, 2023
Maintainers
1
Package Meta Information
Latest Version
8.0.1
Package Id
@mole-inc/bin-wrapper@8.0.1
Unpacked Size
815.19 kB
Size
180.95 kB
File Count
5
NPM Version
9.1.2
Node Version
18.12.1
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
8
bin-wrapper 
Binary wrapper that makes your programs seamlessly available as local dependencies
Install
$ npm install @mole-inc/bin-wrapper
Usage
1import {BinWrapper} from '@mole-inc/bin-wrapper'; 2 3const base = 'https://github.com/imagemin/gifsicle-bin/raw/master/vendor'; 4const bin = new BinWrapper() 5 .src(`${base}/macos/gifsicle`, 'darwin') 6 .src(`${base}/linux/x64/gifsicle`, 'linux', 'x64') 7 .src(`${base}/win/x64/gifsicle.exe`, 'win32', 'x64') 8 .dest(path.join('vendor')) 9 .use(process.platform === 'win32' ? 'gifsicle.exe' : 'gifsicle') 10 .version('>=1.71'); 11 12(async () => { 13 await bin.run(['--version']); 14 console.log('gifsicle is working'); 15})();
Get the path to your binary with bin.path:
1console.log(bin.path); 2//=> 'path/to/vendor/gifsicle'
if you have the requested binary installed globally, this one will be used instead (if everything works)
API
new BinWrapper(options)
Creates a new BinWrapper instance.
options
Type: Object
skipCheck
Type: boolean
Default: false
Whether to skip the binary check or not.
filename
Type: string
Default: undefined
Set the binary filename.
gotOptions
Type: object
Default: undefined
Any of the https.request options.
https://github.com/sindresorhus/got/tree/v11#options
.src(url, [os], [arch])
Adds a source to download.
url
Type: string
Accepts a URL pointing to a file to download.
os
Type: string
Tie the source to a specific OS.
arch
Type: string
Tie the source to a specific arch.
.dest(destination)
destination
Type: string
Accepts a path which the files will be downloaded to.
.use(binary)
binary
Type: string
Define which file to use as the binary.
.path
Returns the full path to your binary.
.version(range)
range
Type: string
Define a semver range to check the binary against.
.run([arguments])
Runs the search for the binary. If no binary is found it will download the file
using the URL provided in .src().
arguments
Type: Array
Default: ['--version']
Command to run the binary with. If it exits with code 0 it means that the
binary is working.
License
This is a fork of kevva/bin-wrapper.
see LICENSE file.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: license:0
- Info: FSF or OSI recognized license: MIT License: license:0
Reason
binaries present in source code
Details
- Warn: binary detected: fixtures/linux/x64/gifsicle:1
- Warn: binary detected: fixtures/macos/gifsicle:1
- Warn: binary detected: fixtures/win/x64/gifsicle.exe:1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/nodejs.yml:1
- Info: no jobLevel write permissions found
Reason
Found 1/20 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/mole-inc/bin-wrapper/nodejs.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/mole-inc/bin-wrapper/nodejs.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/mole-inc/bin-wrapper/nodejs.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/mole-inc/bin-wrapper/nodejs.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/mole-inc/bin-wrapper/nodejs.yml/master?enable=pin
- Info: 0 out of 3 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 16 are checked with a SAST tool
Reason
10 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
2.4
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More