Gathering detailed insights and metrics for @molin.ai/rebrowser-cloudflare-puppeteer-core
Gathering detailed insights and metrics for @molin.ai/rebrowser-cloudflare-puppeteer-core
Puppeteer Core fork that works with Cloudflare Browser Workers
Installations
npm install @molin.ai/rebrowser-cloudflare-puppeteer-coreDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS, ESM
Min. Node Version
>=18
Node Version
24.2.0
NPM Version
11.3.0
Releases
14
Languages
7
TypeScript
JavaScript
HTML
CSS
MDX
Dockerfile
Shell
TypeScript (91.96%)
JavaScript (6.14%)
HTML (1.38%)
CSS (0.28%)
MDX (0.14%)
Dockerfile (0.08%)
Shell (0.02%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
Apache-2.0 License
332 Stars
4,940 Commits
33 Forks
15 Watchers
66 Branches
94 Contributors
Updated on Jul 11, 2025
Maintainers
2
Package Meta Information
Latest Version
1.0.7
Package Id
@molin.ai/rebrowser-cloudflare-puppeteer-core@1.0.7
Unpacked Size
2.92 MB
Size
601.42 kB
File Count
702
NPM Version
11.3.0
Node Version
24.2.0
Published on
Jun 23, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
4
Dev Dependencies
7
Puppeteer fork
Forked from @cloudflare/puppeteer with rebrowser patches applied.
Development
1npm install 2npm run build 3npm install # run again after build to install browser binaries
Testing
1npm run test:chrome:shell # no need to run all tests
Publishing
1npm install 2npm run build 3npm install # run again after build to install browser binaries 4./rebrowser/apply_patch.sh ./rebrowser/patches/lib-v22.8.2.patch 5cd packages/puppeteer-core 6npm version patch 7npm publish
Upstreams
- https://github.com/cloudflare/puppeteer/blob/86d176c1d94affde1a934df7523b8efd5cab501b/README.md direct fork of this commit
- https://github.com/puppeteer/puppeteer/releases/tag/puppeteer-v22.8.2 CF forked this
- https://github.com/rebrowser/rebrowser-patches/blob/f3123e2743abc3e773711a01b794900af1cb2b55/patches/puppeteer-core/lib.patch rebrowser patches version
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
3 out of 3 merged PRs checked by a CI test -- score normalized to 10
Reason
project has 47 contributing companies or organizations
Details
- Info: google chrome ♥z contributor org/company found, 60devs contributor org/company found, v8 contributor org/company found, bestiejs contributor org/company found, mozilla contributor org/company found, jquery contributor org/company found, yeoman contributor org/company found, DeveloperToolsWG contributor org/company found, GoogleChrome contributor org/company found, ChromeDevTools contributor org/company found, tibiamaps contributor org/company found, wix contributor org/company found, ot-crew contributor org/company found, h5bp contributor org/company found, ctfs contributor org/company found, diveintomark contributor org/company found, html5rocks contributor org/company found, sass contributor org/company found, jshint contributor org/company found, degulabs contributor org/company found, googlers contributor org/company found, whatwg contributor org/company found, GoogleCloudPlatform contributor org/company found, firefox-devtools contributor org/company found, iRail contributor org/company found, puppeteer contributor org/company found, unicode-org contributor org/company found, so-fancy contributor org/company found, yarnpkg contributor org/company found, bower contributor org/company found, Heisenbergjs contributor org/company found, google contributor org/company found, GoogleChromeLabs contributor org/company found, robinhood contributor org/company found, rustdresden contributor org/company found, Modernizr contributor org/company found, w3c contributor org/company found, robohornet contributor org/company found, chromium contributor org/company found, tc39 contributor org/company found, components contributor org/company found, hardkoded contributor org/company found, microsoft contributor org/company found, source-map contributor org/company found, catapult-project contributor org/company found, oftn-oswg contributor org/company found, cloudflare contributor org/company found,
Reason
no dangerous workflow patterns detected
Reason
update tool detected
Details
- Info: detected update tool: Dependabot: .github/dependabot.yml:1
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy
- Info: Found text in security policy: SECURITY.md:1
Reason
dependency not pinned by hash detected -- score normalized to 8
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:200
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:115
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deflake.yml:65
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deflake.yml:108
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:15
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:17
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/semgrep.yml:23
- Warn: npmCommand not pinned by hash: docker/Dockerfile:28-30
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:268
- Warn: npmCommand not pinned by hash: .github/workflows/devtools.yml:69
- Warn: npmCommand not pinned by hash: .github/workflows/pre-release.yml:69
- Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:22
- Info: 40 out of 47 GitHub-owned GitHubAction dependencies pinned
- Info: 11 out of 11 third-party GitHubAction dependencies pinned
- Info: 1 out of 1 containerImage dependencies pinned
- Info: 11 out of 16 npmCommand dependencies pinned
Reason
Found 2/5 approved changesets -- score normalized to 4
Reason
2 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 1
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 2 commits out of 28 are checked with a SAST tool
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'actions' permission set to 'write': .github/workflows/clear-caches.yml:15
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish.yml:12
- Info: topLevel permissions set to 'read-all': .github/workflows/canary.yml:4
- Info: topLevel permissions set to 'read-all': .github/workflows/changed-packages.yml:3
- Info: topLevel permissions set to 'read-all': .github/workflows/ci.yml:4
- Info: topLevel permissions set to 'read-all': .github/workflows/clear-caches.yml:9
- Info: topLevel permissions set to 'read-all': .github/workflows/deflake.yml:4
- Info: topLevel permissions set to 'read-all': .github/workflows/devtools.yml:4
- Info: topLevel permissions set to 'read-all': .github/workflows/issue-analyzer.yml:3
- Info: topLevel permissions set to 'read-all': .github/workflows/pre-release.yml:3
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Info: topLevel permissions set to 'read-all': .github/workflows/scorecards-analysis.yml:18
- Warn: no topLevel permission defined: .github/workflows/semgrep.yml:1
- Info: topLevel permissions set to 'read-all': .github/workflows/stale.yml:8
Reason
41 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
- Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x
- Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
- Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
- Warn: Project is vulnerable to: GHSA-9crc-q9x8-hgqq
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-f7f6-9jq7-3rqj
- Warn: Project is vulnerable to: GHSA-mf6x-hrgr-658f
- Warn: Project is vulnerable to: GHSA-xrh7-m5pp-39r6
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
- Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
- Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
- Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
Score
4.8
/10
Last Scanned on 2025-07-09T22:43:50Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More