Installations
npm install @mui/envinfoScore
54.6
Supply Chain
72.7
Quality
97.4
Maintenance
100
Vulnerability
100
License
Developer
Developer Guide
Module System
Unable to determine the module system for this package.
Min. Node Version
Typescript Support
No
Node Version
20.9.0
NPM Version
10.1.0
Statistics
94,072 Stars
25,969 Commits
32,327 Forks
1,338 Watching
25 Branches
2,990 Contributors
Updated on 29 Nov 2024
Languages
TypeScript (55.75%)
JavaScript (44.06%)
CSS (0.17%)
HTML (0.02%)
Total Downloads
Cumulative downloads
Total Downloads
41,027
Last day
23.9%
83
Compared to previous day
Last week
17%
488
Compared to previous week
Last month
8.8%
2,107
Compared to previous month
Last year
47.4%
17,191
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
3
Material UI
Material UI is a comprehensive library of React components that features our independent implementation of Google's Material Design system. It's trusted by some of the world's greatest product teams because it's been rigorously battle-tested through more than a decade of development by thousands of open-source contributors.
Material UI's core functionality is extended by MUI X, a suite of complex components for advanced use cases. Toolpad builds on top of Material UI to provide full-stack components and a low-code internal tool builder.
Documentation
Get started in the Material UI documentation.
Older versions
Note: @next points to pre-releases.
Use @latest for the latest stable release.
Joy UI
This repository also contains Joy UI, an experimental component library that implements our own in-house Joy Design. Joy UI is in beta and development is currently on hold. When starting a new project from scratch, we recommend Material UI over Joy UI because we can guarantee ongoing support.
Keep in mind that the maintainers are primarily focused on other projects and may not be able to respond in a timely manner to issues or pull requests related to Joy UI.
View the Joy UI documentation.
Sponsors
Diamond 💎
Diamond sponsors are those who have pledged $1,500/month or more to MUI.
Gold 🏆
via Open Collective or via Patreon
MegaFamous
Goread.io
Buzzoid
Twicsy
Views4You
Poprey
Gold sponsors are those who have pledged $500/month or more to MUI.
More backers
See the full list of our backers.
Questions
For how-to questions that don't involve making changes to the code base, please use Stack Overflow instead of GitHub issues.
Examples
Our documentation features a collection of example projects.
Premium templates
You can find complete templates and themes in the MUI Store.
Contributing
Read the contributing guide to learn about our development process, how to propose bug fixes and improvements, and how to build and test your changes.
Contributing is about more than just issues and pull requests! There are many other ways to support Material UI beyond contributing to the code base.
Changelog
The changelog is regularly updated to reflect what's changed in each new release.
Roadmap
Future plans and high-priority features and enhancements can be found in the roadmap.
License
This project is licensed under the terms of the MIT license.
Security
For details on supported versions and contact information for reporting security issues, please refer to the security policy.
Sponsoring services
These great services sponsor MUI's core infrastructure:
GitHub lets us host the Git repository and coordinate contributions.
Netlify lets us distribute the documentation.
BrowserStack lets us test in real browsers.
CodeCov lets us monitor test coverage.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
29 out of 29 merged PRs checked by a CI test -- score normalized to 10
Reason
project has 33 contributing companies or organizations
Details
- Info: zed-industries contributor org/company found, pabloengine contributor org/company found, state-machines contributor org/company found, nodejs contributor org/company found, react-native-community contributor org/company found, typescript-cheatsheets contributor org/company found, Treeshakers contributor org/company found, A11yance contributor org/company found, lob contributor org/company found, yarnplugins contributor org/company found, adia-technology contributor org/company found, typed-typings contributor org/company found, calcom contributor org/company found, yarnpkg contributor org/company found, testing-library contributor org/company found, pretur contributor org/company found, alienfast contributor org/company found, cssinjs contributor org/company found, jalaali contributor org/company found, lightsourceai contributor org/company found, instacart contributor org/company found, mui contributor org/company found, LightSourceAI contributor org/company found, reactiran contributor org/company found, webpack contributor org/company found, openfoodfacts contributor org/company found, mui-org contributor org/company found, underjs contributor org/company found, vercel contributor org/company found, emikra contributor org/company found, storybookjs contributor org/company found, goose-duck contributor org/company found, cefsharp contributor org/company found,
Reason
no dangerous workflow patterns detected
Reason
update tool detected
Details
- Info: detected update tool: RenovateBot: renovate.json:1
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
30 commit(s) and 22 issue activity found in the last 90 days -- score normalized to 10
Reason
all dependencies are pinned
Details
- Info: 12 out of 12 GitHub-owned GitHubAction dependencies pinned
- Info: 12 out of 12 third-party GitHubAction dependencies pinned
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/check-if-pr-has-label.yml:14
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/closed-issue-message.yml:17
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:14
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:15
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/create-cherry-pick-pr.yml:17
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/maintenance.yml:27
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/mark-duplicate.yml:13
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/no-response.yml:22
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecards.yml:20
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecards.yml:21
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/support-stackoverflow.yml:14
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/vale-action.yml:12
- Info: found token with 'none' permissions: .github/workflows/check-if-pr-has-label.yml:1
- Info: found token with 'none' permissions: .github/workflows/ci-check.yml:1
- Info: found token with 'none' permissions: .github/workflows/ci.yml:1
- Info: found token with 'none' permissions: .github/workflows/closed-issue-message.yml:1
- Info: found token with 'none' permissions: .github/workflows/codeql.yml:1
- Info: found token with 'none' permissions: .github/workflows/create-cherry-pick-pr.yml:1
- Info: found token with 'none' permissions: .github/workflows/ensure-triage-label.yml:1
- Info: found token with 'none' permissions: .github/workflows/issue-cleanup.yml:1
- Info: found token with 'none' permissions: .github/workflows/maintenance.yml:1
- Info: found token with 'none' permissions: .github/workflows/mark-duplicate.yml:1
- Info: found token with 'none' permissions: .github/workflows/no-response.yml:1
- Info: found token with 'none' permissions: .github/workflows/priority-support-validation-prompt.yml:1
- Info: found token with 'none' permissions: .github/workflows/publish-canaries.yml:1
- Info: found token with 'none' permissions: .github/workflows/scorecards.yml:1
- Info: found token with 'none' permissions: .github/workflows/support-stackoverflow.yml:1
- Info: found token with 'none' permissions: .github/workflows/vale-action.yml:1
Reason
Found 23/24 approved changesets -- score normalized to 9
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 29 are checked with a SAST tool
Reason
badge detected: Passing
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'master'
- Info: 'force pushes' disabled on branch 'master'
- Warn: 'branch protection settings apply to administrators' is disable on branch 'master'
- Warn: 'stale review dismissal' is disable on branch 'master'
- Warn: required approving review count is 1 on branch 'master'
- Warn: codeowners review is not required on branch 'master'
- Warn: 'last push approval' is disable on branch 'master'
- Warn: 'up-to-date branches' is disable on branch 'master'
- Info: status check found to merge onto on branch 'master'
- Info: PRs are required in order to make changes on branch 'master'
Reason
7 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
8
/10
Last Scanned on 2024-11-29T02:28:39Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More