Gathering detailed insights and metrics for @nguniversal/builders
Gathering detailed insights and metrics for @nguniversal/builders
Server-side rendering and Prerendering for Angular
Installations
npm install @nguniversal/buildersDeveloper
angular
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
^16.14.0 || >=18.10.0
Typescript Support
No
Node Version
18.16.1
NPM Version
9.5.1
Statistics
4,040 Stars
3,191 Commits
484 Forks
144 Watching
21 Branches
112 Contributors
Updated on 27 Nov 2024
Languages
TypeScript (78.44%)
Starlark (9.98%)
JavaScript (6.74%)
Shell (3.77%)
HTML (0.79%)
CSS (0.28%)
Total Downloads
Cumulative downloads
Total Downloads
18,492,260
Last day
9.1%
8,884
Compared to previous day
Last week
3.6%
47,027
Compared to previous week
Last month
-5.1%
203,294
Compared to previous month
Last year
-45%
3,541,689
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
Angular Universal
Angular Universal was a project to expand on the core APIs from Angular (platform-server) to enable developers to do server side rendering of Angular applications in a variety of scenarios.
This repository has been merged into the Angular CLI repo
In version 17, Universal has been moved into the
Angular CLI repo. Code has been
refactored and renamed (mostly under
@angular/ssr
now), but the core functionality and architecture is unchanged.
Universal features such as server-side rendering and build-time prerendering are now directly supported in Angular CLI and do not require a separate integration with Universal.
As a result, this repository is effectively in maintenance mode and is no longer accepting contributions. Improvements to Angular's SSR/prerendering tooling should be made against the CLI repo directly. Universal versions under long-term support (LTS) are still maintained by the Angular team and will continue to receive security fixes until they fall out of LTS.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
29 out of 29 merged PRs checked by a CI test -- score normalized to 10
Reason
all changesets reviewed
Reason
64 different organizations found -- score normalized to 10
Details
- Info: contributors work for AngularAir,AngularClass,AngularShow,Azure,FACTORYX,Green-Software-Foundation,Jasig,MicrosoftCopilot,MicrosoftDocs,MicrosoftWHATWGContributors,NodeProgram,ReactWeek,RedditInsight,TrilonIO,angular,angular-klingon,angularjs-in-action,awesome-sauce-xyz,compodoc,deployd,everything-registry,gethuman,google,googlers,hackreactor,helperbots,hizenapp,karma-runner,keychain,maintainers,mend,microsoft,monsoonco,nestjs,newlinedotco,ng-bootstrap,ng-cruise,ng-newsletter,ng-packagr,nguniversal,ngxtools,nitro-stack,nko4,nrwl,nrwl.io,onespeed-io,open source,rectanglepodcast-com,rome-community,storybookjs,thundr-dev,trilonio co-founder,typed-typings,typings,ui-router,uniform-team,videogular,vue-software,w3c,wasmbinaries,webcomponents,webpack,xlayers,yecombinator
Reason
no dangerous workflow patterns detected
Reason
update tool detected
Details
- Info: tool 'RenovateBot' is used: renovate.json:1
- Warn: tool 'Dependabot' is not used: Follow the instructions from https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates. (Low effort)
- Warn: tool 'PyUp' is not used: Follow the instructions from https://docs.pyup.io/docs. (Low effort)
- Warn: tool 'Sonatype Lift' is not used: Follow the instructions from https://help.sonatype.com/lift/getting-started. (Low effort)
Reason
license file detected
Details
- Info: License file found in expected location: LICENSE:1
- Info: FSF or OSI recognized license: LICENSE:1
Reason
all dependencies are pinned
Details
- Info: GitHub-owned GitHubActions are pinned
- Info: Third-party GitHubActions are pinned
- Info: Dockerfile dependencies are pinned
- Info: no insecure (not pinned by hash) dependency downloads found in Dockerfiles
- Info: no insecure (not pinned by hash) dependency downloads found in shell scripts
- Info: Pip installs are pinned
Reason
security policy file detected
Details
- Info: Found linked content in security policy: SECURITY.md
- Info: Found text in security policy: SECURITY.md
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md
- Info: security policy detected in current repo: SECURITY.md
Reason
tokens are read-only in GitHub workflows
Details
- Info: topLevel 'contents' permission set to 'read': .github/workflows/dev-infra.yml:9
- Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:11
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecard.yml:18
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecard.yml:19
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Reason
0 commit(s) out of 30 and 0 issue activity out of 30 found in the last 90 days -- score normalized to 0
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
- Warn: CodeQL tool not detected
Reason
12 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-92r3-m2mg-pj97
- Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
6.8
/10
Last Scanned on 2024-03-17T02:10:28Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More