Installations
npm install @node-rs/xxhash-linux-arm64-gnuReleases
244
@node-rs/jieba@2.0.0
@node-rs/jieba@2.0.0
Published on 27 Oct 2024
@node-rs/jsonwebtoken@0.5.8
@node-rs/jsonwebtoken@0.5.8
Published on 27 Oct 2024
@node-rs/xxhash@1.7.5
@node-rs/xxhash@1.7.5
Published on 27 Oct 2024
@node-rs/bcrypt@1.10.6
@node-rs/bcrypt@1.10.6
Published on 27 Oct 2024
@node-rs/argon2@2.0.1
@node-rs/argon2@2.0.1
Published on 27 Oct 2024
@node-rs/crc32@1.10.5
@node-rs/crc32@1.10.5
Published on 27 Oct 2024
Developer
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>= 12
Typescript Support
No
Node Version
20.18.0
NPM Version
10.8.2
Statistics
1,155 Stars
999 Commits
34 Forks
10 Watching
13 Branches
16 Contributors
Updated on 26 Nov 2024
Languages
Rust (52.45%)
TypeScript (29.81%)
JavaScript (17.67%)
Shell (0.07%)
Total Downloads
Cumulative downloads
Total Downloads
4,855,662
Last day
-31.5%
6,649
Compared to previous day
Last week
-0.3%
49,299
Compared to previous week
Last month
-5.2%
208,185
Compared to previous month
Last year
78.8%
2,535,610
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
No dependencies detected.
Versions
node-rs
When Node.js meet Rust = 🚀
napi-rs
Make rust crates binding to Node.js use napi-rs
Playground: https://node-rs.dev
Packages
| Package | Version | Downloads | Description |
|---|---|---|---|
@node-rs/crc32 |  |  | Fastest CRC32 implementation using SIMD |
@node-rs/jieba |  |  | jieba-rs binding |
@node-rs/bcrypt |  |  | Fastest bcrypt implementation |
@node-rs/xxhash |  |  | xxhash-rust Node.js binding |
@node-rs/argon2 |  |  | argon2 binding for Node.js. |
@node-rs/jsonwebtoken |  |  | jsonwebtoken binding for Node.js. |
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
0 existing vulnerabilities detected
Reason
Found 2/21 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/ci.yaml:9
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:305: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:310: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:320: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:392: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:395: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:412: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:426: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:444: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:447: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:470: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:476: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:346: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:349: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:358: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:375: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:497: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:506: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:523: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:529: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:548: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:556: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:573: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:579: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:598: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:599: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:606: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:191: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:216: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:224: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:235: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:238: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:278: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:638: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:641: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:650: update your workflow using https://app.stepsecurity.io/secureworkflow/napi-rs/node-rs/ci.yaml/main?enable=pin
- Info: 0 out of 34 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 10 third-party GitHubAction dependencies pinned
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact @node-rs/xxhash@1.7.5 not signed: https://api.github.com/repos/napi-rs/node-rs/releases/182121681
- Warn: release artifact @node-rs/jsonwebtoken@0.5.8 not signed: https://api.github.com/repos/napi-rs/node-rs/releases/182121788
- Warn: release artifact @node-rs/jieba@2.0.0 not signed: https://api.github.com/repos/napi-rs/node-rs/releases/182121885
- Warn: release artifact @node-rs/crc32@1.10.5 not signed: https://api.github.com/repos/napi-rs/node-rs/releases/182121705
- Warn: release artifact @node-rs/bcrypt@1.10.6 not signed: https://api.github.com/repos/napi-rs/node-rs/releases/182121767
- Warn: release artifact @node-rs/xxhash@1.7.5 does not have provenance: https://api.github.com/repos/napi-rs/node-rs/releases/182121681
- Warn: release artifact @node-rs/jsonwebtoken@0.5.8 does not have provenance: https://api.github.com/repos/napi-rs/node-rs/releases/182121788
- Warn: release artifact @node-rs/jieba@2.0.0 does not have provenance: https://api.github.com/repos/napi-rs/node-rs/releases/182121885
- Warn: release artifact @node-rs/crc32@1.10.5 does not have provenance: https://api.github.com/repos/napi-rs/node-rs/releases/182121705
- Warn: release artifact @node-rs/bcrypt@1.10.6 does not have provenance: https://api.github.com/repos/napi-rs/node-rs/releases/182121767
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 28 are checked with a SAST tool
Score
4.4
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More