npmpackage.info

Gathering detailed insights and metrics for @nx/eslint

Other packages similar to @nx/eslint

@nx/eslint-plugin

21.2.3

The eslint-plugin package is an ESLint plugin that contains a collection of recommended ESLint rule configurations which you can extend from in your own ESLint configs, as well as an Nx-specific lint rule called enforce-module-boundaries.

@nrwl/eslint-plugin-nx

19.8.4

The eslint-plugin-nx package is an ESLint plugin that contains a collection of recommended ESLint rule configurations which you can extend from in your own ESLint configs, as well as an Nx-specific lint rule called enforce-module-boundaries.

@nx/linter

19.8.4

The Linter plugin for Nx contains executors, generators and utilities used for linting JavaScript/TypeScript projects within an Nx workspace.

@nx/angular

21.2.3

The Nx Plugin for Angular contains executors, generators, and utilities for managing Angular applications and libraries within an Nx workspace. It provides: - Integration with libraries such as Storybook, Jest, ESLint, Tailwind CSS, Playwright and Cypre

Gathering detailed insights and metrics for @nx/eslint

@nx/eslint - 21.2.3 | npmpackage.info

@nx/eslint

An AI-first build platform that connects everything from your editor to CI. Helping you deliver fast, without breaking things.

21.2.3

26,321

MIT

TypeScript

220.75 kB

4.8

Installations

npm install @nx/eslint

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Node Version

22.16.0

NPM Version

10.9.2 Pull Requests

Open

118

Total

15,968

Closed

2,036

Merged

13,814

Issues

Open

600

Total

11,551

Closed

10,951

Releases

976

21.3.0-beta.6

Updated on Jul 11, 2025

21.2.3

Updated on Jul 11, 2025

21.3.0-beta.5

Updated on Jul 11, 2025

21.3.0-beta.4

Updated on Jul 10, 2025

21.3.0-beta.3

Updated on Jul 08, 2025

21.3.0-beta.2

Updated on Jul 03, 2025

View All 976 releases

Languages

TypeScript

Rust

JavaScript

Kotlin

MDX

CSS

Shell

HTML

Objective-C

Astro

TypeScript (94.87%)

Rust (3.03%)

JavaScript (1.25%)

Kotlin (0.36%)

MDX (0.3%)

CSS (0.1%)

Shell (0.04%)

HTML (0.03%)

Objective-C (0.01%)

Astro (0.01%)

Developer

nrwl

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

26,321 Stars

15,238 Commits

2,554 Forks

171 Watchers

441 Branches

1,067 Contributors

Updated on Jul 13, 2025

Maintainers

View All 1,067 Contributors

Package Meta Information

Latest Version

21.2.3

Package Id

@nx/eslint@21.2.3

Unpacked Size

220.75 kB

Size

48.13 kB

File Count

NPM Version

10.9.2

Node Version

22.16.0

Published on

Jul 11, 2025

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@nx/devkit @nx/js semver tslib typescript

Peer Dependencies

@zkochan/js-yaml eslint

Nx - Smart Repos · Fast Builds

Nx: Smart Repos · Fast Builds

An AI-first build platform that connects everything from your editor to CI. Helping you deliver fast, without breaking things.

Getting Started

Creating an Nx Workspace

Using npx

1npx create-nx-workspace

Using npm init

1npm init nx-workspace

Using yarn create

1yarn create nx-workspace

Adding Nx to an Existing Repository

Run:

1npx nx@latest init

Documentation & Resources

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

9

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

8

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

7

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Security-Policy

Determines if the project has published a security policy.

0

SAST

Determines if the project uses static code analysis.

0

Fuzzing

Determines if the project uses fuzzing.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Info: Possibly incomplete results: error parsing shell code: > must be followed by a word: packages/node/src/generators/setup-docker/files/Dockerfile__tmpl__:13-14
Info: Possibly incomplete results: error parsing shell code: invalid parameter name: .github/workflows/ci.yml:143
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:152
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:167
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:174
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:184
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:187
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:199
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:220
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:224
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:262
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:298
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:310
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:318
Info: Possibly incomplete results: error parsing job operating system: .github/workflows/e2e-matrix.yml:352
Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: ': .github/workflows/e2e-matrix.yml:382
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:150: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:265: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:272: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:278: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:284: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:297: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:305: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/claude.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/claude.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/claude.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/claude.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/claude.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/claude.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/claude.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/claude.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/claude.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/claude.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/claude.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/claude.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/claude.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/claude.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/claude.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/claude.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/claude.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/claude.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:155: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:180: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:206: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:396: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:406: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:424: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:433: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:456: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:474: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:491: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:507: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-embeddings.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/generate-embeddings.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-embeddings.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/generate-embeddings.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/generate-embeddings.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/generate-embeddings.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-embeddings.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/generate-embeddings.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock-threads.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/lock-threads.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-audit.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/npm-audit.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/npm-audit.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/npm-audit.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/npm-audit.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/npm-audit.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:270: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:275: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:280: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:288: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:294: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:304: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:325: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:334: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:347: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:362: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:369: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:411: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:434: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:439: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:444: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:455: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:491: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:513: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: npmCommand not pinned by hash: packages/node/src/generators/setup-docker/files/Dockerfile__tmpl__:23
Info: 0 out of 56 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 35 third-party GitHubAction dependencies pinned
Info: 0 out of 1 npmCommand dependencies pinned

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

103 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-pg9f-39pc-qf8g
Warn: Project is vulnerable to: RUSTSEC-2025-0024
Warn: Project is vulnerable to: RUSTSEC-2025-0021 / GHSA-2frx-2596-x5r6
Warn: Project is vulnerable to: RUSTSEC-2024-0350 / GHSA-7w47-3wg8-547c
Warn: Project is vulnerable to: RUSTSEC-2024-0367 / GHSA-v26r-4c9c-h3j6
Warn: Project is vulnerable to: RUSTSEC-2024-0371 / GHSA-m8rp-vv92-46c7
Warn: Project is vulnerable to: RUSTSEC-2024-0351 / GHSA-49jc-r788-3fc9
Warn: Project is vulnerable to: RUSTSEC-2024-0421 / GHSA-h97m-ww89-6jmq
Warn: Project is vulnerable to: RUSTSEC-2024-0436
Warn: Project is vulnerable to: RUSTSEC-2017-0008
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
Warn: Project is vulnerable to: GHSA-x2rg-q646-7m2v
Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
Warn: Project is vulnerable to: GHSA-593f-38f6-jp5m
Warn: Project is vulnerable to: GHSA-cpj6-fhp6-mr6j
Warn: Project is vulnerable to: GHSA-f46r-rw29-r322
Warn: Project is vulnerable to: GHSA-x574-m823-4x7w
Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8
Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x
Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-c59h-r6p8-q9wc
Warn: Project is vulnerable to: GHSA-7m27-7ghc-44w9
Warn: Project is vulnerable to: GHSA-f82v-jwr5-mffw
Warn: Project is vulnerable to: GHSA-g77x-44xx-532m
Warn: Project is vulnerable to: GHSA-7gfc-8cq8-jh5f
Warn: Project is vulnerable to: GHSA-qpjv-v59x-3qc4
Warn: Project is vulnerable to: GHSA-3h52-269p-cp9r
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-353f-5xf4-qw67
Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
Warn: Project is vulnerable to: GHSA-cj7v-w2c7-cp7c
Warn: Project is vulnerable to: GHSA-f6v4-cf5j-vf3w
Warn: Project is vulnerable to: GHSA-m7xq-9374-9rvx
Warn: Project is vulnerable to: GHSA-vg7j-7cwx-8wgw
Warn: Project is vulnerable to: GHSA-44fp-w29j-9vj5
Warn: Project is vulnerable to: GHSA-4pg4-qvpc-4q3h
Warn: Project is vulnerable to: GHSA-g5hg-p3ph-g8qg
Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
Warn: Project is vulnerable to: GHSA-2452-6xj8-jh47
Warn: Project is vulnerable to: GHSA-x4c5-c7rf-jjgv
Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
Warn: Project is vulnerable to: GHSA-8r88-6cj9-9fh5
Warn: Project is vulnerable to: GHSA-m85w-3h95-hcf9
Warn: Project is vulnerable to: GHSA-c4pw-33h3-35xw
Warn: Project is vulnerable to: GHSA-49w6-73cw-chjr
Warn: Project is vulnerable to: GHSA-f7f6-9jq7-3rqj
Warn: Project is vulnerable to: GHSA-m5qc-5hw7-8vg7
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-jvhm-gjrh-3h93
Warn: Project is vulnerable to: GHSA-pwfr-8pq7-x9qv
Warn: Project is vulnerable to: GHSA-8g77-54rh-46hx
Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
Warn: Project is vulnerable to: GHSA-36m4-6v6m-4vpr
Warn: Project is vulnerable to: GHSA-q22g-8fr4-qpj4
Warn: Project is vulnerable to: GHSA-3qxh-p7jc-5xh6
Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
Warn: Project is vulnerable to: GHSA-v2p6-4mp7-3r9v
Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975
Warn: Project is vulnerable to: GHSA-cxrh-j4jr-qwg3

Score

4.8

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More