npmpackage.info

@nx/plugin

Build system, optimized for monorepos, with AI-powered architectural awareness and advanced CI capabilities.

20.4.6

24,669

MIT

TypeScript

110.35 kB

27,584,599 4.8

Installations

npm install @nx/plugin

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Node Version

18.20.6

NPM Version

10.8.2 Score

61.2

Supply Chain

33.9

Quality

95.3

Maintenance

100

Vulnerability

95.3

License

Pull Requests

Open

85

Total

14,901

Closed

1,894

Merged

12,922

Issues

Open

588

Total

11,009

Closed

10,421

Releases

902

20.4.6

Updated on Feb 20, 2025

20.5.0-beta.4

Updated on Feb 20, 2025

20.4.5

Updated on Feb 18, 2025

20.3.4

Updated on Feb 14, 2025

20.4.4

Updated on Feb 14, 2025

20.5.0-beta.3

Updated on Feb 13, 2025

View All 902 releases

Contributors

1,030

View All 1,030 Contributors

Languages

TypeScript

Rust

JavaScript

CSS

Shell

HTML

Objective-C

TypeScript (96.89%)

Rust (1.57%)

JavaScript (1.35%)

CSS (0.12%)

Shell (0.05%)

HTML (0.02%)

Objective-C (0.01%)

Love this project? Help keep it running — sponsor us today! 🚀

Developer

nrwl

Download Statistics

Total Downloads

27,584,599

Last Day

97,061

Last Week

472,685

Last Month

2,103,356

Last Year

20,169,552

GitHub Statistics

MIT License

24,669 Stars

14,357 Commits

2,452 Forks

172 Watchers

297 Branches

1,030 Contributors

Updated on Feb 21, 2025

Maintainers

Package Meta Information

Latest Version

20.4.6

Package Id

@nx/plugin@20.4.6

Unpacked Size

110.35 kB

Size

24.37 kB

File Count

NPM Version

10.8.2

Node Version

18.20.6

Published on

Feb 20, 2025

Total Downloads

Cumulative downloads

Total Downloads

27,584,599

Last Day

-11.3%

97,061

Compared to previous day

Last Week

-8.8%

472,685

Compared to previous week

Last Month

55.8%

2,103,356

Compared to previous month

Last Year

172%

20,169,552

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

tslib @nx/devkit @nx/jest @nx/js @nx/eslint

Nx - Smart Monorepos · Fast CI

Nx: Smart Monorepos · Fast CI

Nx is a build system, optimized for monorepos, with plugins for popular frameworks and tools and advanced CI capabilities including caching and distribution.

What is It?

It's an Nx plugin used to build other Nx plugins.

Check out the list of community plugins and the documentation on how to create one using create-nx-plugin here: https://nx.dev/community

Getting Started

Creating an Nx Workspace

Using npx

1npx create-nx-workspace

Using npm init

1npm init nx-workspace

Using yarn create

1yarn create nx-workspace

Adding Nx to an Existing Repository

Run:

1npx nx@latest init

Documentation & Resources

No vulnerabilities found.

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

8

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

7

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Security-Policy

Determines if the project has published a security policy.

0

SAST

Determines if the project uses static code analysis.

0

Fuzzing

Determines if the project uses fuzzing.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Info: Possibly incomplete results: error parsing shell code: > must be followed by a word: packages/node/src/generators/setup-docker/files/Dockerfile__tmpl__:13-14
Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: ': .github/workflows/e2e-matrix.yml:502
Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: .: .github/workflows/e2e-matrix.yml:545
Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: ': .github/workflows/e2e-windows.yml:363
Info: Possibly incomplete results: error parsing shell code: not a valid arithmetic operator: .: .github/workflows/e2e-windows.yml:404
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:539: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:551: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:689: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:706: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:722: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:737: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:395: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:400: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:407: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:414: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:441: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:450: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:512: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-matrix.yml:522: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-matrix.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:463: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:294: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:299: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:306: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:313: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:323: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:370: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:380: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:397: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:410: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-windows.yml:446: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/e2e-windows.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-embeddings.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/generate-embeddings.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-embeddings.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/generate-embeddings.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/generate-embeddings.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/generate-embeddings.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-embeddings.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/generate-embeddings.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-notifier.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/issue-notifier.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock-threads.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/lock-threads.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-audit.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/npm-audit.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/npm-audit.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/npm-audit.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/npm-audit.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/npm-audit.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:204: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:209: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:214: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:238: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:259: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:268: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:281: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:296: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:305: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:347: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:370: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:375: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:380: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:391: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:426: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:448: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/publish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/schedule-stale.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/nrwl/nx/schedule-stale.yml/master?enable=pin
Warn: npmCommand not pinned by hash: packages/node/src/generators/setup-docker/files/Dockerfile__tmpl__:22
Info: 0 out of 58 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 33 third-party GitHubAction dependencies pinned
Info: 0 out of 1 npmCommand dependencies pinned

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

64 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: RUSTSEC-2024-0350 / GHSA-7w47-3wg8-547c
Warn: Project is vulnerable to: RUSTSEC-2024-0367 / GHSA-v26r-4c9c-h3j6
Warn: Project is vulnerable to: RUSTSEC-2024-0371 / GHSA-m8rp-vv92-46c7
Warn: Project is vulnerable to: RUSTSEC-2024-0351 / GHSA-49jc-r788-3fc9
Warn: Project is vulnerable to: RUSTSEC-2024-0421 / GHSA-h97m-ww89-6jmq
Warn: Project is vulnerable to: RUSTSEC-2017-0008
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-c59h-r6p8-q9wc
Warn: Project is vulnerable to: GHSA-7m27-7ghc-44w9
Warn: Project is vulnerable to: GHSA-g77x-44xx-532m
Warn: Project is vulnerable to: GHSA-7gfc-8cq8-jh5f
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-353f-5xf4-qw67
Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
Warn: Project is vulnerable to: GHSA-f6v4-cf5j-vf3w
Warn: Project is vulnerable to: GHSA-m7xq-9374-9rvx
Warn: Project is vulnerable to: GHSA-vg7j-7cwx-8wgw
Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
Warn: Project is vulnerable to: GHSA-2452-6xj8-jh47
Warn: Project is vulnerable to: GHSA-x4c5-c7rf-jjgv
Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
Warn: Project is vulnerable to: GHSA-593f-38f6-jp5m
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-pwfr-8pq7-x9qv
Warn: Project is vulnerable to: GHSA-36m4-6v6m-4vpr
Warn: Project is vulnerable to: GHSA-q22g-8fr4-qpj4
Warn: Project is vulnerable to: GHSA-v2p6-4mp7-3r9v
Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975

Score

4.8

/10

Last Scanned on 2025-02-17

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to @nx/plugin

20.4.6

The core Nx plugin contains the core functionality of Nx like the project graph, nx commands and task orchestration.

@nx/js

20.4.6

The JS plugin for Nx contains executors and generators that provide the best experience for developing JavaScript and TypeScript projects.

@nx/workspace

20.4.6

The Workspace plugin contains executors and generators that are useful for any Nx workspace. It should be present in every Nx workspace and other plugins build on it.

@nx/eslint-plugin

20.4.6

The eslint-plugin package is an ESLint plugin that contains a collection of recommended ESLint rule configurations which you can extend from in your own ESLint configs, as well as an Nx-specific lint rule called enforce-module-boundaries.