npmpackage.info

Gathering detailed insights and metrics for @oasisprotocol/client-ext-utils

@oasisprotocol/client-ext-utils

Official SDK for the Oasis Network.

1.0.0

Apache-2.0

Rust

1.43 kB

1,765 5

Installations

npm install @oasisprotocol/client-ext-utils

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Node Version

16.20.1

NPM Version

8.19.4 Score

67.7

Supply Chain

Quality

80.1

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

24

Total

1,925

Closed

813

Merged

1,088

Issues

Open

98

Total

240

Closed

142

Releases

rofl-containers/v0.4.1

Updated on Feb 12, 2025

rofl-containers/v0.4.0

Updated on Feb 07, 2025

rofl-containers/v0.3.4

Updated on Jan 24, 2025

rofl-containers/v0.3.3

Updated on Jan 23, 2025

rofl-containers/v0.3.2

Updated on Jan 22, 2025

rofl-containers/v0.3.1

Updated on Jan 22, 2025

View All 10 releases

Contributors

View All 38 Contributors

Languages

Rust

TypeScript

JavaScript

Solidity

Shell

Dockerfile

Makefile

HTML

Rust (64.87%)

Go (19.57%)

TypeScript (11.85%)

JavaScript (2.15%)

Solidity (0.79%)

Shell (0.64%)

Dockerfile (0.1%)

Makefile (0.03%)

HTML (0.01%)

validate.email 🚀

Verify real, reachable, and deliverable emails with instant MX records, SMTP checks, and disposable email detection.

Developer

oasisprotocol

Download Statistics

Total Downloads

1,765

Last Day

Last Week

Last Month

Last Year

261

GitHub Statistics

Apache-2.0 License

77 Stars

2,965 Commits

21 Forks

14 Watchers

42 Branches

38 Contributors

Updated on Mar 14, 2025

Bundle Size

4.15 kB

Minified

1.43 kB

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

1.0.0

Package Id

@oasisprotocol/client-ext-utils@1.0.0

Unpacked Size

27.50 kB

Size

6.84 kB

File Count

NPM Version

8.19.4

Node Version

16.20.1

Published on

Dec 08, 2023

Total Downloads

Cumulative downloads

Total Downloads

1,765

Last Day

Compared to previous day

Last Week

1,900%

Compared to previous week

Last Month

82.1%

Compared to previous month

Last Year

-49.4%

261

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@oasisprotocol/client

Dev Dependencies

@oasisprotocol/client-rt buffer cypress prettier process stream-browserify typedoc typescript webpack webpack-cli webpack-dev-server

Utilities related to browser extensions

This package contains a library for both building a browser extension and interacting with it from web content.

Developers, see this getting started guide.

Philosophy

A browser extension is a convenient place to implement a wallet so that it can be used with dApps. Prefer to have more responsibilities in the dApp, such as connecting to a node, estimating or configuring gas, setting nonces, and submitting transactions.

An extension that works by altering the JavaScript environment for all sites is a lot to trust. Prefer to have a dApp request to interact with an extension.

Inventory of what's here

A messaging protocol for web content to connect to a browser extension.
For use in web content, a ContextSigner implementation that forwards requests to a browser extension over the messaging protocol.
For use in browser extensions, a library that understands the messaging protocol and calls given callbacks.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

8

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

1

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 1

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarking-image.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/benchmarking-image.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/benchmarking-image.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/benchmarking-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmarking-image.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/benchmarking-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmarking-image.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/benchmarking-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmarking-image.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/benchmarking-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/benchmarking-image.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/benchmarking-image.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-audit.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-audit.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-audit.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-audit.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-docs.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-docs.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-docs.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-docs.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-docs.yaml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-docs.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-docs.yaml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-docs.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-docs.yaml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-docs.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-examples.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-examples.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-examples.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-examples.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-examples.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-examples.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-examples.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-lint.yml:174: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-longtest.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-longtest.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-longtest.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-longtest.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-reproducibility.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-reproducibility.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:194: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:197: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:250: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:257: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:440: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:443: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:485: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:488: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:513: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:525: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:269: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:272: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:296: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:312: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:321: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:374: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:381: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:397: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:409: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:429: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:462: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci-test.yaml:465: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/ci-test.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-rofl-containers.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/release-rofl-containers.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-rofl-containers.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/release-rofl-containers.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-rofl-containers.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/release-rofl-containers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rofl-dev-image.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/rofl-dev-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/rofl-dev-image.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/rofl-dev-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/rofl-dev-image.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/rofl-dev-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/rofl-dev-image.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/rofl-dev-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/rofl-dev-image.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/rofl-dev-image.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/runtime-builder-image.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/runtime-builder-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/runtime-builder-image.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/runtime-builder-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/runtime-builder-image.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/runtime-builder-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/runtime-builder-image.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/runtime-builder-image.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/runtime-builder-image.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/oasisprotocol/oasis-sdk/runtime-builder-image.yml/main?enable=pin
Warn: containerImage not pinned by hash: docker/rofl-dev/Dockerfile:1
Warn: containerImage not pinned by hash: docker/runtime-builder/Dockerfile:1: pin your Docker image by updating ubuntu:22.04 to ubuntu:22.04@sha256:ed1544e454989078f5dec1bfdabd8c5cc9c48e0705d07b678ab6ae3fb61952d2
Warn: containerImage not pinned by hash: tests/benchmark/Dockerfile:1: pin your Docker image by updating ubuntu:20.04 to ubuntu:20.04@sha256:8e5c4f0285ecbb4ead070431d29b576a530d3166df73ec44affc1cd27555141b
Info: 0 out of 57 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 23 third-party GitHubAction dependencies pinned
Info: 0 out of 3 containerImage dependencies pinned
Info: 8 out of 8 npmCommand dependencies pinned

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

38 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: RUSTSEC-2020-0095
Warn: Project is vulnerable to: GHSA-27wg-99g8-2v4v
Warn: Project is vulnerable to: RUSTSEC-2024-0436
Warn: Project is vulnerable to: GHSA-4p46-pwfr-66x6
Warn: Project is vulnerable to: RUSTSEC-2025-0009
Warn: Project is vulnerable to: RUSTSEC-2023-0071
Warn: Project is vulnerable to: RUSTSEC-2021-0127
Warn: Project is vulnerable to: GHSA-crf8-h2wq-2h9x
Warn: Project is vulnerable to: GHSA-gq4p-4hxv-5rg9
Warn: Project is vulnerable to: RUSTSEC-2022-0054 / GHSA-rc23-xxgq-x27g
Warn: Project is vulnerable to: GO-2025-3436 / GHSA-q26p-9cq4-7fc2
Warn: Project is vulnerable to: GO-2025-3487
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GO-2024-2819 / GHSA-4xc9-8hmq-j652
Warn: Project is vulnerable to: GHSA-v9jh-j8px-98vq
Warn: Project is vulnerable to: GO-2024-3321 / GHSA-v778-237x-gjrc
Warn: Project is vulnerable to: GO-2024-2687 / GHSA-4v7x-pqxf-cx7m
Warn: Project is vulnerable to: GO-2024-3333 / GHSA-w32m-9786-jp63
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
Warn: Project is vulnerable to: GHSA-584q-6j8j-r5pm
Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GO-2025-3442 / GHSA-22qq-3xwm-r5x4
Warn: Project is vulnerable to: GO-2025-3443 / GHSA-r3r4-g7hq-pq4f
Warn: Project is vulnerable to: GHSA-555p-m4v6-cqxv

Score

5

/10

Last Scanned on 2025-03-03

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More