npmpackage.info

@pnpm/git-utils

Fast, disk space efficient package manager

1000.0.0

30,801

MIT

TypeScript

9.19 kB

14,064,823 5.8

Installations

npm install @pnpm/git-utils

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS, ESM

Min. Node Version

>=18.12

Node Version

18.20.5

NPM Version

10.8.2 Score

78.2

Supply Chain

72.1

Quality

79.6

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

71

Total

3,374

Closed

880

Merged

2,423

Issues

Open

1,706

Total

4,520

Closed

2,814

Releases

983

pnpm 10.4.1

v10.4.1

Updated on Feb 16, 2025

pnpm 10.4

v10.4.0

Updated on Feb 14, 2025

pnpm 10.3

v10.3.0

Updated on Feb 10, 2025

pnpm 10.2.1

v10.2.1

Updated on Feb 06, 2025

pnpm 10.2

v10.2.0

Updated on Feb 03, 2025

pnpm 9.15.5

v9.15.5

Updated on Feb 02, 2025

View All 983 releases

Contributors

311

View All 311 Contributors

Languages

TypeScript

JavaScript

Shell

Batchfile

TypeScript (99.41%)

JavaScript (0.52%)

Shell (0.05%)

Batchfile (0.02%)

Love this project? Help keep it running — sponsor us today! 🚀

Developer

pnpm

Download Statistics

Total Downloads

14,064,823

Last Day

16,526

Last Week

345,064

Last Month

1,260,162

Last Year

9,559,491

GitHub Statistics

MIT License

30,801 Stars

9,535 Commits

1,063 Forks

143 Watchers

267 Branches

311 Contributors

Updated on Feb 17, 2025

Bundle Size

28.93 kB

Minified

9.19 kB

Minified + Gzipped

Bundlephobia

Sponsor this package

https://opencollective.com/pnpm

Maintainers

Package Meta Information

Latest Version

1000.0.0

Package Id

@pnpm/git-utils@1000.0.0

Unpacked Size

5.89 kB

Size

2.66 kB

File Count

NPM Version

10.8.2

Node Version

18.20.5

Published on

Nov 29, 2024

Total Downloads

Cumulative downloads

Total Downloads

14,064,823

Last Day

41.6%

16,526

Compared to previous day

Last Week

7.5%

345,064

Compared to previous week

Last Month

2.2%

1,260,162

Compared to previous month

Last Year

137.5%

9,559,491

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

execa

Dev Dependencies

tempy @pnpm/git-utils

@pnpm/git-utils

Utilities for git

Installation

pnpm add @pnpm/git-utils

Usage

1'use strict'
2const { getCurrentBranchName } = require('@pnpm-utils').default
3
4main()
5async function main() {
6  const branchName = await getCurrentBranch();
7  console.log(branchName)
8}

License

MIT

No vulnerabilities found.

10

Security-Policy

Determines if the project has published a security policy.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

SAST

Determines if the project uses static code analysis.

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/audit.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/audit.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/audit.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/audit.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-latest.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/update-latest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-latest.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/update-latest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-latest.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/update-latest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-latest.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/pnpm/pnpm/update-latest.yml/main?enable=pin
Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 7 third-party GitHubAction dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

116 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-29xr-v42j-r956
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-42xw-2xvc-qx8m
Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r
Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-9j49-mfvp-vmhm
Warn: Project is vulnerable to: GHSA-j4f2-536g-r55m
Warn: Project is vulnerable to: GHSA-r7qp-cfhv-p84w
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3
Warn: Project is vulnerable to: MAL-2023-462
Warn: Project is vulnerable to: GHSA-44pw-h2cw-w3vq
Warn: Project is vulnerable to: GHSA-jp4x-w63m-7wgm
Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
Warn: Project is vulnerable to: GHSA-6x33-pw7p-hmpq
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-282f-qqgm-c34q
Warn: Project is vulnerable to: GHSA-7x7c-qm48-pq9c
Warn: Project is vulnerable to: GHSA-rc3x-jf5g-xvc5
Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-82v2-mx6x-wq7q
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-4c7m-wxvm-r7gc
Warn: Project is vulnerable to: GHSA-pch5-whg9-qr2r
Warn: Project is vulnerable to: GHSA-48ww-j4fc-435p
Warn: Project is vulnerable to: GHSA-hwqf-gcqm-7353
Warn: Project is vulnerable to: GHSA-9h6g-pr28-7cqp
Warn: Project is vulnerable to: GHSA-6fx8-h7jm-663j
Warn: Project is vulnerable to: GHSA-35q2-47q7-3pc3
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-hjp8-2cm3-cc45
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-fxwf-4rqh-v8g3
Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
Warn: Project is vulnerable to: GHSA-xfhh-g9f5-x4m4
Warn: Project is vulnerable to: GHSA-qm95-pgcg-qqfq
Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
Warn: Project is vulnerable to: GHSA-38h8-x697-gh8q
Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-f523-2f5j-gfcg
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-xc7v-wxcw-j472
Warn: Project is vulnerable to: GHSA-cf4h-3jhx-xvhq
Warn: Project is vulnerable to: GHSA-9m6j-fcg5-2442
Warn: Project is vulnerable to: GHSA-hh27-ffr2-f2jc
Warn: Project is vulnerable to: GHSA-rqff-837h-mm52
Warn: Project is vulnerable to: GHSA-8v38-pw62-9cw2
Warn: Project is vulnerable to: GHSA-hgjh-723h-mx2j
Warn: Project is vulnerable to: GHSA-jf5r-8hm2-f872
Warn: Project is vulnerable to: GHSA-mgfv-m47x-4wqp
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-72mh-269x-7mh5
Warn: Project is vulnerable to: GHSA-h4j5-c7cj-74xg
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-gpvr-g6gh-9mc2
Warn: Project is vulnerable to: GHSA-cm5g-3pgc-8rg4
Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-832h-xg76-4gv6
Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
Warn: Project is vulnerable to: GHSA-3fw8-66wf-pr7m
Warn: Project is vulnerable to: GHSA-6w62-83g6-rfhj
Warn: Project is vulnerable to: GHSA-rch9-xh7r-mqgw
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-wrvr-8mpx-r7pp
Warn: Project is vulnerable to: GHSA-f9cm-p3w6-xvr3
Warn: Project is vulnerable to: GHSA-jjv7-qpx3-h62q
Warn: Project is vulnerable to: GHSA-gqgv-6jq5-jjj9
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99

Score

5.8

/10

Last Scanned on 2025-02-10

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to @pnpm/git-utils

@yme/git-cli

0.1.3

utils for git project