Installations
npm install @progress/jszip-esmReleases
v1.0.3
Published on 17 Aug 2021
v1.0.3-dev.202108171145
Published on 17 Aug 2021
v1.0.2
Published on 01 Sept 2020
v1.0.2-dev.202009011104
Published on 01 Sept 2020
v1.0.2-dev.202008311248
Published on 31 Aug 2020
v1.0.2-dev.202008121028
Published on 12 Aug 2020
Developer
telerik
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
14.17.4
NPM Version
6.14.14
Statistics
4 Stars
633 Commits
2 Forks
17 Watching
2 Branches
21 Contributors
Updated on 20 Jan 2024
Languages
JavaScript (99.06%)
HTML (0.94%)
Total Downloads
Cumulative downloads
Total Downloads
16,178,260
Last day
1.2%
25,482
Compared to previous day
Last week
-1.1%
128,205
Compared to previous week
Last month
8.9%
538,223
Compared to previous month
Last year
16.5%
5,398,391
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
JSZip-ESM
This is a fork of JSZip v3.2.2 with bundler-friendly packaging.
It is used by the Excel Export module of Progress Kendo UI.
- Includes ES2015, UMD and CommonJS bundles.
- Built-in TypeScript definitions.
- Targets modern browsers and IE11.
- Subject to tree-shaking.
- Side-effect free.
Notes
- Should not be used in NodeJS environment. Use the original JSZip library instead.
- Not compatible with legacy browsers.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
0 existing vulnerabilities detected
Reason
Found 2/24 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/cd.yml:19
- Info: jobLevel 'packages' permission set to 'read': .github/workflows/cd.yml:20
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:17
- Info: jobLevel 'packages' permission set to 'read': .github/workflows/ci.yml:18
- Warn: no topLevel permission defined: .github/workflows/cd.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/cd.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/jszip-esm/cd.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cd.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/jszip-esm/cd.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/jszip-esm/ci.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/jszip-esm/ci.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/jszip-esm/publish.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/jszip-esm/publish.yml/develop?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/cd.yml:42
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:31
- Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:31
- Info: 0 out of 3 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
- Info: 0 out of 3 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 21 are checked with a SAST tool
Score
3.8
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to @progress/jszip-esm
jszip
Create, read and edit .zip files with JavaScript http://stuartk.com/jszip
@endo/zip
A minimal, synchronous Zip reader and writer
@progress/pako-esm
Pako fork with bundler-friendly packaging
jszip-sync
Create, read and edit .zip files with Javascript, with sync capabilities, forked from http://stuartk.com/jszip