npmpackage.info

Gathering detailed insights and metrics for @progress/kendo-theme-material

@progress/kendo-theme-material - 11.1.0 | npmpackage.info

@progress/kendo-theme-material

Monorepo for SASS-based Kendo UI themes

11.1.0

153

HTML

23.88 MB

4.6

Installations

npm install @progress/kendo-theme-material

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

22.17.0

NPM Version

lerna/8.2.3/node@v22.17.0+x64 (linux)

Pull Requests

Open

14

Total

3,977

Closed

341

Merged

3,622

Issues

Open

243

Total

1,456

Closed

1,213

Releases

232

v11.2.0-dev.0

Updated on Jul 08, 2025

v11.1.0

Updated on Jul 07, 2025

v11.1.0-dev.8

Updated on Jul 07, 2025

v11.1.0-dev.7

Updated on Jun 30, 2025

v11.1.0-dev.6

Updated on Jun 26, 2025

v11.1.0-dev.5

Updated on Jun 25, 2025

View All 232 releases

Languages

HTML

SCSS

TypeScript

JavaScript

Shell

Nunjucks

CSS

HTML (56.32%)

SCSS (24.71%)

TypeScript (17.66%)

JavaScript (1.21%)

Shell (0.06%)

Nunjucks (0.03%)

CSS (0.01%)

Developer

telerik

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

153 Stars

10,712 Commits

70 Forks

54 Watchers

32 Branches

175 Contributors

Updated on Jul 08, 2025

Maintainers

View All 175 Contributors

Package Meta Information

Latest Version

11.1.0

Package Id

@progress/kendo-theme-material@11.1.0

Unpacked Size

23.88 MB

Size

2.48 MB

File Count

551

NPM Version

lerna/8.2.3/node@v22.17.0+x64 (linux)

Node Version

22.17.0

Published on

Jul 07, 2025

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@progress/kendo-svg-icons @progress/kendo-theme-core @progress/kendo-theme-utils

Kendo UI Themes Monorepo

kendo-themes is a lerna managed monorepo project for all Kendo UI themes that are used across the Kendo UI suites and Telerik UI for Blazor. The themes are built with sass using scss syntax. The syntax is compatible with both node-sass and dart-sass, as we currently do not use the sass module system. Browser-specific properties are generated at build-time through PostCSS autoprefixer.

Setup

Make sure you have Node v20 or later.
Clone the repo and run npm ci to install dependencies.

Development Server

To run it, execute npm start and navigate to http://localhost:3000/

Building Packages

The following npm commands are available for building the themes:

To build all themes run npm run sass.
To build all swatches run npm run sass:dist.

There are additional commands, which can be found in package.json and gulpfile.js.

Directory structure

build -- various bash scripts
lib -- files which we didn't put elsewhere
packages
- theme-name
  - build -- theme specific files needed for building
  - docs -- per theme documentation
  - lib -- files that are not strictly scss, like swatches in json format
  - scripts -- theme specific javascript files
  - scss -- source of the themes
scripts -- various javascript files
tests -- visual tests

Development

Inside each theme source directory, there is a per-component directory containing the respective styles.

Note: we mostly have aptly named direcotries, so they match component names. In few cases, however, we chose different names. For example, multicolumncombobox is a mouthful, so its directory is dropdowngrid.

Each component consists of index file that is the entry points for component styles. Inside, we import core files, all dependencies (for example, datepicker needs calendar) and the components layout (metrics) and theme (appearance) files.

Note: We list all dependencies is because we want components to be compiled standalone without the developer needing to know which component depends on which other component. However, recursive importing creates exponentially large dist files, unles handled.

To workaround this limitation, we use a mixin -- import-once -- which takes care to output only once!

During development, the scss files are linted on every commit and built on every push command.

Changes in develop branch release a new package version every monday in the dev channel and in (version)-dev.(integer) format. To install the latest development version of a given theme, run npm install (themename)@dev -- for example, npm install @progress/kendo-theme-default@dev.

Stable channel is released manually trough a github action.

Visual tests

To guard against regressions and make pull request reviews easier, the CI build makes screenshots of the sample pages in packages/html/src/[component]/tests/*.html. This happens automatically for all feature branches. The sample pages contain static HTML that is the recommended rendering for components that use the theme.

To generate screenshots for a specific theme:

Build the theme with npm run sass
Run npm run test:create-screenshots <theme>, substituting <theme> with a theme name.

These steps will create new screenshots in tests/_output. Note that due to platform differences, all of the files will be marked as changed.

Documenting Variables

The available variables for customizing each theme are listed in the article on customization for each theme (docs/customization.md) The file is generated from the SCSS source files by running the npm run docs command.

To document a variable, use triple-slash comments (///) before its definition.

1/// Variable description
2$foo: 42 !default;

To group variables, use the @group directive.

1/// Variable description
2/// @group random
3$foo: 42 !default;
4
5/// Another variable description
6/// @group random
7$bar: 1024 !default;

To change the layout or the front meter of the generated help topic, change the docs/_templates/customization.md.njk source file.

License

This package is part of the following suites:

All available Kendo UI commercial licenses may be obtained at http://www.telerik.com/purchase/kendo-ui.

If you do not own a commercial license, the usage of this software shall be governed by the Apache License, Version 2.0.

Progress, Telerik, and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

5

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

5

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

4

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 4

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_compile-themes.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_compile-themes.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_compile-themes.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_compile-themes.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_compile-themes.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_compile-themes.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_compile-themes.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_compile-themes.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_create-screenshots.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_create-screenshots.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_create-screenshots.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_create-screenshots.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_create-screenshots.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_create-screenshots.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_create-screenshots.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_create-screenshots.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_create-screenshots.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_create-screenshots.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_lint-scripts.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_lint-scripts.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_lint-scripts.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_lint-scripts.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_lint-scripts.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_lint-scripts.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_lint-styles.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_lint-styles.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_lint-styles.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_lint-styles.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_lint-styles.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_lint-styles.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_package-report.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_package-report.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_prime-cache.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_prime-cache.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_prime-cache.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_prime-cache.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_prime-cache.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_prime-cache.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_render-test-pages.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_render-test-pages.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_render-test-pages.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_render-test-pages.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_render-test-pages.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_render-test-pages.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_render-test-pages.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_render-test-pages.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_render-test-pages.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_render-test-pages.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test-contrast.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_test-contrast.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test-contrast.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_test-contrast.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test-contrast.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_test-contrast.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test-contrast.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_test-contrast.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test-units.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_test-units.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test-units.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_test-units.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/_test-units.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/_test-units.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/ci.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/ci.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci_weekly.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/ci_weekly.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci_weekly.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/ci_weekly.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci_weekly.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/ci_weekly.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/merge_develop.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/merge_develop.yml/develop?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_npm.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_npm.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_npm.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_npm.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_npm.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_npm.yml/develop?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_npm_dev.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_npm_dev.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_npm_dev.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_npm_dev.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_npm_dev.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_npm_dev.yml/develop?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_nuget.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_nuget.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_nuget.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_nuget.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_nuget.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_nuget.yml/develop?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_nuget.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_nuget.yml/develop?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish_swatches.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_swatches.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_swatches.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_swatches.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_swatches.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_swatches.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_swatches.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_swatches.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish_swatches.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/publish_swatches.yml/develop?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/tag_stable.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/tag_stable.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tag_stable.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/tag_stable.yml/develop?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tag_stable.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/telerik/kendo-themes/tag_stable.yml/develop?enable=pin
Info: 0 out of 59 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 6 third-party GitHubAction dependencies pinned
Info: 15 out of 15 npmCommand dependencies pinned

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

License

Determines if the project has defined a license.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

Reason

detected GitHub workflow tokens with excessive permissions

Details

Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish_npm.yml:14
Info: jobLevel 'packages' permission set to 'read': .github/workflows/publish_npm.yml:15
Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish_npm_dev.yml:21
Info: jobLevel 'packages' permission set to 'read': .github/workflows/publish_npm_dev.yml:22
Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish_nuget.yml:27
Info: jobLevel 'packages' permission set to 'read': .github/workflows/publish_nuget.yml:28
Info: jobLevel 'contents' permission set to 'read': .github/workflows/publish_swatches.yml:28
Info: jobLevel 'packages' permission set to 'read': .github/workflows/publish_swatches.yml:29
Info: jobLevel 'contents' permission set to 'read': .github/workflows/tag_stable.yml:14
Info: jobLevel 'packages' permission set to 'read': .github/workflows/tag_stable.yml:15
Warn: no topLevel permission defined: .github/workflows/_compile-themes.yml:1
Warn: no topLevel permission defined: .github/workflows/_create-screenshots.yml:1
Warn: no topLevel permission defined: .github/workflows/_lint-scripts.yml:1
Warn: no topLevel permission defined: .github/workflows/_lint-styles.yml:1
Warn: no topLevel permission defined: .github/workflows/_package-report.yml:1
Warn: no topLevel permission defined: .github/workflows/_prime-cache.yml:1
Warn: no topLevel permission defined: .github/workflows/_render-test-pages.yml:1
Warn: no topLevel permission defined: .github/workflows/_test-contrast.yml:1
Warn: no topLevel permission defined: .github/workflows/_test-units.yml:1
Warn: no topLevel permission defined: .github/workflows/ci.yml:1
Warn: no topLevel permission defined: .github/workflows/ci_develop.yml:1
Warn: no topLevel permission defined: .github/workflows/ci_weekly.yml:1
Warn: no topLevel permission defined: .github/workflows/merge_develop.yml:1
Warn: no topLevel permission defined: .github/workflows/publish_npm.yml:1
Warn: no topLevel permission defined: .github/workflows/publish_npm_dev.yml:1
Warn: no topLevel permission defined: .github/workflows/publish_nuget.yml:1
Warn: no topLevel permission defined: .github/workflows/publish_swatches.yml:1
Warn: no topLevel permission defined: .github/workflows/tag_stable.yml:1
Info: no jobLevel write permissions found

0

SAST

Determines if the project uses static code analysis.

0

Fuzzing

Determines if the project uses fuzzing.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Score

4.6

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More