🔥 A well-tested feature-rich modular Firebase implementation for React Native. Supports both iOS & Android platforms for all Firebase services.
Installations
npm install @react-native-firebase/analyticsReleases
83
v6.4.0
v6.4.0
Published on 08 Apr 2020
v6.3.0
v6.3.0
Published on 04 Feb 2020
v5.6.0 - Sign-in with Apple support, react-native 0.60+ only
v5.6.0
Published on 10 Dec 2019
v5.5.7 - maintenance release: AndroidX and others
v5.5.7
Published on 10 Dec 2019
v6.2.0
v6.2.0
Published on 08 Dec 2019
v6.1.0
v6.1.0
Published on 26 Nov 2019
Developer
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
18.20.5
NPM Version
lerna/8.1.8/node@v18.20.5+x64 (linux)
Statistics
11,734 Stars
5,883 Commits
2,215 Forks
164 Watching
38 Branches
510 Contributors
Updated on 28 Nov 2024
Bundle Size
33.15 kB
Minified
7.64 kB
Minified + Gzipped
Languages
JavaScript (62.68%)
Java (14.64%)
Objective-C (13.39%)
TypeScript (7.09%)
Ruby (1.26%)
Objective-C++ (0.47%)
Shell (0.34%)
Kotlin (0.06%)
Starlark (0.04%)
CSS (0.03%)
Total Downloads
Cumulative downloads
Total Downloads
41,527,084
Last day
-2.1%
63,011
Compared to previous day
Last week
5%
356,329
Compared to previous week
Last month
4.4%
1,451,428
Compared to previous month
Last year
40.6%
14,947,739
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Peer Dependencies
1
Versions
React Native Firebase
React Native Firebase is a collection of official React Native modules connecting you to Firebase services; each module is a light-weight JavaScript layer connecting you to the native Firebase SDKs for both iOS and Android.
React Native Firebase is built with four key principles in mind;
- 🧪 Well tested
- every module is extensively tested to >95% coverage
- 👁 Well typed
- first class support for Typescript included
- 📄 Well documented
- full reference & installation documentation alongside detailed guides and FAQs
- 🔥 Mirrors official Firebase Web SDK
- functions as a drop-in replacement for the Firebase Web SDK in React Native
- maximizes cross-platform code re-usability e.g. re-using code on web platforms
Firebase Modules
This is the root of the mono-repo for React Native Firebase, if you're looking for a specific package please select the package link from below.
The main package that you interface with is App (@react-native-firebase/app)
Documentation
Looking for the Version 5 documentation? View legacy documentation.
Contributing
License
- See LICENSE
Built and maintained by Invertase.
No vulnerabilities found.
Reason
30 commit(s) and 20 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
binaries present in source code
Details
- Warn: binary detected: tests/android/gradle/wrapper/gradle-wrapper.jar:1
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
Found 8/16 approved changesets -- score normalized to 5
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: found token with 'none' permissions: .github/workflows/pr_title.yml:15
- Warn: no topLevel permission defined: .github/workflows/create_test_patches.yml:1
- Warn: no topLevel permission defined: .github/workflows/docs.yml:1
- Warn: no topLevel permission defined: .github/workflows/issue-labels.yaml:1
- Warn: no topLevel permission defined: .github/workflows/linting.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/pr_title.yml:10
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/stale.yml:8
- Warn: no topLevel permission defined: .github/workflows/tests_e2e_android.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests_e2e_ios.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests_e2e_other.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests_jest.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create_test_patches.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/create_test_patches.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create_test_patches.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/create_test_patches.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create_test_patches.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/create_test_patches.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/create_test_patches.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/create_test_patches.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create_test_patches.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/create_test_patches.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create_test_patches.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/create_test_patches.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/docs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/docs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/docs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/docs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/docs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-labels.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/issue-labels.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-labels.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/issue-labels.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/linting.yml:116: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/linting.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/linting.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/linting.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/linting.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/linting.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/linting.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_title.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/pr_title.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr_title.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/pr_title.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/publish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/publish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/stale.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:147: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_android.yml:171: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_android.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:165: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:204: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:212: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_ios.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_ios.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_e2e_other.yml:175: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_e2e_other.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_jest.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_jest.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_jest.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_jest.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_jest.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_jest.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_jest.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_jest.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests_jest.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_jest.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests_jest.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/invertase/react-native-firebase/tests_jest.yml/main?enable=pin
- Info: 0 out of 56 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 34 third-party GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 25 are checked with a SAST tool
Reason
72 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-7v5v-9h63-cj86
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-hhhv-q57g-882q
- Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-7gc6-qh9x-w6h8
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-r7qp-cfhv-p84w
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-6h5x-7c5m-7cr7
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-c6f8-8r25-c4gc
- Warn: Project is vulnerable to: GHSA-mj46-r4gr-5x83
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-4r62-v4vq-hr96
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
- Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
- Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
- Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
- Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
- Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
- Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
- Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
- Warn: Project is vulnerable to: GHSA-wvhm-4hhf-97x9
- Warn: Project is vulnerable to: GHSA-h4hr-7fg3-h35w
- Warn: Project is vulnerable to: GHSA-gj77-59wh-66hg
- Warn: Project is vulnerable to: GHSA-hqhp-5p83-hx96
- Warn: Project is vulnerable to: GHSA-3949-f494-cm99
- Warn: Project is vulnerable to: GHSA-5q6m-3h65-w53x
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-gp95-ppv5-3jc5
- Warn: Project is vulnerable to: GHSA-54xq-cgqr-rpm3
- Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
- Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
- Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-7p89-p6hx-q4fw
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Score
4.2
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More