Gathering detailed insights and metrics for @rive-app/react-canvas-lite
Gathering detailed insights and metrics for @rive-app/react-canvas-lite
Installations
npm install @rive-app/react-canvas-liteDeveloper
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
16.20.2
NPM Version
8.19.4
Statistics
839 Stars
460 Commits
32 Forks
10 Watching
19 Branches
16 Contributors
Updated on 29 Nov 2024
Languages
TypeScript (89.5%)
JavaScript (5%)
Shell (4.77%)
HTML (0.73%)
Total Downloads
Cumulative downloads
Total Downloads
540,211
Last day
3.1%
4,092
Compared to previous day
Last week
7.2%
19,778
Compared to previous week
Last month
58.1%
81,366
Compared to previous month
Last year
25,647.4%
538,121
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Peer Dependencies
1
Versions
Rive React
A React runtime library for Rive.
This library is a wrapper around the JS/Wasm runtime, giving full control over the js runtime while providing components and hooks for React applications.
Table of contents
- :star: Rive Overview
- 🚀 Getting Started & API docs
- :mag: Supported Versions
- :books: Examples
- :runner: Migration Guides
- 👨💻 Contributing
- :question: Issues
Rive overview
Rive is a real-time interactive design and animation tool that helps teams create and run interactive animations anywhere. Designers and developers use our collaborative editor to create motion graphics that respond to different states and user inputs. Our lightweight open-source runtime libraries allow them to load their animations into apps, games, and websites.
:house_with_garden: Homepage
:blue_book: General help docs
Getting started
Follow along with the link below for a quick start in getting Rive React integrated into your React apps.
For more information, see the Runtime sections of the Rive help documentation:
Supported versions
This library supports React versions ^16.8.0 through ^18.0.0.
Examples
Check out our Storybook instance that shows how to use the library in small examples, along with code snippets! This includes examples using the basic component, as well as the convenient hooks exported to take advantage of state machines.
Awesome Rive
For even more examples and resources on using Rive at runtime or in other tools, checkout the awesome-rive repo.
Migration guides
Using an older version of the runtime and need to learn how to upgrade to the latest version? Check out the migration guides below in our help center that help guide you through version bumps; breaking changes and all!
Contributing
We love contributions! Check out our contributing docs to get more details into how to run this project, the examples, and more all locally.
Issues
Have an issue with using the runtime, or want to suggest a feature/API to help make your development life better? Log an issue in our issues tab! You can also browse older issues and discussion threads there to see solutions that may have worked for common problems.
No vulnerabilities found.
Reason
30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 3/26 approved changesets -- score normalized to 1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/add_to_project.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/storybook.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/add_to_project.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/rive-app/rive-react/add_to_project.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/add_to_project.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rive-app/rive-react/add_to_project.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/rive-app/rive-react/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/rive-app/rive-react/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/rive-app/rive-react/storybook.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/storybook.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/rive-app/rive-react/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/rive-app/rive-react/tests.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:32
- Warn: npmCommand not pinned by hash: .github/workflows/storybook.yml:21
- Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:11
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 3 npmCommand dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 17 are checked with a SAST tool
Score
4.9
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More