Gathering detailed insights and metrics for @rudderstack/analytics-js-service-worker
Gathering detailed insights and metrics for @rudderstack/analytics-js-service-worker
JavaScript SDK for RudderStack - the Customer Data Platform for Developers.
Installations
npm install @rudderstack/analytics-js-service-workerDeveloper Guide
BETA
Typescript
Yes
Module System
ESM
Node Version
20.11.1
NPM Version
10.2.4
Releases
679
rudderstack/analytics-js-service-worker@3.2.24
@rudderstack/analytics-js-service-worker@3.2.24
Updated on Apr 28, 2025
@rudderstack/analytics-js-integrations@3.13.2
@rudderstack/analytics-js-integrations@3.13.2
Updated on Apr 28, 2025
rudder-sdk-js@2.51.1
rudder-sdk-js@2.51.1
Updated on Apr 28, 2025
@rudderstack/analytics-js@3.17.0
@rudderstack/analytics-js@3.17.0
Updated on Apr 28, 2025
@rudderstack/analytics-js-plugins@3.8.1
@rudderstack/analytics-js-plugins@3.8.1
Updated on Apr 28, 2025
@rudderstack/analytics-js-cookies@0.4.24
@rudderstack/analytics-js-cookies@0.4.24
Updated on Apr 28, 2025
Languages
4
TypeScript
JavaScript
HTML
Shell
TypeScript (49.65%)
JavaScript (43.46%)
HTML (6.46%)
Shell (0.43%)
Developer
Download Statistics
Total Downloads
241,412
Last Day
1,263
Last Week
5,465
Last Month
24,645
Last Year
220,677
GitHub Statistics
NOASSERTION License
154 Stars
4,341 Commits
90 Forks
11 Watchers
19 Branches
97 Contributors
Updated on May 09, 2025
Bundle Size
83.28 kB
Minified
28.77 kB
Minified + Gzipped
Maintainers
5
Package Meta Information
Latest Version
3.2.24
Package Id
@rudderstack/analytics-js-service-worker@3.2.24
Unpacked Size
1.36 MB
Size
368.36 kB
File Count
12
NPM Version
10.2.4
Node Version
20.11.1
Published on
Apr 28, 2025
Total Downloads
Cumulative downloads
Total Downloads
241,412
Last Day
215%
1,263
Compared to previous day
Last Week
18.5%
5,465
Compared to previous week
Last Month
14%
24,645
Compared to previous month
Last Year
964.3%
220,677
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
No dependencies detected.
The Customer Data Platform for Developers
Website · Documentation · Community Slack
@rudderstack/analytics-js-service-worker
RudderStack JavaScript SDK service worker that can be used in browser extensions and serverless runtimes. It exposes the same interface and features as the Node.js SDK.
For detailed documentation on the RudderStack JavaScript SDK, click here.
Table of Contents
Installing the package
To install the package via NPM, run the following command:
1npm install @rudderstack/analytics-js-service-worker --save
1import { Analytics } from '@rudderstack/analytics-js-service-worker'; 2 3const rudderClient = new Analytics('<WRITE_KEY>', '<DATA_PLANE_URL>');
| Note that this NPM module is only meant to be used for a service worker usage. If you want to integrate RudderStack with your Node.js application, refer to the RudderStack Node.js repository. |
|---|
Usage in Chrome Extensions
RudderStack JS SDK can be used in Chrome Extensions with manifest v3, both as a content script (via the JavaScript SDK package) or as a background script service worker (via the service worker package).
For more details, see Chrome Extensions Usage.
Usage in Serverless runtimes
RudderStack JS SDK service worker can be used in serverless runtimes like Cloudflare Workers or Vercel Edge functions.
For more details, see:
How to build the SDK
-
Look for run scripts in the
package.jsonfile for getting the browser minified and non-minified builds. The builds are updated in thedistfolder of the directory. Among the others, some of the important ones are:npm run build:package: This command outputs the dist/npm folder that contains the NPM package contents.
License
This project is licensed under the Elastic License 2.0. See the LICENSE.md file for details. Review the license terms to understand your permissions and restrictions.
If you have any questions about licensing, please contact us or refer to the official Elastic licensing page.
Contribute
We invite you to contribute to this project. For more information on how to contribute, please see here.
Contact us
For more information on any of the sections covered in this readme, you can contact us or start a conversation on our Slack channel.
Follow Us
:clap: Our Supporters
No vulnerabilities found.
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
all changesets reviewed
Reason
30 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
SAST tool is not run on all commits -- score normalized to 9
Details
- Warn: 29 commits out of 30 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 6
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/check_pr_title.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/check_pr_title.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-hotfix-branch.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/create-hotfix-branch.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-npm.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy-npm.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-npm.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy-npm.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-sanity-suite.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy-sanity-suite.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-sanity-suite.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy-sanity-suite.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/deploy.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-new-release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/draft-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-new-release.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/draft-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/draft-new-release.yml:146: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/draft-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/housekeeping.yaml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/housekeeping.yaml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/housekeeping.yaml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/housekeeping.yaml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-new-release.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/publish-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-new-release.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/publish-new-release.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rollback.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/rollback.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rollback.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/rollback.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rollback.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/rollback.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rollback.yml:121: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/rollback.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-code-quality-and-bundle-size-checks.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/security-code-quality-and-bundle-size-checks.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/trigger-test-suites.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/trigger-test-suites.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-and-lint.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/unit-tests-and-lint.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit-tests-and-lint.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/rudderlabs/rudder-sdk-js/unit-tests-and-lint.yml/develop?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/draft-new-release.yml:104
- Info: 0 out of 25 GitHub-owned GitHubAction dependencies pinned
- Info: 15 out of 17 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'develop'
- Info: 'force pushes' disabled on branch 'develop'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'develop'
- Info: 'stale review dismissal' is required to merge on branch 'develop'
- Warn: required approving review count is 1 on branch 'develop'
- Info: codeowner review is required on branch 'develop'
- Info: 'last push approval' is required to merge on branch 'develop'
- Warn: 'up-to-date branches' is disabled on branch 'develop'
- Info: status check found to merge onto on branch 'develop'
- Info: PRs are required in order to make changes on branch 'develop'
Reason
5 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
- Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
- Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
- Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/check_pr_title.yml:1
- Warn: no topLevel permission defined: .github/workflows/create-hotfix-branch.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy-beta.yml:12
- Warn: no topLevel permission defined: .github/workflows/deploy-dev.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy-npm.yml:22
- Warn: no topLevel permission defined: .github/workflows/deploy-prod.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy-sanity-suite.yml:36
- Warn: no topLevel permission defined: .github/workflows/deploy-staging.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy.yml:48
- Warn: no topLevel permission defined: .github/workflows/draft-new-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/housekeeping.yaml:1
- Warn: no topLevel permission defined: .github/workflows/publish-new-release.yml:1
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/rollback.yml:12
- Warn: no topLevel permission defined: .github/workflows/security-code-quality-and-bundle-size-checks.yml:1
- Warn: no topLevel permission defined: .github/workflows/trigger-test-suites.yml:1
- Warn: no topLevel permission defined: .github/workflows/unit-tests-and-lint.yml:1
- Warn: no topLevel permission defined: .github/workflows/validate-actor.yml:1
- Info: no jobLevel write permissions found
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
6.8
/10
Last Scanned on 2025-04-28
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More