Gathering detailed insights and metrics for @salesforce-ux/design-system
Gathering detailed insights and metrics for @salesforce-ux/design-system
Installations
npm install @salesforce-ux/design-systemDeveloper
Developer Guide
BETA
Module System
Unable to determine the module system for this package.
Min. Node Version
Typescript Support
No
Node Version
16.16.0
NPM Version
8.11.0
Statistics
3,571 Stars
10,960 Commits
827 Forks
187 Watching
13 Branches
80 Contributors
Updated on 24 Nov 2024
Languages
JavaScript (65.04%)
SCSS (22.2%)
MDX (12.28%)
Shell (0.32%)
HTML (0.09%)
Ruby (0.06%)
Total Downloads
Cumulative downloads
Total Downloads
8,444,626
Last day
-46.7%
3,194
Compared to previous day
Last week
-29.3%
25,783
Compared to previous week
Last month
-27%
154,334
Compared to previous month
Last year
7.4%
1,961,907
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Peer Dependencies
1
Versions
Salesforce Lightning Design System
Welcome to the source code repository for Salesforce Lightning Design System, brought to you by Salesforce UX.
SLDS is...
- Tailored for building Salesforce apps: Using the Lightning Design System markup and CSS framework results in UIs that reflect the Salesforce Lightning look and feel.
- Continuously updated: As long as you’re using the latest version of the Lightning Design System, your pages are always up to date with Salesforce UI changes.
Getting Started
This project utilizes Storybook for component development. If you would like to know more about Storybook or how it works, check out their website.
Project Installation & Setup:
- Clone the repository down locally.
cdinto the project and runnpm installto install all project dependencies.
Running the Development Environment:
The Storybook development environment can be started by running npm start
Whenever you add, remove, or alter a component's css annotation metadata, you'll need to restart Storybook to see those changes.
Configuring Node and NVM
Node v14 is recommended for use with the Design System repository, and NVM is the recommended choice for managing multiple versions of Node on your computer.
A .nvmrc file is included in this project to aid in local development. To utilize it for setting your project's node version, run nvm use in the root of the directory.
Additionally, you can set up a deeper shell integration for automatically invoking the nvmrc file when you change into the project directory by
following these instructions.
Developing in Storybook
Once the development server is started with npm start, you can load it at http://localhost:9002.
Annotations
See the annotations guide.
Tasks
npm start
Starts the Storybook server for local development.
npm run gulp -- lint
Lint the code base for syntax and stylistic errors.
# Lint indentation, Sass, JavaScript files
npm run gulp -- lint
# Lint languages independently
npm run gulp -- lint:sass
npm run gulp -- lint:javascript
npm run gulp -- lint:javascript:test
npm run gulp -- lint:spaces
npm run gulp -- lint:html
# HTML5 validation
npm run gulp -- lint:vnu
# HTML5 validation on comma separated blueprint names
npm run gulp -- lint:vnu --components button,path,trees
# a11y validation
npm run gulp -- lint:a11y
# a11y validation on comma separated blueprint names
npm run gulp -- lint:a11y --components button,path,trees
# Lint examples using vnu, aXe, slds validation, and HTML5 validation
npm run gulp -- lint:examples
Pull Request Checks
To run all the checks a pull request will run in Travis use the following command.
# To run every check against all blueprints
npm run pr-checks
# To run every check but target certain blueprints for slow checks like aXe and vnu
npm run pr-checks -- --components button,path,trees
Compilation
npm run build-dist
Generate the Lightning Design System into the .dist directory.
npm run gulp -- styles
Compile Sass to CSS into .assets/styles.
npm run gulp -- clean
Delete temporary build and local files.
Stats
npm run gulp -- styles:stats: Useful stats about the project's deliverables.
Tests
npm test: run all tests, except axe/a11y tests
npm run test:a11y: run axe tests for accessibility violations
Results are saved into ./__tests__/a11y/results.
Release
npm release:site: build and release the framework and site
Requires heroku access to build and release the site.
Troubleshooting
See the troubleshooting guide.
Contributing Back to SLDS
See the contributing guide.
Licenses
- Source code is licensed under BSD 3-Clause
- All icons and images are licensed under Creative Commons Attribution-NoDerivatives 4.0
Got Feedback?
Please open a new GitHub Issue.
No vulnerabilities found.
Reason
29 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/a11y.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/a11y.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/a11y.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/a11y.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/a11y.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/a11y.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/a11y.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/a11y.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/a11y.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/a11y.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/a11y.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/a11y.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/a11y.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/a11y.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/a11y.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/a11y.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/a11y.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/a11y.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/remove-labels.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/remove-labels.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/remove-labels.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/remove-labels.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:128: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/storybook.yml:210: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/storybook.yml:350: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:355: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:357: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:385: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:407: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:420: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/storybook.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:233: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:235: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:240: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:262: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/storybook.yml:274: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:281: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:290: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:303: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/storybook.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/vrt.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/vrt.yml:172: update your workflow using https://app.stepsecurity.io/secureworkflow/salesforce-ux/design-system/vrt.yml/main?enable=pin
- Warn: downloadThenRun not pinned by hash: .github/workflows/storybook.yml:181
- Warn: downloadThenRun not pinned by hash: .github/workflows/storybook.yml:310
- Warn: npmCommand not pinned by hash: .github/workflows/vrt.yml:52
- Warn: npmCommand not pinned by hash: .github/workflows/vrt.yml:84
- Warn: npmCommand not pinned by hash: .github/workflows/vrt.yml:117
- Warn: npmCommand not pinned by hash: .github/workflows/vrt.yml:178
- Info: 0 out of 42 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 7 third-party GitHubAction dependencies pinned
- Info: 9 out of 13 npmCommand dependencies pinned
- Info: 0 out of 2 downloadThenRun dependencies pinned
Reason
Found 0/30 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/a11y.yml:1
- Warn: no topLevel permission defined: .github/workflows/remove-labels.yml:1
- Warn: no topLevel permission defined: .github/workflows/storybook.yml:1
- Warn: no topLevel permission defined: .github/workflows/vrt.yml:1
- Info: no jobLevel write permissions found
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
98 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
- Warn: Project is vulnerable to: GHSA-hm92-vgmw-qfmx
- Warn: Project is vulnerable to: GHSA-h452-7996-h45h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-hr2v-3952-633q
- Warn: Project is vulnerable to: GHSA-653v-rqx9-j85p
- Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-6h5x-7c5m-7cr7
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-q42p-pg8m-cqh6
- Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
- Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
- Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
- Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-vfrc-7r7c-w9mx
- Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-xvf7-4v9q-58w6
- Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
- Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
- Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
- Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c
- Warn: Project is vulnerable to: GHSA-f9cm-qmx5-m98h
- Warn: Project is vulnerable to: GHSA-7wpw-2hjm-89gp
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-wvhm-4hhf-97x9
- Warn: Project is vulnerable to: GHSA-h4hr-7fg3-h35w
- Warn: Project is vulnerable to: GHSA-gj77-59wh-66hg
- Warn: Project is vulnerable to: GHSA-hqhp-5p83-hx96
- Warn: Project is vulnerable to: GHSA-3949-f494-cm99
- Warn: Project is vulnerable to: GHSA-3965-hpx2-q597
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-5q6m-3h65-w53x
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
- Warn: Project is vulnerable to: GHSA-3f95-r44v-8mrg
- Warn: Project is vulnerable to: GHSA-28xr-mwxg-3qc8
- Warn: Project is vulnerable to: GHSA-9p95-fxvg-qgq2
- Warn: Project is vulnerable to: GHSA-9w5j-4mwv-2wj8
- Warn: Project is vulnerable to: GHSA-hpqj-7cj6-hfj8
- Warn: Project is vulnerable to: GHSA-4vrv-93c7-m92j
- Warn: Project is vulnerable to: GHSA-4x6g-3cmx-w76r
- Warn: Project is vulnerable to: GHSA-gx6r-qc2v-3p3v
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-4w2j-2rg4-5mjw
- Warn: Project is vulnerable to: GHSA-mrgp-mrhc-5jrq
- Warn: Project is vulnerable to: GHSA-7jxr-cg7f-gpgv
- Warn: Project is vulnerable to: GHSA-xj72-wvfv-8985
- Warn: Project is vulnerable to: GHSA-ch3r-j5x3-6q2m
- Warn: Project is vulnerable to: GHSA-p5gc-c584-jj6v
- Warn: Project is vulnerable to: GHSA-whpj-8f3w-67p5
- Warn: Project is vulnerable to: GHSA-cchq-frgv-rjh5
- Warn: Project is vulnerable to: GHSA-g644-9gfx-q4q4
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
3.6
/10
Last Scanned on 2024-07-01
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More