npmpackage.info

Gathering detailed insights and metrics for @sanity/diff

Other packages similar to @sanity/diff

@sanity/diff-match-patch

3.2.0

Robust diff, match and patch algorithms to perform operations required for synchronizing plain text

sanity-diff-patch

4.0.0

Generates a set of Sanity patches needed to change an item (usually a document) from one shape to another

@sanity/diff-patch

6.0.0

Generates a set of Sanity patches needed to change an item (usually a document) from one shape to another

@sanity/field

2.36.2

Diff utilities and preview components

Gathering detailed insights and metrics for @sanity/diff

@sanity/diff - 3.99.0 | npmpackage.info

@sanity/diff

Sanity Studio – Rapidly configure content workspaces powered by structured content

3.99.0

5,725

MIT

TypeScript

150.63 kB

4.4

Installations

npm install @sanity/diff

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS, ESM

Min. Node Version

>=18

Node Version

22.17.0

NPM Version

10.9.2 Pull Requests

Open

111

Total

7,605

Closed

953

Merged

6,541

Issues

Open

408

Total

2,010

Closed

1,602

Releases

586

v3.99.0

Updated on Jul 11, 2025

v3.98.1

Updated on Jul 09, 2025

v3.98.0

Updated on Jul 08, 2025

v3.97.1

Updated on Jul 04, 2025

v3.97.0

Updated on Jul 04, 2025

v3.96.0

Updated on Jul 02, 2025

View All 586 releases

Languages

TypeScript

JavaScript

HTML

CSS

Astro

TypeScript (96.99%)

JavaScript (2.96%)

HTML (0.03%)

CSS (0.02%)

Developer

sanity-io

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

5,725 Stars

18,858 Commits

481 Forks

83 Watchers

955 Branches

151 Contributors

Updated on Jul 12, 2025

Maintainers

View All 151 Contributors

Package Meta Information

Latest Version

3.99.0

Package Id

@sanity/diff@3.99.0

Unpacked Size

150.63 kB

Size

28.60 kB

File Count

NPM Version

10.9.2

Node Version

22.17.0

Published on

Jul 11, 2025

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@sanity/diff-match-patch

Dev Dependencies

rimraf @repo/eslint-config @repo/package.config

@sanity/diff: Tools for diffing data structures

@sanity/diff is a library for calculating and presenting diffs of content.

Concepts and architecture

The main data structure is Diff which represents a difference between two versions. This is a nested data structure so if it's an ObjectDiff, then its children will have Diff as well.

The Diff is built on top of the unchanged, added and removed primitives. This means that it will contain both versions at the same time and it's always trivial to recreate the old/new version (by ignoring the added/removed parts of the diff).

Note that for arrays and objects, unchanged/added/removed only have a "shallow" meaning. An ObjectDiff will have a unchanged field if the field was present in both the old and new version - regardless of whether there's any internal changes.
Diff also supports annotations. These contain information about when a change was introduced and who was responsible for it.
To construct a Diff you need to represent the versions as Input types and use diffInput(from,to) to create the diff. The primary reason for a separate Input type is to support passing along annotations. In addition, this allows us to optimize based on the object equality of the inputs.
There are multiple ways of presenting a diff: Sometimes you want to only show the fields that has changed, and other times you want to show the full new (or old!) document interspersed with the changes.

This library does not contain any UI components, but instead provides various presentation-related helper functions.

No vulnerabilities found.

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Maintained

Determines if the project is "actively maintained".

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Security-Policy

Determines if the project has published a security policy.

5

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

2

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 2

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-test.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/cli-test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/cli-test.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/cli-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/cli-test.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/cli-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-release-pr.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/create-release-pr.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/create-release-pr.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/create-release-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-release-pr.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/create-release-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/create-release-pr.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/create-release-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/depCheck.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/depCheck.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/depCheck.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/depCheck.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/depCheck.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/depCheck.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docReport.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/docReport.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docReport.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/docReport.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docReport.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/docReport.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:100: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ct.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ct.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:111: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:206: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:221: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:231: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-ui.yml:241: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e-ui.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:323: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:324: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:325: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:334: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:345: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:137: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:138: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:251: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/e2e.yml:252: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:253: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:271: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:309: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/efps.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/efps.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/efps.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/efps.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/efps.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/efps.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/efps.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/efps.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/efps.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/efps.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/efps.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/efps.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/efps.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/efps.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/efps.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/efps.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/efps.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/efps.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/etl.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/etl.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/etl.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/etl.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/etl.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/etl.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/formatCheck.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/formatCheck.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/formatCheck.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/formatCheck.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/formatCheck.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/formatCheck.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/formatCheck.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/formatCheck.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-dts-tests-if-needed.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/generate-dts-tests-if-needed.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/generate-dts-tests-if-needed.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/generate-dts-tests-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-dts-tests-if-needed.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/generate-dts-tests-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/generate-dts-tests-if-needed.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/generate-dts-tests-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-fix-if-needed.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/lint-fix-if-needed.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lint-fix-if-needed.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/lint-fix-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-fix-if-needed.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/lint-fix-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-fix-if-needed.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/lint-fix-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint-fix-if-needed.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/lint-fix-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lintPr.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/lintPr.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lintPr.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/lintPr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lintPr.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/lintPr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/perf.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/perf.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/perf.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/perf.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/perf.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/perf.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/perf.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/perf.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg-pr-new.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pkg-pr-new.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pkg-pr-new.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pkg-pr-new.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pkg-pr-new.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pkg-pr-new.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pnpm-if-needed.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pnpm-if-needed.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pnpm-if-needed.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pnpm-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pnpm-if-needed.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pnpm-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pnpm-if-needed.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pnpm-if-needed.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-cleanup.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pr-cleanup.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-cleanup.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pr-cleanup.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-cleanup.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pr-cleanup.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-cleanup.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pr-cleanup.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-cleanup.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pr-cleanup.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-cleanup.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/pr-cleanup.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-compiler.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/react-compiler.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/react-compiler.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/react-compiler.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-compiler.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/react-compiler.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-compiler.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/react-compiler.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/release-latest.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-latest.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/release-latest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-latest.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/release-latest.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-next.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/release-next.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-next.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/release-next.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-next.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/release-next.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-next.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/release-next.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:149: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:151: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:163: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/testExports.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/testExports.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/testExports.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/testExports.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/testExports.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/testExports.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/typeCheck.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/typeCheck.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/typeCheck.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/typeCheck.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/typeCheck.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/sanity-io/sanity/typeCheck.yml/main?enable=pin
Info: 0 out of 104 GitHub-owned GitHubAction dependencies pinned
Info: 16 out of 52 third-party GitHubAction dependencies pinned

1

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

0

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

Score

4.4

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More