Gathering detailed insights and metrics for @scramjet/utility
Scramjet Transform Hub (STH) is a runtime supervisor that can run data processing programs called Sequences and manage local resources on any Linux server, Docker on small edge servers, and even large-scale Kubernetes clusters in the cloud or datacenters. It connects to Scramjet Spaces in Scramjet Cloud Platform.
Installations
npm install @scramjet/utilityDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
18.19.1
NPM Version
10.2.4
Score
73.9
Supply Chain
94.4
Quality
84.3
Maintenance
100
Vulnerability
80.9
License
Releases
46
Contributors
26
Languages
6
TypeScript
JavaScript
Gherkin
Python
Shell
Dockerfile
TypeScript (85.83%)
JavaScript (6.88%)
Gherkin (4.03%)
Python (1.63%)
Shell (1.23%)
Dockerfile (0.4%)
Developer
scramjetorg
Download Statistics
Total Downloads
35,087
Last Day
11
Last Week
147
Last Month
293
Last Year
4,056
GitHub Statistics
67 Stars
3,679 Commits
8 Forks
12 Watching
47 Branches
26 Contributors
Bundle Size
125.89 kB
Minified
35.58 kB
Minified + Gzipped
Maintainers
4
Package Meta Information
Latest Version
1.0.1
Package Id
@scramjet/utility@1.0.1
Unpacked Size
177.99 kB
Size
57.28 kB
File Count
163
NPM Version
10.2.4
Node Version
18.19.1
Publised On
13 Mar 2024
Total Downloads
Cumulative downloads
Total Downloads
35,087
Last day
83.3%
11
Compared to previous day
Last week
1,030.8%
147
Compared to previous week
Last month
72.4%
293
Compared to previous month
Last year
-70.1%
4,056
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Versions
@scramjet/utility
This package is part of Scramjet Transform Hub. The package holds utility functions used in places around Scramjet Transform Hub.
This package includes domain agnostic utility functions, meaning there shouldn't be any business use-case specific code here. It's important since a package like this one tends to be a very common dependency for other packages. Ideally functions from this package should be written once, well tested and never changed.
Functions
Example of a GOOD function for this package
This function does not have any knowledge of business components in the system and it's simple. Thus it's pretty stable.
1export const defer = (timeout: number): Promise<void> => 2 new Promise(res => setTimeout(res, timeout));
Example of a BAD function for this package
Knowledge about different types of streams on our platform indicates that this function defines a business logic.
1import { EncodedMonitoringMessage, WritableStream } from "@scramjet/types"; 2 3export class MessageUtils { 4 public static writeMessageOnStream([code, data]: EncodedMonitoringMessage, streamToWrite?: WritableStream<any>){ 5 if (streamToWrite === undefined) { 6 throw new Error("The Stream is not defined."); 7 } 8 9 streamToWrite.write(JSON.stringify([code, data]) + "\r\n"); 10 } 11}
Docs
See the code documentation here: scramjetorg/transform-hub/docs/types/modules.md
Scramjet Transform Hub
This package is part of Scramjet Transform Hub.
Scramjet Transform Hub is a deployment and execution platform. Once installed on a server, it will allow you to start your programs and keep them running on a remote machine. You will be able to start programs in the background or connect to them and see their output directly on your terminal. You will be able to pipe your local data to the program, as if it was running from your terminal. You can start your server in AWS, Google Cloud or Azure, start it on your local machine, install it on a Raspberry Pi or wherever else you'd like.
Some important links
- Scramjet, the company behind Transform Hub
- The Scramjet Framework - functional reactive stream processing framework
- The Transform Hub repo on github
- You can see the Scramjet Transform Hub API docs here
- You can see the CLI documentation here, but
si helpshould also be quite effective. - Don't forget to ⭐ this repo if you like it,
subscribeto releases and keep visiting us for new versions and updates. - You can open an issue - file a bug report or a feature request here
License and contributions
This module is licensed under AGPL-3.0 license.
The Scramjet Transform Hub project is dual-licensed under the AGPL-3.0 and MIT licenses. Parts of the project that are linked with your programs are MIT licensed, the rest is AGPL.
Contributions
We accept valid contributions and we will be publishing a more specific project roadmap so contributors can propose features and also help us implement them. We kindly ask you that contributed commits are Signed-Off git commit --sign-off.
We provide support for contributors via test cases. If you expect a certain type of workflow to be officially supported, please specify and implement a test case in Gherkin format in bdd directory and include it in your pull request. More info about our BDD test you will find here.
Help wanted 👩🎓🧑👱♀️
The project need's your help! There's lots of work to do and we have a lot of plans. If you want to help and be part of the Scramjet team, please reach out to us, on discord or email us: opensource@scramjet.org.
Donation 💸
Do you like this project? It helped you to reduce time spent on delivering your solution? You are welcome to buy us a coffee ☕ Thanks a lot! 😉
- There's also a Paypal donation link if you prefer that:
No vulnerabilities found.
Reason
all changesets reviewed
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: GNU Affero General Public License v3.0: LICENSE:0
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish-release.yml:50
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/_main_sth-build-test-node-18.yml:1
- Warn: no topLevel permission defined: .github/workflows/analyze-code.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-docker-prerunner.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-docker-runner-node.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-docker-runner-python.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-docker-sth.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-refapps.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-sth.yml:1
- Warn: no topLevel permission defined: .github/workflows/preinstall-deps.yml:1
- Warn: no topLevel permission defined: .github/workflows/publish-release.yml:1
- Warn: no topLevel permission defined: .github/workflows/release-test.yml:1
- Warn: no topLevel permission defined: .github/workflows/security-check.yml:1
- Warn: no topLevel permission defined: .github/workflows/test-bdd-docker.yml:1
- Warn: no topLevel permission defined: .github/workflows/test-bdd-process.yml:1
- Warn: no topLevel permission defined: .github/workflows/test-unit.yml:1
- Info: no jobLevel write permissions found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analyze-code.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/analyze-code.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/analyze-code.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/analyze-code.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-prerunner.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-prerunner.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-prerunner.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-prerunner.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-prerunner.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-prerunner.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-runner-node.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-runner-node.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-runner-node.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-runner-node.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-runner-node.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-runner-node.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-runner-python.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-runner-python.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-runner-python.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-runner-python.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-sth.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-sth.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-sth.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-sth.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-docker-sth.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-docker-sth.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-refapps.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-refapps.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-refapps.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-refapps.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-refapps.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-refapps.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-sth.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-sth.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-sth.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-sth.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-sth.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/build-sth.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/preinstall-deps.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/preinstall-deps.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/preinstall-deps.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/preinstall-deps.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/preinstall-deps.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/preinstall-deps.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/publish-release.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-release.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/publish-release.yml/devel?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-release.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/publish-release.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-release.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/publish-release.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-release.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/publish-release.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-release.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/publish-release.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-test.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/release-test.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/release-test.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-check.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/security-check.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security-check.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/security-check.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-docker.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-docker.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-docker.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-docker.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-docker.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-docker.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-docker.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-docker.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-docker.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-docker.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-docker.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-docker.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-docker.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-docker.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-process.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-process.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-process.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-process.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-process.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-process.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-bdd-process.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-bdd-process.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-unit.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-unit.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-unit.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-unit.yml/devel?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-unit.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/scramjetorg/transform-hub/test-unit.yml/devel?enable=pin
- Warn: containerImage not pinned by hash: packages/pre-runner/Dockerfile:1: pin your Docker image by updating node:lts-bullseye-slim to node:lts-bullseye-slim@sha256:8d01d258d1c400417c3ea058b10e6e0c93a605276aac84b3ec7cb0c08b8c5d33
- Warn: containerImage not pinned by hash: packages/python-runner/Dockerfile:1: pin your Docker image by updating python:3.9-slim-bullseye to python:3.9-slim-bullseye@sha256:524cc46c29234231ba3b7fa3e516497ec0b10469d178641b2bf2153862c98e99
- Warn: containerImage not pinned by hash: packages/python-runner/Dockerfile-tf-gpu:1
- Warn: containerImage not pinned by hash: packages/runner/Dockerfile:1
- Warn: containerImage not pinned by hash: packages/runner/Dockerfile:17
- Warn: containerImage not pinned by hash: packages/runner/Dockerfile:31
- Warn: containerImage not pinned by hash: packages/sth/Dockerfile:1
- Warn: containerImage not pinned by hash: packages/sth/Dockerfile:28
- Warn: pipCommand not pinned by hash: packages/python-runner/Dockerfile:23
- Warn: pipCommand not pinned by hash: packages/python-runner/Dockerfile-tf-gpu:23
- Warn: pipCommand not pinned by hash: packages/python-runner/Dockerfile-tf-gpu:24
- Info: 0 out of 45 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 3 pipCommand dependencies pinned
- Info: 0 out of 8 containerImage dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
16 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-pppg-cpfq-h7wr
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
4.2
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More