npmpackage.info

Gathering detailed insights and metrics for @startupjs/babel-plugin-react-pug-classnames

@startupjs/babel-plugin-react-pug-classnames - 0.55.8 | npmpackage.info

@startupjs/babel-plugin-react-pug-classnames

⚡ Universal React Native + Web framework with isomorphic collaborative DB and observables

0.55.8

107

JavaScript

640.00 B

89,717 1.6

Installations

npm install @startupjs/babel-plugin-react-pug-classnames

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

21.1.0

NPM Version

lerna/3.22.1/node@v21.1.0+arm64 (darwin)

Score

68.7

Supply Chain

65.7

Quality

84.8

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

25

Total

1,167

Closed

139

Merged

1,003

Issues

Open

99

Total

122

Closed

23

Releases

v0.21.1 (April 23, 2020)

v0.21.1

Updated on Apr 23, 2020

v0.21.0 (April 21, 2020)

v0.21.0

Updated on Apr 22, 2020

v0.20.0 (April 20, 2020)

v0.20.0

Updated on Apr 22, 2020

v0.19.3 (April 18, 2020)

v0.19.3

Updated on Apr 22, 2020

v0.19.2 (April 18, 2020)

v0.19.2

Updated on Apr 22, 2020

v0.19.1 (April 17, 2020)

v0.19.1

Updated on Apr 17, 2020

View All 19 releases

Languages

JavaScript

MDX

Shell

Stylus

TypeScript

Objective-C

Java

Dockerfile

CSS

HTML

Ruby

Starlark

Swift

JavaScript (58.6%)

MDX (32.89%)

Shell (3.44%)

Stylus (2.94%)

TypeScript (1.02%)

Objective-C (0.31%)

Java (0.3%)

Dockerfile (0.21%)

CSS (0.15%)

HTML (0.07%)

Ruby (0.04%)

Starlark (0.03%)

C (0.01%)

Developer

startupjs

Download Statistics

Total Downloads

89,717

Last Day

Last Week

283

Last Month

1,133

Last Year

16,172

GitHub Statistics

107 Stars

4,195 Commits

49 Forks

10 Watchers

92 Branches

59 Contributors

Updated on May 11, 2025

Bundle Size

1.33 kB

Minified

640.00 B

Minified + Gzipped

Bundlephobia

Maintainers

View All 59 Contributors

Package Meta Information

Latest Version

0.55.8

Package Id

@startupjs/babel-plugin-react-pug-classnames@0.55.8

Unpacked Size

4.47 kB

Size

1.64 kB

File Count

NPM Version

lerna/3.22.1/node@v21.1.0+arm64 (darwin)

Node Version

21.1.0

Published on

Dec 16, 2023

Total Downloads

Cumulative downloads

Total Downloads

89,717

Last Day

-15.9%

Compared to previous day

Last Week

66.5%

283

Compared to previous week

Last Month

-12.5%

1,133

Compared to previous month

Last Year

17.2%

16,172

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

@babel/plugin-syntax-jsx babel-plugin-tester jest

@startupjs/babel-plugin-react-pug-classnames

Allows to properly parse sub-components in pug:

1Card
2  Card.Header.top(styleName={ active } title='Title')
3    | Hello world
4  Card.Content.middle
5  Card.Footer(buttons=['Confirm', 'Cancel'])

License

MIT

No vulnerabilities found.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

9

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Maintained

Determines if the project is "actively maintained".

0

Security-Policy

Determines if the project has published a security policy.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

0

License

Determines if the project has defined a license.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy-styleguide.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/deploy-styleguide.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-deploy-aks.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-deploy-aks.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-deploy-aks.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-deploy-aks.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-deploy-aks.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-deploy-aks.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-deploy-aks.yaml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-deploy-aks.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-deploy-eks.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-deploy-eks.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-deploy-eks.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-deploy-eks.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-deploy-eks.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-deploy-eks.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-deploy-eks.yaml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-deploy-eks.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-dev.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-dev.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-dev.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-dev.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-dev.yaml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-dev.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-dev.yaml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-dev.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-dev.yaml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-dev.yaml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-dev.yaml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/publish-dev.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yaml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/run-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yaml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/run-tests.yaml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/run-tests.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/startupjs/startupjs/run-tests.yaml/master?enable=pin
Warn: containerImage not pinned by hash: docker/deploy-aks/Dockerfile:13
Warn: containerImage not pinned by hash: docker/deploy-aks/Dockerfile:16: pin your Docker image by updating mcr.microsoft.com/azure-cli:2.59.0 to mcr.microsoft.com/azure-cli:2.59.0@sha256:eb21a975e39a46f49b86ab517ea2916e146560c7844d0c488cf85eee8a38398d
Warn: containerImage not pinned by hash: docker/deploy-eks/Dockerfile:13
Warn: containerImage not pinned by hash: docker/deploy-eks/Dockerfile:16: pin your Docker image by updating robertd/alpine-aws-cdk to robertd/alpine-aws-cdk@sha256:daccf2d55e6da612ed11e59248395cc1defadf3683a0aaa971801b4f88490d76
Warn: containerImage not pinned by hash: docker/deploy/Dockerfile:1: pin your Docker image by updating google/cloud-sdk to google/cloud-sdk@sha256:b98cfa4c9f1cb622326cc43df31c8731032258e707cfd959718b10d32e01915d
Warn: containerImage not pinned by hash: docker/deploy/helpers/Dockerfile:1: pin your Docker image by updating node:21.2-alpine to node:21.2-alpine@sha256:5fc1d095e47286b0859342a7b8a90b1c3adf2c283f12c6542a5456c1f2955218
Warn: containerImage not pinned by hash: docker/dev/Dockerfile:1: pin your Docker image by updating node:21.2-alpine to node:21.2-alpine@sha256:5fc1d095e47286b0859342a7b8a90b1c3adf2c283f12c6542a5456c1f2955218
Warn: containerImage not pinned by hash: styleguide/Dockerfile:1: pin your Docker image by updating node:21.2-alpine to node:21.2-alpine@sha256:5fc1d095e47286b0859342a7b8a90b1c3adf2c283f12c6542a5456c1f2955218
Warn: npmCommand not pinned by hash: docker/dev/docker-entrypoint.sh:5
Warn: npmCommand not pinned by hash: scripts/tasks.sh:34
Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 11 third-party GitHubAction dependencies pinned
Info: 0 out of 8 containerImage dependencies pinned
Info: 0 out of 2 npmCommand dependencies pinned

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

60 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-4g6q-77j7-vvjc
Warn: Project is vulnerable to: GHSA-7v5v-9h63-cj86
Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-wm7h-9275-46v2
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-3q56-9cc2-46j4
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-75v8-2h7p-7m2m
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-m5qc-5hw7-8vg7
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-hhhv-q57g-882q
Warn: Project is vulnerable to: GHSA-8cf7-32gw-wr33
Warn: Project is vulnerable to: GHSA-hjrf-2m68-5959
Warn: Project is vulnerable to: GHSA-qwph-4952-7xr6
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
Warn: Project is vulnerable to: GHSA-h755-8qp9-cq85
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975
Warn: Project is vulnerable to: GHSA-cchq-frgv-rjh5
Warn: Project is vulnerable to: GHSA-g644-9gfx-q4q4
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc

Score

1.6

/10

Last Scanned on 2025-05-05

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More