Gathering detailed insights and metrics for @temp-mui/core-downloads-tracker
Gathering detailed insights and metrics for @temp-mui/core-downloads-tracker
Installations
npm install @temp-mui/core-downloads-trackerDeveloper Guide
BETA
Typescript
No
Module System
N/A
Node Version
18.19.0
NPM Version
10.2.3
Score
49.5
Supply Chain
36.9
Quality
76.1
Maintenance
100
Vulnerability
100
License
Releases
515
Contributors
3,004
Languages
4
TypeScript
JavaScript
CSS
HTML
TypeScript (55.44%)
JavaScript (44.34%)
CSS (0.2%)
HTML (0.02%)
Developer
Download Statistics
Total Downloads
1,699
Last Day
9
Last Week
279
Last Month
957
Last Year
1,699
GitHub Statistics
94,586 Stars
26,256 Commits
32,447 Forks
1,338 Watching
25 Branches
3,004 Contributors
Sponsor this package
Maintainers
1
Package Meta Information
Latest Version
5.15.15
Package Id
@temp-mui/core-downloads-tracker@5.15.15
Unpacked Size
2.03 kB
Size
1.24 kB
File Count
3
NPM Version
10.2.3
Node Version
18.19.0
Publised On
26 Jul 2024
Total Downloads
Cumulative downloads
Total Downloads
1,699
Last day
-92.2%
9
Compared to previous day
Last week
-7%
279
Compared to previous week
Last month
704.2%
957
Compared to previous month
Last year
0%
1,699
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
No dependencies detected.
Versions
@temp-mui/core-downloads-tracker
This package does not contain any code. It is used solely to track number of downloads of @temp-mui/material and @temp-mui/joy (the only packages that depend on it) and help us determine the number of users of @temp-mui/base. Counting downloads is done by npm (as for every other package).
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
29 out of 29 merged PRs checked by a CI test -- score normalized to 10
Reason
project has 34 contributing companies or organizations
Details
- Info: Treeshakers contributor org/company found, cssinjs contributor org/company found, yarnplugins contributor org/company found, adia-technology contributor org/company found, pretur contributor org/company found, state-machines contributor org/company found, nodejs contributor org/company found, webpack contributor org/company found, LightSourceAI contributor org/company found, lightsourceai contributor org/company found, A11yance contributor org/company found, vercel contributor org/company found, lob contributor org/company found, pabloengine contributor org/company found, cefsharp contributor org/company found, underjs contributor org/company found, goose-duck contributor org/company found, typescript-cheatsheets contributor org/company found, mui contributor org/company found, react-native-community contributor org/company found, zed-industries contributor org/company found, jalaali contributor org/company found, reactiran contributor org/company found, alienfast contributor org/company found, openfoodfacts contributor org/company found, mui-org contributor org/company found, testing-library contributor org/company found, reactwg contributor org/company found, typed-typings contributor org/company found, calcom contributor org/company found, emikra contributor org/company found, storybookjs contributor org/company found, yarnpkg contributor org/company found, instacart contributor org/company found,
Reason
no dangerous workflow patterns detected
Reason
update tool detected
Details
- Info: detected update tool: RenovateBot: renovate.json:1
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
30 commit(s) and 15 issue activity found in the last 90 days -- score normalized to 10
Reason
all dependencies are pinned
Details
- Info: 12 out of 12 GitHub-owned GitHubAction dependencies pinned
- Info: 12 out of 12 third-party GitHubAction dependencies pinned
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/check-if-pr-has-label.yml:14
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/closed-issue-message.yml:17
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:14
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:15
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/create-cherry-pick-pr.yml:17
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/maintenance.yml:27
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/mark-duplicate.yml:13
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/no-response.yml:22
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecards.yml:20
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecards.yml:21
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/support-stackoverflow.yml:14
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/vale-action.yml:12
- Info: found token with 'none' permissions: .github/workflows/check-if-pr-has-label.yml:1
- Info: found token with 'none' permissions: .github/workflows/ci-check.yml:1
- Info: found token with 'none' permissions: .github/workflows/ci.yml:1
- Info: found token with 'none' permissions: .github/workflows/closed-issue-message.yml:1
- Info: found token with 'none' permissions: .github/workflows/codeql.yml:1
- Info: found token with 'none' permissions: .github/workflows/create-cherry-pick-pr.yml:1
- Info: found token with 'none' permissions: .github/workflows/ensure-triage-label.yml:1
- Info: found token with 'none' permissions: .github/workflows/issue-cleanup.yml:1
- Info: found token with 'none' permissions: .github/workflows/maintenance.yml:1
- Info: found token with 'none' permissions: .github/workflows/mark-duplicate.yml:1
- Info: found token with 'none' permissions: .github/workflows/no-response.yml:1
- Info: found token with 'none' permissions: .github/workflows/priority-support-validation-prompt.yml:1
- Info: found token with 'none' permissions: .github/workflows/publish-canaries.yml:1
- Info: found token with 'none' permissions: .github/workflows/scorecards.yml:1
- Info: found token with 'none' permissions: .github/workflows/support-stackoverflow.yml:1
- Info: found token with 'none' permissions: .github/workflows/vale-action.yml:1
Reason
Found 11/12 approved changesets -- score normalized to 9
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 29 are checked with a SAST tool
Reason
badge detected: Passing
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'master'
- Info: 'force pushes' disabled on branch 'master'
- Warn: 'branch protection settings apply to administrators' is disable on branch 'master'
- Warn: 'stale review dismissal' is disable on branch 'master'
- Warn: required approving review count is 1 on branch 'master'
- Warn: codeowners review is not required on branch 'master'
- Warn: 'last push approval' is disable on branch 'master'
- Warn: 'up-to-date branches' is disable on branch 'master'
- Info: status check found to merge onto on branch 'master'
- Info: PRs are required in order to make changes on branch 'master'
Reason
9 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-cg87-wmx4-v546
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
7.9
/10
Last Scanned on 2025-02-01T02:24:28Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More