npmpackage.info

Gathering detailed insights and metrics for @tsed/cli-plugin-oidc-provider

Other packages similar to @tsed/cli-plugin-oidc-provider

@aws-sdk/client-sso-oidc

3.699.0

AWS SDK for JavaScript Sso Oidc Client for Node.js, Browser and React Native

@tsed/oidc-provider

7.84.1

OIDC provider package for Ts.ED framework

@tsed/oidc-provider-plugin-wildcard-redirect-uri

7.84.1

A plugin to support wildcard in the redirect uri whitelist

@tsed/cli-plugin-typegraphql

5.4.3

Ts.ED CLI plugin. Add TypeGraphql support.

Gathering detailed insights and metrics for @tsed/cli-plugin-oidc-provider

@tsed/cli-plugin-oidc-provider

💻 CLI for Ts.ED framework

5.4.3

MIT

TypeScript

90,449 4.1

Installations

npm install @tsed/cli-plugin-oidc-provider

Pull Requests

Open

19

Total

368

Closed

110

Merged

239

Issues

Open

4

Total

54

Closed

50

Releases

337

v6.0.0-rc.4

Published on 26 Nov 2024

v6.0.0-rc.3

Published on 25 Nov 2024

v6.0.0-rc.2

Published on 09 Nov 2024

v6.0.0-rc.1

Published on 30 Oct 2024

v6.0.0-beta.4

Published on 13 Oct 2024

v6.0.0-beta.3

Published on 12 Oct 2024

View all 337 releases

Developer

tsedio

Developer Guide

BETA

Module System

CommonJS, ESM

Min. Node Version

Typescript Support

No

Node Version

20.17.0

NPM Version

10.8.2 Statistics

42 Stars

1,024 Commits

21 Forks

9 Watching

44 Branches

27 Contributors

Updated on 30 Oct 2024

Languages

TypeScript (84.35%)

Handlebars (9.33%)

JavaScript (4.23%)

EJS (1.91%)

Shell (0.18%)

Total Downloads

Cumulative downloads

Total Downloads

90,449

Last day

-77.2%

Compared to previous day

Last week

600%

1,197

Compared to previous week

Last month

-52.1%

3,433

Compared to previous month

Last year

707.3%

73,677

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Versions

Ts.ED CLI

Website • Getting started • Slack • Twitter

Features

Please refer to the documentation for more details.

Installation

1npm install -g @tsed/cli

To create a Ts.ED project, create a new directory and use the following commands:

1tsed init .
2npm start # or yarn start

Proxy configuration

Ts.ED CLI uses the npm proxy configuration. Use these commands to configure the proxy:

1npm config set proxy http://username:password@host:port
2npm config set https-proxy http://username:password@host:port

Or you can edit directly your ~/.npmrc file:

proxy=http://username:password@host:port
https-proxy=http://username:password@host:port
https_proxy=http://username:password@host:port

The following environment variables can be also used to configure the proxy HTTPS_PROXY, HTTP_PROXY and NODE_TLS_REJECT_UNAUTHORIZED.

Contributors

Please read contributing guidelines here

Backers

Thank you to all our backers! 🙏 [Become a backer]

License

The MIT License (MIT)

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

SAST

Determines if the project uses static code analysis.

1

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 1

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:68: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/build.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/build.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/close-issue-message.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/close-issue-message.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-ql.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/code-ql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-ql.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/code-ql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-ql.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/code-ql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/code-ql.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/code-ql.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rebase.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/rebase.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/rebase.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/rebase.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/website.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/website.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/tsedio/tsed-cli/website.yml/master?enable=pin
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/bun/Dockerfile.hbs:5
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/bun/Dockerfile.hbs:8
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/bun/Dockerfile.hbs:20
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/bun/Dockerfile.hbs:27
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/npm/Dockerfile.hbs:5
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/npm/Dockerfile.hbs:16
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/pnpm/Dockerfile.hbs:5
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/pnpm/Dockerfile.hbs:16
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/yarn/Dockerfile.hbs:5
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/yarn/Dockerfile.hbs:16
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/yarn_berry/Dockerfile.hbs:5
Warn: containerImage not pinned by hash: packages/cli/templates/init/docker/yarn_berry/Dockerfile.hbs:17
Info: 0 out of 16 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 2 third-party GitHubAction dependencies pinned
Info: 0 out of 12 containerImage dependencies pinned
Info: 2 out of 2 npmCommand dependencies pinned

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

58 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-6vfc-qv3f-vr6c
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-5j4c-8p2g-v4jx
Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-mf6x-hrgr-658f
Warn: Project is vulnerable to: GHSA-xrh7-m5pp-39r6
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-f9xv-q969-pqx4

Score

4.1

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to @tsed/cli-plugin-oidc-provider

Other packages similar to @tsed/cli-plugin-oidc-provider

@tsed/cli-plugin-oidc-provider

Installations

Pull Requests

19

368

110

239

Issues

4

54

50

Releases

Developer

tsedio

Developer Guide

CommonJS, ESM

No

20.17.0

10.8.2

Statistics

Languages

Total Downloads

90,449

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Peer Dependencies

Dev Dependencies

Ts.ED CLI

Features

Installation

Proxy configuration

Contributors

Backers

Sponsors

License

10

10

10

10

10

1

0

0

0

0

0

0

0

4.1

/10