npmpackage.info

@twilio/flex-dev-utils

Packages related to building a Twilio Flex Plugin

7.0.7

MIT

TypeScript

Installations

npm install @twilio/flex-dev-utils

Pull Requests

Open

39

Total

949

Closed

293

Merged

617

Issues

Open

0

Total

118

Closed

118

Releases

Release 3.0.0 (October 15, 2019)

v3.0.0

Published on 16 Oct 2019

Release 2.3.0 (May 07, 2019)

v2.3.0

Published on 07 May 2019

Release 2.0.0 (May 01, 2019)

v2.0.0

Published on 01 May 2019

View all 3 releases

Developer

twilio

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

Typescript Support

Yes

Node Version

20.18.0

NPM Version

lerna/5.6.2/node@v20.18.0+x64 (linux)

Statistics

83 Stars

3,245 Commits

56 Forks

18 Watching

107 Branches

51 Contributors

Updated on 14 Nov 2024

Languages

TypeScript (97.66%)

JavaScript (1.86%)

Shell (0.38%)

HTML (0.08%)

CSS (0.02%)

Total Downloads

Cumulative downloads

Total Downloads

871,358

Last day

-32.3%

1,289

Compared to previous day

Last week

-25.8%

8,300

Compared to previous week

Last month

26.1%

43,579

Compared to previous month

Last year

14.4%

395,096

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Versions

Twilio Flex Plugin Builder

Monorepo for all the tooling needed to create a custom Twilio Flex Plugins

Getting Started

Flex Plugin Builder requires Node.js. We support and recommend the LTS versions of Node. This is a monorepo project managed by lerna for creating Twilio Flex plugins.

@twilio-labs/plugin-flex: The CLI tool for creating, building, testing, deploying, and managing your plugins

User Guide

Please visit Twilio Docs for the latest docs on Plugins CLI and API.

Changelog

Major changelogs can be found in the changelog directory.

Contributing

Check out CONTRIBUTING for more information on how to contribute to this project.

License

Flex Plugin Builder is licensed under MIT.

Contributors

Thanks to the wonderful people listed in CONTRIBUTORS.md.

This project follows the all-contributors specification. Contributions of any kind welcome!

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

8

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

2

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 2

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_e2e.yaml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/pr_e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_e2e.yaml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/pr_e2e.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr_e2e.yaml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/pr_e2e.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_workflow.yaml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/pr_workflow.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_workflow.yaml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/pr_workflow.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr_workflow.yaml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/pr_workflow.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tag.yaml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/tag.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/~reusable_e2e_by_OS.yaml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_e2e_by_OS.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/~reusable_e2e_by_OS.yaml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_e2e_by_OS.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/~reusable_e2e_by_OS.yaml:248: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_e2e_by_OS.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/~reusable_e2e_by_OS.yaml:260: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_e2e_by_OS.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/~reusable_public_publish.yaml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_public_publish.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/~reusable_public_publish.yaml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_public_publish.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/~reusable_public_publish.yaml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_public_publish.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/~reusable_public_publish.yaml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_public_publish.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/~reusable_public_publish.yaml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_public_publish.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/~reusable_publish.yaml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_publish.yaml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/~reusable_publish.yaml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_publish.yaml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/~reusable_publish.yaml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/twilio/flex-plugin-builder/~reusable_publish.yaml/main?enable=pin
Info: 0 out of 12 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 7 third-party GitHubAction dependencies pinned
Info: 3 out of 3 npmCommand dependencies pinned

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Fuzzing

Determines if the project uses fuzzing.

0

Security-Policy

Determines if the project has published a security policy.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

40 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-73rg-f94j-xvhx
Warn: Project is vulnerable to: GHSA-4882-hxpr-hrvm
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-gx9m-whjm-85jf
Warn: Project is vulnerable to: GHSA-mmhx-hmjr-r674
Warn: Project is vulnerable to: GHSA-f6v4-cf5j-vf3w
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-8cf7-32gw-wr33
Warn: Project is vulnerable to: GHSA-hjrf-2m68-5959
Warn: Project is vulnerable to: GHSA-qwph-4952-7xr6
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-p495-jxh2-wrfg
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

4.8

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

@twilio/flex-dev-utils

Installations

Pull Requests

39

949

293

617

Issues

0

118

118

Releases

Developer

Developer Guide

CommonJS

Yes

20.18.0

lerna/5.6.2/node@v20.18.0+x64 (linux)

Statistics

Languages

Total Downloads

871,358

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

Optional Dependencies

Twilio Flex Plugin Builder

Getting Started

User Guide

Changelog

Contributing

License

Contributors

10

10

10

10

8

2

0

0

0

0

0

0

4.8

/10