Installations
npm install @umijs/fabricScore
54.8
Supply Chain
66.5
Quality
77.7
Maintenance
100
Vulnerability
93.4
License
Developer
umijs
Developer Guide
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
16.14.2
NPM Version
8.5.0
Statistics
642 Stars
242 Commits
102 Forks
7 Watching
12 Branches
29 Contributors
Updated on 14 Nov 2024
Bundle Size
86.07 kB
Minified
26.17 kB
Minified + Gzipped
Languages
TypeScript (57.14%)
JavaScript (33.85%)
Less (6.82%)
EJS (2.2%)
Total Downloads
Cumulative downloads
Total Downloads
6,855,029
Last day
-6%
8,648
Compared to previous day
Last week
27.4%
51,273
Compared to previous week
Last month
25.3%
153,926
Compared to previous month
Last year
-22.2%
1,424,717
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
30
Dev Dependencies
5
umi-fabric
一个包含 prettier,eslint,stylelint 的配置文件合集
A collection of configuration files containing prettier, eslint, stylelint
Use
安装
1npm i @umijs/fabric --save-dev 2yarn add @umijs/fabric -D
in .eslintrc.js
1module.exports = { 2 extends: [require.resolve('@umijs/fabric/dist/eslint')], 3 4 // in antd-design-pro 5 globals: { 6 ANT_DESIGN_PRO_ONLY_DO_NOT_USE_IN_YOUR_PRODUCTION: true, 7 page: true, 8 }, 9 10 rules: { 11 // your rules 12 }, 13};
in .stylelintrc.js
1module.exports = { 2 extends: [require.resolve('@umijs/fabric/dist/stylelint')], 3 rules: { 4 // your rules 5 }, 6};
in .prettierrc.js
1const fabric = require('@umijs/fabric'); 2 3module.exports = { 4 ...fabric.prettier, 5};
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
Found 7/30 approved changesets -- score normalized to 2
Reason
8 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/jstest.yml:1
- Warn: no topLevel permission defined: .github/workflows/rebase.yml:1
- Warn: no topLevel permission defined: .github/workflows/tstest.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/jstest.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/umijs/fabric/jstest.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/jstest.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/umijs/fabric/jstest.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rebase.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/umijs/fabric/rebase.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/rebase.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/umijs/fabric/rebase.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tstest.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/umijs/fabric/tstest.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tstest.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/umijs/fabric/tstest.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/jstest.yml:24
- Warn: npmCommand not pinned by hash: .github/workflows/jstest.yml:27
- Warn: npmCommand not pinned by hash: .github/workflows/tstest.yml:24
- Warn: npmCommand not pinned by hash: .github/workflows/tstest.yml:27
- Info: 0 out of 5 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 4 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 7 are checked with a SAST tool
Score
2.6
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to @umijs/fabric
react-native-screens
Native navigation primitives for your React Native app.
react-native-gesture-handler
Declarative API exposing native platform touch and gesture system to React Native
wansui-ui
``` npm i @umijs/fabric --dev npm i prettier --dev // 因为@umijs/fabric没有将prettier作为依赖 所以我们需要手动安装 npm i husky lint-staged --dev ``` ## commit message检测 ``` npm i @commitlint/cli @commitlint/config-conventional commitizen cz-conventional-changelog --dev
@umijs/utils
See our website [umijs](https://umijs.org) for more information.