Gathering detailed insights and metrics for @vates/parse-duration
Gathering detailed insights and metrics for @vates/parse-duration
Installations
npm install @vates/parse-durationDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>=8.10
Node Version
15.14.0
NPM Version
7.7.6
Score
61.3
Supply Chain
69.7
Quality
82.6
Maintenance
100
Vulnerability
100
License
Releases
9
xo-lite-v0.6.0
xo-lite-v0.6.0
Published on 29 Nov 2024
xo-lite-v0.5.0
xo-lite-v0.5.0
Published on 31 Oct 2024
xo-lite-v0.4.0
xo-lite-v0.4.0
Published on 30 Sept 2024
xo-lite-v0.2.7
xo-lite-v0.2.7
Published on 31 Jul 2024
xo-lite-v0.2.3
xo-lite-v0.2.3
Published on 31 May 2024
xo-lite-v0.2.2
xo-lite-v0.2.2
Published on 30 Apr 2024
Contributors
100
Languages
10
JavaScript
Vue
TypeScript
SCSS
CSS
Handlebars
Smarty
Pug
Shell
HTML
JavaScript (86.66%)
Vue (8.1%)
TypeScript (3.67%)
SCSS (0.41%)
CSS (0.36%)
Handlebars (0.35%)
Smarty (0.24%)
Pug (0.12%)
Shell (0.09%)
HTML (0.02%)
Developer
Download Statistics
Total Downloads
3,609
Last Day
1
Last Week
28
Last Month
152
Last Year
997
GitHub Statistics
805 Stars
15,821 Commits
268 Forks
49 Watching
242 Branches
100 Contributors
Maintainers
5
Package Meta Information
Latest Version
0.1.1
Package Id
@vates/parse-duration@0.1.1
Size
1.10 kB
NPM Version
7.7.6
Node Version
15.14.0
Publised On
05 May 2021
Total Downloads
Cumulative downloads
Total Downloads
3,609
Last day
-95.7%
1
Compared to previous day
Last week
-33.3%
28
Compared to previous week
Last month
111.1%
152
Compared to previous month
Last year
31.4%
997
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Versions
@vates/parse-duration
Small wrapper around ms to parse a duration
Install
Installation of the npm package:
> npm install --save @vates/parse-duration
Usage
ms without magic: always parse a duration and throws if invalid.
1import { parseDuration } from '@vates/parse-duration' 2 3parseDuration('2 days') 4// 172800000 5 6parseDuration(172800000) 7// 172800000 8 9parseDuration(undefined) 10// throws TypeError('not a valid duration: undefined')
Contributions
Contributions are very welcomed, either on the documentation or on the code.
You may:
- report any issue you've encountered;
- fork and create a pull request.
License
No vulnerabilities found.
Reason
30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
Reason
all changesets reviewed
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Warn: no linked content found
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact xo-lite-v0.6.0 not signed: https://api.github.com/repos/vatesfr/xen-orchestra/releases/188215383
- Warn: release artifact xo-lite-v0.5.0 not signed: https://api.github.com/repos/vatesfr/xen-orchestra/releases/182914026
- Warn: release artifact xo-lite-v0.4.0 not signed: https://api.github.com/repos/vatesfr/xen-orchestra/releases/177642527
- Warn: release artifact xo-lite-v0.2.7 not signed: https://api.github.com/repos/vatesfr/xen-orchestra/releases/168022124
- Warn: release artifact xo-lite-v0.2.3 not signed: https://api.github.com/repos/vatesfr/xen-orchestra/releases/158372647
- Warn: release artifact xo-lite-v0.6.0 does not have provenance: https://api.github.com/repos/vatesfr/xen-orchestra/releases/188215383
- Warn: release artifact xo-lite-v0.5.0 does not have provenance: https://api.github.com/repos/vatesfr/xen-orchestra/releases/182914026
- Warn: release artifact xo-lite-v0.4.0 does not have provenance: https://api.github.com/repos/vatesfr/xen-orchestra/releases/177642527
- Warn: release artifact xo-lite-v0.2.7 does not have provenance: https://api.github.com/repos/vatesfr/xen-orchestra/releases/168022124
- Warn: release artifact xo-lite-v0.2.3 does not have provenance: https://api.github.com/repos/vatesfr/xen-orchestra/releases/158372647
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/vatesfr/xen-orchestra/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/vatesfr/xen-orchestra/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/vatesfr/xen-orchestra/ci.yml/master?enable=pin
- Info: 0 out of 3 GitHub-owned GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
29 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-9r9m-ffp6-9x4v
- Warn: Project is vulnerable to: GHSA-hjwq-mjwj-4x6c
- Warn: Project is vulnerable to: GHSA-2v5f-23xc-v9qr
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-257v-vj4p-3w2h
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-36jr-mh4h-2g58
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-p493-635q-r6gr
- Warn: Project is vulnerable to: GHSA-3965-hpx2-q597
- Warn: Project is vulnerable to: GHSA-gqgv-6jq5-jjj9
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Score
4.6
/10
Last Scanned on 2024-12-16
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More