Gathering detailed insights and metrics for @visma/rjsf-core
Gathering detailed insights and metrics for @visma/rjsf-core
A React component for building Web forms from JSON Schema.
Installations
npm install @visma/rjsf-coreDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=12
Node Version
16.20.2
NPM Version
lerna/4.0.0/node@v16.20.2+x64 (linux)
Releases
247
Languages
6
TypeScript
JavaScript
CSS
MDX
HTML
Shell
TypeScript (76.56%)
JavaScript (22.56%)
CSS (0.67%)
MDX (0.19%)
HTML (0.02%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
Apache-2.0 License
15,042 Stars
1,794 Commits
2,268 Forks
162 Watchers
29 Branches
370 Contributors
Updated on Jul 16, 2025
Maintainers
3
Package Meta Information
Latest Version
3.1.0-101
Package Id
@visma/rjsf-core@3.1.0-101
Unpacked Size
3.11 MB
Size
661.47 kB
File Count
138
NPM Version
lerna/4.0.0/node@v16.20.2+x64 (linux)
Node Version
16.20.2
Published on
Mar 25, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
12
Peer Dependencies
3
Dev Dependencies
51
@babel/cli@babel/core@babel/plugin-proposal-class-properties@babel/plugin-proposal-optional-chaining@babel/plugin-transform-object-assign@babel/plugin-transform-react-jsx@babel/preset-env@babel/preset-react@babel/register@formatjs/cliatobbabel-eslintbabel-loaderchaiconcurrentlycreate-react-refcross-envcss-loadereslinteslint-config-react-appeslint-plugin-flowtypeeslint-plugin-importeslint-plugin-jsx-a11yeslint-plugin-reactestraverseestraverse-fbexpressgh-pageshtmlhuskyjsdomjson-loaderlint-stagedloader-utilsmini-css-extract-pluginmochanycprettierreactreact-domreact-portalreact-transform-catch-errorsreact-transform-hmrredbox-reactrimrafsinonstyle-loaderwebpackwebpack-cliwebpack-dev-middlewarewebpack-hot-middleware
@visma/rjsf-core
Core logic and classic Bootstrap 3 theme for react-jsonschema-form.
Explore the docs »
View Playground
·
Report Bug
·
Request Feature
Table of Contents
About The Project
Core logic and classic Bootstrap 3 theme for react-jsonschema-form.
Built With
Getting Started
Prerequisites
Bootstrap 3
To use the default Bootstrap 3 theme, add a Bootstrap 3 CSS tag to your HTML page:
1<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
Installation
1npm install @visma/rjsf-core
Usage
1import Form from '@visma/rjsf-core';
Roadmap
See the general open issues.
Contributing
Read our contributors' guide to get started.
Contact
rjsf team: https://github.com/orgs/rjsf-team/people
GitHub repository: https://github.com/rjsf-team/react-jsonschema-form
No vulnerabilities found.
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.md:0
Reason
no binaries found in the repo
Reason
Found 26/28 approved changesets -- score normalized to 9
Reason
3 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
- Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
Reason
badge detected: InProgress
Reason
dependency not pinned by hash detected -- score normalized to 1
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/change-tag-name.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/change-tag-name.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/ci.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/codeql.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/codeql.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage-automation.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/issue-triage-automation.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage-removal-automation.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/issue-triage-removal-automation.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-docs.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/release-docs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-docs.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/release-docs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-docs.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/release-docs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-docs.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/release-docs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-docs.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/release-docs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/rjsf-team/react-jsonschema-form/release.yml/main?enable=pin
- Warn: pipCommand not pinned by hash: .github/workflows/release-docs.yml:35
- Warn: npmCommand not pinned by hash: .github/workflows/release.yml:19
- Info: 0 out of 13 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 6 third-party GitHubAction dependencies pinned
- Info: 2 out of 3 npmCommand dependencies pinned
- Info: 0 out of 1 pipCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'security-events' permission set to 'write': .github/workflows/codeql.yml:34
- Info: jobLevel 'packages' permission set to 'read': .github/workflows/codeql.yml:37
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:40
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:41
- Warn: no topLevel permission defined: .github/workflows/change-tag-name.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/codeql.yml:1
- Warn: no topLevel permission defined: .github/workflows/issue-triage-automation.yml:1
- Warn: no topLevel permission defined: .github/workflows/issue-triage-removal-automation.yml:1
- Warn: no topLevel permission defined: .github/workflows/release-docs.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
6.3
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More