npmpackage.info

Gathering detailed insights and metrics for @vue/reactivity-transform-canary

@vue/reactivity-transform-canary - 3.20231225.0 | npmpackage.info

@vue/reactivity-transform-canary

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

3.20231225.0

49,536

MIT

TypeScript

23.80 kB

8,630 6.1

Installations

npm install @vue/reactivity-transform-canary

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Node Version

20.10.0

NPM Version

10.2.3 Pull Requests

Open

386

Total

5,240

Closed

1,836

Merged

3,018

Issues

Open

658

Total

5,592

Closed

4,934

Releases

238

v3.5.13

Updated on Nov 15, 2024

v3.5.12

Updated on Oct 11, 2024

v3.5.11

Updated on Oct 03, 2024

v3.5.10

Updated on Sep 27, 2024

v3.5.9

Updated on Sep 26, 2024

v3.5.8

Updated on Sep 22, 2024

View All 238 releases

Languages

TypeScript

JavaScript

HTML

Vue

CSS

TypeScript (96.31%)

JavaScript (1.89%)

HTML (1.29%)

Vue (0.48%)

CSS (0.03%)

Developer

vuejs

Download Statistics

Total Downloads

8,630

Last Day

Last Week

153

Last Month

274

Last Year

1,076

GitHub Statistics

MIT License

49,536 Stars

6,582 Commits

8,581 Forks

757 Watchers

94 Branches

553 Contributors

Updated on Apr 04, 2025

Maintainers

View All 553 Contributors

Package Meta Information

Latest Version

3.20231225.0

Package Id

@vue/reactivity-transform-canary@3.20231225.0

Unpacked Size

23.80 kB

Size

7.10 kB

File Count

NPM Version

10.2.3

Node Version

20.10.0

Published on

Dec 25, 2023

Total Downloads

Cumulative downloads

Total Downloads

8,630

Last Day

Compared to previous day

Last Week

15,200%

153

Compared to previous week

Last Month

121%

274

Compared to previous month

Last Year

-85.3%

1,076

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@babel/parser @vue/compiler-core @vue/shared estree-walker magic-string

Dev Dependencies

@babel/core @babel/types

@vue/reactivity-transform

⚠️ This is experimental and the proposal has been dropped. The feature is now marked as deprecated and will be removed from Vue core in 3.4.

See reason for deprecation here.

Basic Rules

Ref-creating APIs have $-prefixed versions that create reactive variables instead. They also do not need to be explicitly imported. These include:
- ref
- computed
- shallowRef
- customRef
- toRef
$() can be used to destructure an object into reactive variables, or turn existing refs into reactive variables
$$() to "escape" the transform, which allows access to underlying refs

1import { watchEffect } from 'vue'
2
3// bind ref as a variable
4let count = $ref(0)
5
6watchEffect(() => {
7  // no need for .value
8  console.log(count)
9})
10
11// assignments are reactive
12count++
13
14// get the actual ref
15console.log($$(count)) // { value: 1 }

Macros can be optionally imported to make it more explicit:

1// not necessary, but also works
2import { $, $ref } from 'vue/macros'
3
4let count = $ref(0)
5const { x, y } = $(useMouse())

Global Types

To enable types for the macros globally, include the following in a .d.ts file:

1/// <reference types="vue/macros-global" />

API

This package is the lower-level transform that can be used standalone. Higher-level tooling (e.g. @vitejs/plugin-vue and vue-loader) will provide integration via options.

`shouldTransform`

Can be used to do a cheap check to determine whether full transform should be performed.

1import { shouldTransform } from '@vue/reactivity-transform'
2
3shouldTransform(`let a = ref(0)`) // false
4shouldTransform(`let a = $ref(0)`) // true

`transform`

1import { transform } from '@vue/reactivity-transform'
2
3const src = `let a = $ref(0); a++`
4const {
5  code, // import { ref as _ref } from 'vue'; let a = (ref(0)); a.value++"
6  map
7} = transform(src, {
8  filename: 'foo.ts',
9  sourceMap: true,
10
11  // @babel/parser plugins to enable.
12  // 'typescript' and 'jsx' will be auto-inferred from filename if provided,
13  // so in most cases explicit parserPlugins are not necessary
14  parserPlugins: [
15    /* ... */
16  ]
17})

Options

1interface RefTransformOptions {
2  filename?: string
3  sourceMap?: boolean // default: false
4  parserPlugins?: ParserPlugin[]
5  importHelpersFrom?: string // default: "vue"
6}

`transformAST`

Transform with an existing Babel AST + MagicString instance. This is used internally by @vue/compiler-sfc to avoid double parse/transform cost.

1import { transformAST } from '@vue/reactivity-transform'
2import { parse } from '@babel/parser'
3import MagicString from 'magic-string'
4
5const src = `let a = $ref(0); a++`
6const ast = parse(src, { sourceType: 'module' })
7const s = new MagicString(src)
8
9const {
10  rootRefs, // ['a']
11  importedHelpers // ['ref']
12} = transformAST(ast, s)
13
14console.log(s.toString()) // let a = _ref(0); a.value++

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

8

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

8

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

3

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/autofix.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/autofix.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/autofix.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/autofix.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/autofix.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/autofix.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/canary-minor.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/canary-minor.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/canary-minor.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/canary-minor.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/canary-minor.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/canary-minor.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/canary.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/canary.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/canary.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/canary.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/canary.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/canary.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/close-cant-reproduce-issues.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/close-cant-reproduce-issues.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/ecosystem-ci-trigger.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/ecosystem-ci-trigger.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ecosystem-ci-trigger.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/ecosystem-ci-trigger.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock-closed-issues.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/lock-closed-issues.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/size-data.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-data.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size-data.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-data.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/size-data.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-data.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/size-data.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-data.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/size-report.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-report.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size-report.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-report.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/size-report.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-report.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size-report.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-report.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size-report.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-report.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size-report.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-report.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size-report.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-report.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size-report.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-report.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/size-report.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/size-report.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:91: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/vuejs/core/test.yml/main?enable=pin
Info: 0 out of 27 GitHub-owned GitHubAction dependencies pinned
Info: 1 out of 21 third-party GitHubAction dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

Score

6.1

/10

Last Scanned on 2025-03-24

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More