Gathering detailed insights and metrics for ag-grid-enterprise
Gathering detailed insights and metrics for ag-grid-enterprise
The best JavaScript Data Table for building Enterprise Applications. Supports React / Angular / Vue / Plain JavaScript.
Installations
npm install ag-grid-enterpriseDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS, ESM
Node Version
20.11.1
NPM Version
10.2.4
Releases
251
Languages
8
TypeScript
SCSS
JavaScript
CSS
Shell
Vue
HTML
sed
TypeScript (92.91%)
SCSS (3.18%)
JavaScript (1.81%)
CSS (1.5%)
Shell (0.45%)
Vue (0.1%)
HTML (0.04%)
sed (0.01%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
NOASSERTION License
14,170 Stars
44,054 Commits
1,993 Forks
216 Watchers
790 Branches
144 Contributors
Updated on Jul 12, 2025
Maintainers
4
Package Meta Information
Latest Version
34.0.1
Package Id
ag-grid-enterprise@34.0.1
Unpacked Size
22.55 MB
Size
4.70 MB
File Count
512
NPM Version
10.2.4
Node Version
20.11.1
Published on
Jul 08, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
15
Optional Dependencies
2
AG Grid Enterprise
This project contains AG Grid Enterprise features.
See www.ag-grid.com for an overview and full documentation.
Frameworks Supported
Framework specific Getting Started guides:
Angular | Javascript | React | TypeScript | VueJS
This is not free software, this software is covered by copyright and to use you need a commercial license.
See the LICENSE file for more info.
Issue Reporting
If you are an Enterprise customer (or are evaluating AG Grid Enterprise) and wish to report a Bug or raise a new Feature Request please do so on our Support Portal.
To Sign Up: Send an email to accounts@ag-grid.com with your license key
High
9.8/10
Summary
Prototype pollution in ag-grid-community via the _.mergeDeep function
Affected Versions
< 31.3.4
Patched Versions
31.3.4
Moderate
6.3/10
Summary
ag-grid packages vulnerable to Prototype Pollution
Affected Versions
< 31.3.4
Patched Versions
31.3.4
Moderate
6.3/10
Summary
ag-grid packages vulnerable to Prototype Pollution
Affected Versions
= 32.0.0
Patched Versions
32.0.1
Reason
30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
all changesets reviewed
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
30 out of 30 merged PRs checked by a CI test -- score normalized to 10
Reason
project has 16 contributing companies or organizations
Details
- Info: found contributions from: acceleratech, ag grid, ag-grid, aggrid, dark reader ltd, darkreader, dev-ua, forest in the tree, foundersandcoders, j.p. morgan, making good software ltd, nlkit, nlkitai, pebblecode, shopavel, ukrainian-github
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
2 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Reason
2 out of the last 5 releases have a total of 2 signed artifacts.
Details
- Info: signed release artifact: @ag-grid-community-locale.tgz.sig: https://github.com/ag-grid/ag-grid/releases/tag/release-34.0.1
- Info: signed release artifact: @ag-grid-community-locale.tgz.sig: https://github.com/ag-grid/ag-grid/releases/tag/release-34.0.0
- Warn: release artifact v32.3.8 not signed: https://api.github.com/repos/ag-grid/ag-grid/releases/224216217
- Warn: release artifact v33.3.2 not signed: https://api.github.com/repos/ag-grid/ag-grid/releases/222986070
- Warn: release artifact v33.3.1 not signed: https://api.github.com/repos/ag-grid/ag-grid/releases/221451469
- Warn: release artifact release-34.0.1 does not have provenance: https://api.github.com/repos/ag-grid/ag-grid/releases/230773930
- Warn: release artifact release-34.0.0 does not have provenance: https://api.github.com/repos/ag-grid/ag-grid/releases/227712950
- Warn: release artifact v32.3.8 does not have provenance: https://api.github.com/repos/ag-grid/ag-grid/releases/224216217
- Warn: release artifact v33.3.2 does not have provenance: https://api.github.com/repos/ag-grid/ag-grid/releases/222986070
- Warn: release artifact v33.3.1 does not have provenance: https://api.github.com/repos/ag-grid/ag-grid/releases/221451469
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/ci.yml:454
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/ci.yml:455
- Warn: jobLevel 'checks' permission set to 'write': .github/workflows/ci.yml:456
- Info: topLevel 'contents' permission set to 'read': .github/workflows/accessibility.yml:40
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:61
- Info: topLevel 'actions' permission set to 'read': .github/workflows/ci.yml:62
- Warn: no topLevel permission defined: .github/workflows/csp.yml:1
- Warn: no topLevel permission defined: .github/workflows/doc-tests.yml:1
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/full-clean-build.yml:24
- Warn: topLevel 'actions' permission set to 'write': .github/workflows/full-clean-build.yml:25
- Info: topLevel 'contents' permission set to 'read': .github/workflows/performance.yml:42
- Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18
- Info: topLevel 'contents' permission set to 'read': .github/workflows/security.yml:20
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
no update tool detected
Details
- Warn: no dependency update tool configurations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Info: Possibly incomplete results: error parsing shell code: unclosed here-document 'EOF': scripts/ci/substituteAgChartsTypesScene.sh:0
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/accessibility.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/accessibility.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/accessibility.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/accessibility.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/accessibility.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/accessibility.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/accessibility.yml:123: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/accessibility.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/accessibility.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/accessibility.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/accessibility.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/accessibility.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/accessibility.yml:156: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/accessibility.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/accessibility.yml:203: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/accessibility.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:172: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:193: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:228: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:249: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:254: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:270: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:290: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:295: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:316: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:336: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:341: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:373: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:393: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:398: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:428: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:433: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:460: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:475: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:489: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:549: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:557: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/ci.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csp.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/csp.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/csp.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/csp.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/csp.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/csp.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:209: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:257: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:262: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:268: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:279: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:326: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:85: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:145: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:177: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:193: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:225: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:237: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/doc-tests.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/doc-tests.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/full-clean-build.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/full-clean-build.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/full-clean-build.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/full-clean-build.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/full-clean-build.yml:184: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/full-clean-build.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/full-clean-build.yml:210: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/full-clean-build.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/full-clean-build.yml:254: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/full-clean-build.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/full-clean-build.yml:262: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/full-clean-build.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/performance.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:90: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/performance.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/performance.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/performance.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/performance.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:160: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/performance.yml/latest?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/performance.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/performance.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:215: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/performance.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/scorecard.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/scorecard.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/security.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/security.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/security.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/security.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/security.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/security.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/security.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/security.yml/latest?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/security.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/ag-grid/ag-grid/security.yml/latest?enable=pin
- Warn: containerImage not pinned by hash: external/ag-shared/scripts/gha-debug/Dockerfile:1: pin your Docker image by updating myoung34/github-runner:latest to myoung34/github-runner:latest@sha256:bc59f14f9ccf9d322ff44c8bfbca8062bb72589c723dd6bc74dcc088081e3298
- Warn: npmCommand not pinned by hash: testing/angular-package-tests/run.sh:12
- Warn: npmCommand not pinned by hash: testing/angular-package-tests/run.sh:15
- Warn: npmCommand not pinned by hash: testing/react-package-tests/run-basic.sh:14
- Warn: npmCommand not pinned by hash: testing/react-package-tests/run-basic.sh:15
- Warn: npmCommand not pinned by hash: testing/react-package-tests/run-next-js.sh:13
- Warn: npmCommand not pinned by hash: testing/shared/run.sh:136
- Warn: npmCommand not pinned by hash: testing/shared/run.sh:139
- Warn: npmCommand not pinned by hash: testing/vue-package-tests/run.sh:14
- Warn: npmCommand not pinned by hash: .github/workflows/doc-tests.yml:110
- Info: 2 out of 67 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 10 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
- Info: 0 out of 9 npmCommand dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
5.2
/10
Last Scanned on 2025-07-12T10:05:52Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More