Gathering detailed insights and metrics for apache-dubbo-registry-test
Gathering detailed insights and metrics for apache-dubbo-registry-test
The Typescript implementation of Apache Dubbo. An RPC and microservice framework for Node.js and Web development.
Installations
npm install apache-dubbo-registry-testDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=10.0.0
Node Version
14.17.3
NPM Version
lerna/4.0.0/node@v14.17.3+x64 (darwin)
Score
57.8
Supply Chain
57.7
Quality
67.6
Maintenance
50
Vulnerability
94.9
License
Releases
18
3.3.0-alpha
dubbo3-3.0.0-alpha
Updated on Sep 08, 2023
Apache Dubbo-js 4.0.0 released
4.0.0
Updated on Jul 22, 2021
Apache dubbo-js v3.0.0-rc6 released
v3.0.0-rc6
Updated on Jan 16, 2020
dubbo2.js@2.3.9
dubbo2.js@2.3.9
Updated on Apr 29, 2019
fixed: 在获取dubbo的version顺序
dubbo2.js@2.3.8
Updated on Dec 20, 2018
dubbo2.js@2.3.7
dubbo2.js@2.3.7
Updated on Dec 19, 2018
Languages
8
TypeScript
JavaScript
Go
Makefile
CSS
Shell
Java
HTML
TypeScript (92.44%)
JavaScript (4.69%)
Go (1.57%)
Makefile (0.98%)
CSS (0.14%)
Shell (0.08%)
Java (0.06%)
HTML (0.03%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
Apache-2.0 License
767 Stars
903 Commits
163 Forks
116 Watchers
8 Branches
132 Contributors
Updated on Jul 10, 2025
Maintainers
1
Package Meta Information
Latest Version
0.0.2
Package Id
apache-dubbo-registry-test@0.0.2
Unpacked Size
35.31 kB
Size
8.84 kB
File Count
17
NPM Version
lerna/4.0.0/node@v14.17.3+x64 (darwin)
Node Version
14.17.3
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
4
ERROR: No README data found!
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
all changesets reviewed
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/apache/.github/.github/SECURITY.md:1
- Info: Found linked content: github.com/apache/.github/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/apache/.github/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/apache/.github/.github/SECURITY.md:1
Reason
SAST tool is not run on all commits -- score normalized to 2
Details
- Warn: 6 commits out of 30 are checked with a SAST tool
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/go.yml:1
- Warn: no topLevel permission defined: .github/workflows/node.js.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/dubbo-js/go.yml/dubbo3?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/go.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/dubbo-js/go.yml/dubbo3?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/dubbo-js/node.js.yml/dubbo3?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/dubbo-js/node.js.yml/dubbo3?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/node.js.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/apache/dubbo-js/node.js.yml/dubbo3?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/node.js.yml:50
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
36 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-rrr8-f88r-h8q6
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-92r3-m2mg-pj97
- Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
- Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
- Warn: Project is vulnerable to: GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
- Warn: Project is vulnerable to: GHSA-x574-m823-4x7w
- Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8
- Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x
- Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
- Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
- Warn: Project is vulnerable to: GHSA-7v5v-9h63-cj86
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-9qxr-qj54-h672
- Warn: Project is vulnerable to: GHSA-m4v8-wqvr-p9f7
- Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975
- Warn: Project is vulnerable to: GHSA-cxrh-j4jr-qwg3
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
4.6
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More