Gathering detailed insights and metrics for at-nuka-carousel
Gathering detailed insights and metrics for at-nuka-carousel
Installations
npm install at-nuka-carouselReleases
55
nuka-carousel@8.1.1
nuka-carousel@8.1.1
Published on 08 Oct 2024
nuka-carousel@8.1.0
nuka-carousel@8.1.0
Published on 07 Oct 2024
nuka-carousel@8.0.1
nuka-carousel@8.0.1
Published on 08 Apr 2024
nuka-carousel@8.0.0
nuka-carousel@8.0.0
Published on 05 Apr 2024
nuka-carousel@7.0.0
nuka-carousel@7.0.0
Published on 15 Nov 2023
nuka-carousel@5.6.0
nuka-carousel@5.6.0
Published on 21 Sept 2023
Developer
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
5.10.1
NPM Version
3.8.3
Statistics
3,073 Stars
866 Commits
595 Forks
70 Watching
19 Branches
183 Contributors
Updated on 24 Nov 2024
Bundle Size
22.96 kB
Minified
6.47 kB
Minified + Gzipped
Languages
TypeScript (81%)
JavaScript (10.15%)
CSS (8.85%)
Total Downloads
Cumulative downloads
Total Downloads
5,141
Last day
0%
2
Compared to previous day
Last week
100%
4
Compared to previous week
Last month
92.9%
27
Compared to previous month
Last year
-4.4%
218
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Dev Dependencies
40
babel-corebabel-eslintbabel-loaderchaicss-loaderdeleslinteslint-loadereslint-plugin-reactgulpgulp-babelgulp-eslintgulp-karmagulp-opengulp-utilgulp-webpackistanbulistanbul-instrumenter-loaderkarmakarma-chrome-launcherkarma-coveragekarma-firefox-launcherkarma-mochakarma-mocha-reporterkarma-phantomjs-launcherkarma-script-launcherkarma-sinon-chaikarma-webpackmochaphantomjsreactreact-addons-test-utilsreact-domreact-hot-loadersinonsinon-chaistyle-loaderurl-loaderwebpackwebpack-dev-server
Versions
Small, fast and accessibility-first React carousel library with easily customizable UI and behavior to fit your brand and site
Install
To add nuka-carousel to your project run the following command in your project folder.
1$ yarn add nuka-carousel
Come learn more and see a live demo at our docs site!
Support
Have a question about nuka-carousel? Submit an issue in this repository using the "Question" template.
Notice something inaccurate or confusing? Feel free to open an issue or make a pull request to help improve the documentation for everyone!
The source for our docs site lives in this repo in the docs folder.
Contributing
See the Contribution Docs.
Maintenance Status
Active: Nearform is actively working on this project, and we expect to continue for work for the foreseeable future. Bug reports, feature requests and pull requests are welcome.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
18 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
Found 8/9 approved changesets -- score normalized to 8
Reason
6 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:12
- Warn: jobLevel 'deployments' permission set to 'write': .github/workflows/release.yml:16
- Warn: jobLevel 'packages' permission set to 'write': .github/workflows/release.yml:17
- Warn: no topLevel permission defined: .github/workflows/chromatic.yml:1
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/chromatic.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/FormidableLabs/nuka-carousel/chromatic.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/chromatic.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/FormidableLabs/nuka-carousel/chromatic.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/FormidableLabs/nuka-carousel/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/FormidableLabs/nuka-carousel/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/FormidableLabs/nuka-carousel/release.yml/main?enable=pin
- Info: 0 out of 3 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
5
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More