Gathering detailed insights and metrics for attr-accept
Gathering detailed insights and metrics for attr-accept
JavaScript implementation of the "accept" attribute for HTML5 input element
Installations
npm install attr-acceptDeveloper
react-dropzone
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
>=4
Typescript Support
Yes
Node Version
14.21.3
NPM Version
6.14.18
Statistics
112 Stars
89 Commits
24 Forks
8 Watching
11 Branches
15 Contributors
Updated on 16 Nov 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
540,396,156
Last day
-6.5%
613,113
Compared to previous day
Last week
2.4%
3,372,328
Compared to previous week
Last month
8.3%
14,350,993
Compared to previous month
Last year
15.3%
153,472,113
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
40
nychuskymochaeslintexpectrimrafcore-jswebpackprettiercross-env@babel/cli@babel/corelint-stagedwebpack-clibabel-eslintbabel-loader@babel/register@commitlint/clibabel-preset-env@babel/preset-enveslint-plugin-node@babel/preset-reacteslint-plugin-reacteslint-config-airbnbeslint-config-okoneteslint-plugin-importeslint-config-prettiereslint-plugin-flowtypeeslint-plugin-jsx-a11yeslint-plugin-prettiercz-conventional-changelog@size-limit/preset-small-lib@babel/plugin-external-helpers@babel/plugin-transform-runtime@babel/plugin-proposal-do-expressions@babel/plugin-proposal-optional-chaining@babel/plugin-proposal-pipeline-operator@babel/plugin-proposal-export-default-from@babel/plugin-proposal-nullish-coalescing-operator@babel/plugin-proposal-logical-assignment-operators
Versions
attr-accept
JavaScript implementation of the "accept" attribute for HTML5
<input type="file">
See https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#attr-accept for more information.
Installation
1npm install --save attr-accept
Usage
1var accept = require('attr-accept'); 2accept({ 3 name: 'my file.png', 4 type: 'image/png' 5}, 'image/*') // => true 6 7accept({ 8 name: 'my file.json', 9 type: 'application/json' 10}, 'image/*') // => false 11 12accept({ 13 name: 'my file.srt', 14 type: '' 15}, '.srt') // => true
You can also pass multiple mime types as a comma delimited string or array.
1accept({ 2 name: 'my file.json', 3 type: 'application/json' 4}, 'application/json,video/*') // => true 5 6accept({ 7 name: 'my file.json', 8 type: 'application/json' 9}, ['application/json', 'video/*']) // => true
Contributing
Checkout the organization CONTRIBUTING.md.
No vulnerabilities found.
Reason
24 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:13
Reason
Found 7/14 approved changesets -- score normalized to 5
Reason
dependency not pinned by hash detected -- score normalized to 4
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/react-dropzone/attr-accept/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/react-dropzone/attr-accept/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/react-dropzone/attr-accept/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/react-dropzone/attr-accept/test.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/react-dropzone/attr-accept/test.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/react-dropzone/attr-accept/test.yml/main?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 2 out of 2 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: topLevel 'contents' permission set to 'read': .github/workflows/release.yml:10
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
40 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
- Warn: Project is vulnerable to: GHSA-257v-vj4p-3w2h
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-7r28-3m3f-r2pr
- Warn: Project is vulnerable to: GHSA-r8j5-h5cx-65gg
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
- Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
4.9
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More