Gathering detailed insights and metrics for babel-plugin-polyfill-corejs3
Gathering detailed insights and metrics for babel-plugin-polyfill-corejs3
A set of Babel plugins that enable injecting different polyfills with different strategies in your compiled code.
Installations
npm install babel-plugin-polyfill-corejs3Developer Guide
BETA
Typescript
No
Module System
CommonJS, ESM
Node Version
24.3.0
NPM Version
lerna/3.22.1/node@v24.3.0+x64 (linux)
Releases
Unable to fetch releases
Languages
2
TypeScript
JavaScript
TypeScript (66.03%)
JavaScript (33.97%)
Developer
babel
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
349 Stars
430 Commits
63 Forks
16 Watchers
3 Branches
50 Contributors
Updated on Jul 15, 2025
Maintainers
1
Package Meta Information
Latest Version
0.13.0
Package Id
babel-plugin-polyfill-corejs3@0.13.0
Unpacked Size
218.70 kB
Size
49.33 kB
File Count
15
NPM Version
lerna/3.22.1/node@v24.3.0+x64 (linux)
Node Version
24.3.0
Published on
Jun 27, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Peer Dependencies
1
Dev Dependencies
11
babel-plugin-polyfill-corejs3
Install
Using npm:
1npm install --save-dev babel-plugin-polyfill-corejs3
or using yarn:
1yarn add babel-plugin-polyfill-corejs3 --dev
Usage
Add this plugin to your Babel configuration:
1{ 2 "plugins": [["polyfill-corejs3", { "method": "usage-global", "version": "3.20" }]] 3}
This package supports the usage-pure, usage-global, and entry-global methods.
When entry-global is used, it replaces imports to core-js.
Options
See here for a list of options supported by every polyfill provider.
version
string, defaults to "3.0".
This option only has an effect when used alongside "method": "usage-global" or "method": "usage-pure". It is recommended to specify the minor version you are using as core-js@3.0 may not include polyfills for the latest features. If you are bundling an app, you can provide the version directly from your node modules:
1{ 2 plugins: [ 3 ["polyfill-corejs3", { 4 "method": "usage-pure", 5 // use `core-js/package.json` if you are using `usage-global` 6 "version": require("core-js-pure/package.json").version 7 }] 8 ] 9}
If you are a library author, specify a reasonably modern core-js version in your
package.json and provide the plugin the minimal supported version.
1{ 2 "dependencies": { 3 "core-js": "^3.43.0" 4 } 5}
1{ 2 plugins: [ 3 ["polyfill-corejs3", { 4 "method": "usage-global", 5 // improvise if you have more complicated version spec, e.g. > 3.1.4 6 "version": require("./package.json").dependencies["core-js"] 7 }] 8 ] 9}
proposals
boolean, defaults to false.
This option only has an effect when used alongside "method": "usage-global" or "method": "usage-pure". When proposals are true, any ES proposal supported by core-js will be polyfilled as well.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
no binaries found in the repo
Reason
9 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 8
Reason
Found 12/23 approved changesets -- score normalized to 5
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Info: 0 out of 9 GitHub-owned GitHubAction dependencies pinned
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 22 are checked with a SAST tool
Reason
45 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-897m-rjf5-jp39
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
- Warn: Project is vulnerable to: GHSA-4p35-cfcx-8653
- Warn: Project is vulnerable to: GHSA-7f3x-x4pr-wqhj
- Warn: Project is vulnerable to: GHSA-jpp7-7chh-cf67
- Warn: Project is vulnerable to: GHSA-q6wq-5p59-983w
- Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
- Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
- Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6
- Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-29xr-v42j-r956
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
4.1
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More