Gathering detailed insights and metrics for babel-plugin-polyfill-corejs3
A set of Babel plugins that enable injecting different polyfills with different strategies in your compiled code.
Installations
npm install babel-plugin-polyfill-corejs3Developer Guide
BETA
Typescript
No
Module System
CommonJS, ESM
Node Version
23.5.0
NPM Version
lerna/3.22.0/node@v23.5.0+x64 (linux)
Score
91.6
Supply Chain
86.5
Quality
85.6
Maintenance
100
Vulnerability
99.3
License
Releases
Unable to fetch releases
Contributors
49
Languages
2
TypeScript
JavaScript
TypeScript (65.83%)
JavaScript (34.17%)
Developer
babel
Download Statistics
Total Downloads
3,958,678,703
Last Day
4,649,432
Last Week
20,807,898
Last Month
94,034,924
Last Year
1,271,586,101
GitHub Statistics
341 Stars
409 Commits
59 Forks
18 Watching
4 Branches
49 Contributors
Bundle Size
772.68 kB
Minified
99.14 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
0.11.1
Package Id
babel-plugin-polyfill-corejs3@0.11.1
Unpacked Size
216.05 kB
Size
48.72 kB
File Count
15
NPM Version
lerna/3.22.0/node@v23.5.0+x64 (linux)
Node Version
23.5.0
Publised On
24 Jan 2025
Total Downloads
Cumulative downloads
Total Downloads
3,958,678,703
Last day
-6.3%
4,649,432
Compared to previous day
Last week
-16.4%
20,807,898
Compared to previous week
Last month
3.2%
94,034,924
Compared to previous month
Last year
4.8%
1,271,586,101
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Peer Dependencies
1
Dev Dependencies
11
Versions
babel-plugin-polyfill-corejs3
Install
Using npm:
1npm install --save-dev babel-plugin-polyfill-corejs3
or using yarn:
1yarn add babel-plugin-polyfill-corejs3 --dev
Usage
Add this plugin to your Babel configuration:
1{ 2 "plugins": [["polyfill-corejs3", { "method": "usage-global", "version": "3.20" }]] 3}
This package supports the usage-pure, usage-global, and entry-global methods.
When entry-global is used, it replaces imports to core-js.
Options
See here for a list of options supported by every polyfill provider.
version
string, defaults to "3.0".
This option only has an effect when used alongside "method": "usage-global" or "method": "usage-pure". It is recommended to specify the minor version you are using as core-js@3.0 may not include polyfills for the latest features. If you are bundling an app, you can provide the version directly from your node modules:
1{ 2 plugins: [ 3 ["polyfill-corejs3", { 4 "method": "usage-pure", 5 // use `core-js/package.json` if you are using `usage-global` 6 "version": require("core-js-pure/package.json").version 7 }] 8 ] 9}
If you are a library author, specify a reasonably modern core-js version in your
package.json and provide the plugin the minimal supported version.
1{ 2 "dependencies": { 3 "core-js": "^3.20.0" 4 } 5}
1{ 2 plugins: [ 3 ["polyfill-corejs3", { 4 "method": "usage-global", 5 // improvise if you have more complicated version spec, e.g. > 3.1.4 6 "version": require("./package.json").dependencies["core-js"] 7 }] 8 ] 9}
proposals
boolean, defaults to false.
This option only has an effect when used alongside "method": "usage-global" or "method": "usage-pure". When proposals are true, any ES proposal supported by core-js will be polyfilled as well.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
no binaries found in the repo
Reason
Found 13/30 approved changesets -- score normalized to 4
Reason
3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/babel/babel-polyfills/ci.yml/main?enable=pin
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 17 are checked with a SAST tool
Reason
56 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-897m-rjf5-jp39
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
- Warn: Project is vulnerable to: GHSA-4p35-cfcx-8653
- Warn: Project is vulnerable to: GHSA-7f3x-x4pr-wqhj
- Warn: Project is vulnerable to: GHSA-jpp7-7chh-cf67
- Warn: Project is vulnerable to: GHSA-q6wq-5p59-983w
- Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
- Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
- Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
- Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
- Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
- Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-29xr-v42j-r956
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
3.4
/10
Last Scanned on 2025-02-03
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More