Installations
npm install blocklyDeveloper Guide
Typescript
Yes
Module System
ESM
Min. Node Version
>=18
Node Version
18.20.5
NPM Version
8.19.4
Score
94.6
Supply Chain
97.4
Quality
92.5
Maintenance
100
Vulnerability
98.9
License
Releases
blockly-v11.2.1
Published on 16 Jan 2025
blockly-v12.0.0-beta.1
Published on 10 Jan 2025
blockly-v11.2.0
Published on 17 Dec 2024
blockly-v12.0.0-beta.0
Published on 04 Dec 2024
blockly-v11.2.0-beta.2
Published on 04 Dec 2024
blockly-v11.2.0-beta.1
Published on 11 Nov 2024
Contributors
Languages
TypeScript (54.1%)
JavaScript (37.03%)
Python (2.27%)
HTML (1.85%)
PHP (1.69%)
Dart (1.33%)
Lua (1.26%)
Shell (0.47%)
Developer
Download Statistics
Total Downloads
4,300,609
Last Day
4,510
Last Week
25,429
Last Month
134,027
Last Year
1,620,507
GitHub Statistics
12,660 Stars
8,762 Commits
3,738 Forks
441 Watching
104 Branches
226 Contributors
Bundle Size
697.67 kB
Minified
176.71 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
11.2.1
Package Id
blockly@11.2.1
Unpacked Size
13.26 MB
Size
2.55 MB
File Count
786
NPM Version
8.19.4
Node Version
18.20.5
Publised On
16 Jan 2025
Total Downloads
Cumulative downloads
Total Downloads
4,300,609
Last day
-28.4%
4,510
Compared to previous day
Last week
-25.3%
25,429
Compared to previous week
Last month
6.5%
134,027
Compared to previous month
Last year
46.2%
1,620,507
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
42
Blockly
Google's Blockly is a web-based, visual programming editor. Users can drag blocks together to build programs. All code is free and open source.
The source for this module is in the Blockly repo.
Example Usage
1import * as Blockly from 'blockly/core'; 2Blockly.inject('blocklyDiv', { 3 ... 4})
Samples
For samples on how to integrate Blockly into your project, view the list of samples at blockly-samples.
Installation
You can install this package either via npm or unpkg.
unpkg
1<script src="https://unpkg.com/blockly/blockly.min.js"></script>
When importing from unpkg, you can access imports from the global namespace.
1// Access Blockly. 2Blockly.thing; 3// Access the default blocks. 4Blockly.Blocks['block_type']; 5// Access the javascript generator. 6javascript.javascriptGenerator;
npm
1npm install blockly
Imports
Note: Using import of our package targets requires you to use a bundler (like webpack), since Blockly is packaged as a UMD, rather than an ESM.
1// Import Blockly core. 2import * as Blockly from 'blockly/core'; 3// Import the default blocks. 4import * as libraryBlocks from 'blockly/blocks'; 5// Import a generator. 6import {javascriptGenerator} from 'blockly/javascript'; 7// Import a message file. 8import * as En from 'blockly/msg/en';
Requires
1// Require Blockly core. 2const Blockly = require('blockly/core'); 3// Require the default blocks. 4const libraryBlocks = require('blockly/blocks'); 5// Require a generator. 6const {javascriptGenerator} = require('blockly/javascript'); 7// Require a message file. 8const En = require('blockly/msg/en');
Applying messages
Once you have the message files, you also need to apply them.
1Blockly.setLocal(En);For a full list of supported Blockly locales, see: https://github.com/google/blockly/tree/master/msg/js
Docs
For more information about how to use Blockly, check out our devsite.
License
Apache 2.0
No vulnerabilities found.
Reason
30 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Reason
all changesets reviewed
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/google/.github/SECURITY.md:1
- Info: Found linked content: github.com/google/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/google/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/google/.github/SECURITY.md:1
Reason
binaries present in source code
Details
- Warn: binary detected: demos/mobile/android/gradle/wrapper/gradle-wrapper.jar:1
Reason
SAST tool is not run on all commits -- score normalized to 5
Details
- Warn: 15 commits out of 30 are checked with a SAST tool
Reason
7 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-chwr-hf3w-c984
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-c76h-2ccp-4975
Reason
dependency not pinned by hash detected -- score normalized to 1
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appengine_deploy.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/appengine_deploy.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appengine_deploy.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/appengine_deploy.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/appengine_deploy.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/appengine_deploy.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/appengine_deploy.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/appengine_deploy.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/assign_reviewers.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/assign_reviewers.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/browser_test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/browser_test.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/browser_test.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/browser_test.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/build.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/build.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/build.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/build.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/build.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/build.yml/develop?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/conventional-label.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/conventional-label.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tag_module_cleanup.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/tag_module_cleanup.yml/develop?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/welcome_new_contributors.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/google/blockly/welcome_new_contributors.yml/develop?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/appengine_deploy.yml:23
- Warn: npmCommand not pinned by hash: .github/workflows/browser_test.yml:43
- Warn: npmCommand not pinned by hash: .github/workflows/build.yml:66
- Warn: npmCommand not pinned by hash: .github/workflows/build.yml:83
- Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 3 third-party GitHubAction dependencies pinned
- Info: 1 out of 5 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/appengine_deploy.yml:1
- Warn: no topLevel permission defined: .github/workflows/assign_reviewers.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/browser_test.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/build.yml:9
- Warn: no topLevel permission defined: .github/workflows/conventional-label.yml:1
- Warn: no topLevel permission defined: .github/workflows/develop_freeze.yml:1
- Warn: no topLevel permission defined: .github/workflows/tag_module_cleanup.yml:1
- Warn: no topLevel permission defined: .github/workflows/welcome_new_contributors.yml:1
- Info: no jobLevel write permissions found
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact blockly-v11.2.1 not signed: https://api.github.com/repos/google/blockly/releases/195201317
- Warn: release artifact blockly-v11.2.0 not signed: https://api.github.com/repos/google/blockly/releases/191272317
- Warn: release artifact blockly-v11.2.1 does not have provenance: https://api.github.com/repos/google/blockly/releases/195201317
- Warn: release artifact blockly-v11.2.0 does not have provenance: https://api.github.com/repos/google/blockly/releases/191272317
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
5.6
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to blockly
@blockly/continuous-toolbox
A Blockly plugin that adds a continous-scrolling style toolbox and flyout
koishi-plugin-blockly
Use blockly to develop a simple koishi plugin
@blockly/keyboard-navigation
A Blockly plugin that adds keyboard navigation support.
@blockly/plugin-workspace-search
A Blockly plugin that adds workspace search support.