npmpackage.info

bootstrap-vue

BootstrapVue provides one of the most comprehensive implementations of Bootstrap v4 for Vue.js. With extensive and automated WAI-ARIA accessibility markup.

2.23.1

14,510

MIT

JavaScript

255.49 kB

90,819,120 6.3

Installations

npm install bootstrap-vue

Pull Requests

Open

34

Total

3,683

Closed

353

Merged

3,296

Issues

Open

170

Total

3,401

Closed

3,231

Releases

107

v2.22.0

Published on 17 Apr 2022

v2.21.2

Published on 01 Jan 2021

v2.21.1

Published on 16 Dec 2020

v2.21.0

Published on 14 Dec 2020

v2.20.1

Published on 01 Dec 2020

v2.20.0

Published on 30 Nov 2020

View all 107 releases

Developer

bootstrap-vue

Developer Guide

BETA

Module System

CommonJS

Min. Node Version

Typescript Support

Yes

Node Version

17.1.0

NPM Version

8.1.2 Statistics

14,510 Stars

5,382 Commits

1,877 Forks

287 Watching

23 Branches

342 Contributors

Updated on 25 Nov 2024

Bundle Size

1.10 MB

Minified

255.49 kB

Minified + Gzipped

Bundlephobia

Languages

JavaScript (97.52%)

SCSS (2.33%)

Shell (0.15%)

Total Downloads

Cumulative downloads

Total Downloads

90,819,120

Last day

50,917

Compared to previous day

Last week

5.4%

274,601

Compared to previous week

Last month

13%

1,164,285

Compared to previous month

Last year

-17.1%

15,056,884

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@nuxt/opencollective bootstrap popper.js portal-vue vue-functional-data-merge

Dev Dependencies

@babel/cli @babel/core @babel/plugin-transform-modules-commonjs @babel/plugin-transform-runtime @babel/preset-env @babel/standalone @nuxt/content @nuxtjs/google-analytics @nuxtjs/pwa @nuxtjs/robots @nuxtjs/sitemap @testing-library/jest-dom @vue/compat @vue/compiler-dom @vue/test-utils @vue/test-utils-vue3 autoprefixer babel-core babel-eslint babel-jest babel-plugin-istanbul bootstrap-icons bundlewatch clean-css-cli codemirror codesandbox core-js cross-env eslint eslint-config-prettier eslint-config-standard eslint-config-vue eslint-plugin-import eslint-plugin-jest eslint-plugin-markdown eslint-plugin-node eslint-plugin-prettier eslint-plugin-promise eslint-plugin-vue execa highlight.js html-loader husky improved-yarn-audit jest jiti lint-staged loader-utils lodash marked nuxt postcss postcss-cli prettier require-context rollup rollup-plugin-babel rollup-plugin-commonjs rollup-plugin-node-resolve sass sass-loader standard-version terser vue vue-router vue-server-renderer vue-template-compiler vue-test-utils-compat

Versions

With more than 85 components, over 45 available plugins, several directives, and 1000+ icons, BootstrapVue provides one of the most comprehensive implementations of the Bootstrap v4.5 component and grid system available for Vue.js v2.6, complete with extensive and automated WAI-ARIA accessibility markup.

Backers

Thank you to all our backers! 🙏 [Become a backer]

Contributors

This project exists thanks to all the people who contribute. [Contribute].

Partners

License

Released under the MIT License. Copyright (c) BootstrapVue.

Stable Version

The latest stable version of the package.

Stable Version

2.23.1

HIGH

0/10

Summary

Cross-Site Scripting in bootstrap-vue

Affected Versions

<= 2.0.0-rc.11

Patched Versions

2.0.0-rc.12

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Security-Policy

Determines if the project has published a security policy.

10

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

7

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

7

SAST

Determines if the project uses static code analysis.

5

Maintained

Determines if the project is "actively maintained".

2

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/build.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/build.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/build.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/codeql.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/codeql.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/codeql.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/codeql.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:113: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:139: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/bootstrap-vue/bootstrap-vue/test.yml/dev?enable=pin
Info: 0 out of 16 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 1 third-party GitHubAction dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

73 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-vc8w-jr9v-vj7f
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-q8pj-2vqx-8ggc
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-vf6r-87q4-2vjf
Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
Warn: Project is vulnerable to: GHSA-4p35-cfcx-8653
Warn: Project is vulnerable to: GHSA-7f3x-x4pr-wqhj
Warn: Project is vulnerable to: GHSA-jpp7-7chh-cf67
Warn: Project is vulnerable to: GHSA-q6wq-5p59-983w
Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-325j-24f4-qv5x
Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
Warn: Project is vulnerable to: GHSA-5j4c-8p2g-v4jx
Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc

Score

6.3

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to bootstrap-vue

vue-cli-plugin-bootstrap-vue

0.8.2

vue-cli plugin to add Bootstrap-Vue

@web-types/bootstrap-vue

2.0.0-1

Web-types for bootstrap-vue

bootstrap-vue-helper-json

1.1.1

Bootstrap-Vue/Vetur intellisense reference definitions.

bootstrap-vue-dialog

0.1.0

Dialog helper for bootstrap-vue framework

bootstrap-vue

Installations

Pull Requests

34

3,683

353

3,296

Issues

170

3,401

3,231

Releases

Developer

Developer Guide

CommonJS

Yes

17.1.0

8.1.2

Statistics

Bundle Size

1.10 MB

255.49 kB

Languages

Total Downloads

90,819,120

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Dev Dependencies

Links

Sponsors

Backers

Contributors

Partners

License

Stable Version

2.23.1

HIGH

10

10

10

10

10

7

7

5

2

0

0

0

6.3

/10

Other packages similar to bootstrap-vue