npmpackage.info

carbon-components

A design system built by IBM

10.58.15

7,914

Apache-2.0

JavaScript

43.71 kB

31,550,759 6.7

Installations

npm install carbon-components

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

16.20.2

NPM Version

lerna/4.0.0/node@v16.20.2+x64 (linux)

Score

86.1

Supply Chain

92.5

Quality

90.1

Maintenance

100

Vulnerability

92.6

License

Pull Requests

Open

41

Total

8,577

Closed

1,679

Merged

6,857

Issues

Open

693

Total

8,971

Closed

8,278

Releases

971

v11.72.0

Published on 04 Dec 2024

v11.72.0-rc.0

Published on 03 Dec 2024

v11.71.1

Published on 27 Nov 2024

v11.71.0

Published on 20 Nov 2024

v11.71.0-rc.0

Published on 18 Nov 2024

v11.70.0

Published on 06 Nov 2024

View all 971 releases

Contributors

504

View all 504 contributors

Languages

JavaScript

TypeScript

SCSS

MDX

HTML

Vue

Dockerfile

Shell

JavaScript (38.68%)

TypeScript (37.6%)

SCSS (15.91%)

MDX (5.85%)

HTML (1.92%)

Vue (0.03%)

Dockerfile (0.01%)

Shell (0.01%)

Developer

carbon-design-system

Download Statistics

Total Downloads

31,550,759

Last Day

3,758

Last Week

45,286

Last Month

279,950

Last Year

5,061,741

GitHub Statistics

7,914 Stars

12,348 Commits

1,830 Forks

90 Watching

43 Branches

504 Contributors

Bundle Size

238.75 kB

Minified

43.71 kB

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

10.58.15

Package Id

carbon-components@10.58.15

Unpacked Size

13.75 MB

Size

2.07 MB

File Count

2,244

NPM Version

lerna/4.0.0/node@v16.20.2+x64 (linux)

Node Version

16.20.2

Publised On

08 May 2024

Total Downloads

Cumulative downloads

Total Downloads

31,550,759

Last day

-69%

3,758

Compared to previous day

Last week

-33.3%

45,286

Compared to previous week

Last month

-23.4%

279,950

Compared to previous month

Last year

-20.1%

5,061,741

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@carbon/telemetry flatpickr lodash.debounce warning

Dev Dependencies

101

@babel/core @babel/plugin-proposal-class-properties @babel/plugin-proposal-object-rest-spread @babel/plugin-transform-modules-umd @babel/plugin-transform-runtime @babel/preset-env @babel/preset-react @babel/runtime @carbon/cli @carbon/elements @carbon/icons-handlebars @carbon/icons-react @carbon/test-utils @frctl/fractal @rollup/plugin-babel @rollup/plugin-commonjs @rollup/plugin-node-resolve @rollup/plugin-replace @rollup/plugin-virtual adaro autoprefixer babel-loader babel-plugin-dev-expression babel-plugin-istanbul babel-plugin-rewire bluebird browser-sync browserslist-config-carbon carbon-components carbon-components-react chokidar classnames commander core-js cross-env css-loader custom-event del diff express-handlebars fancy-log glob globby gulp gulp-babel gulp-header gulp-jsdoc3 gulp-nodemon gulp-postcss gulp-rename gulp-sass gulp-sass-lint gulp-sourcemaps gulp-terser handlebars handlebars-helpers html-loader jasmine-core karma karma-chrome-launcher karma-coverage karma-firefox-launcher karma-html2js-preprocessor karma-ie-launcher karma-jasmine karma-safari-launcher karma-sourcemap-loader karma-spec-reporter karma-webpack lolex markdown-it minimatch mkdirp mock-raf node-sass nodemon path-to-regexp portscanner postcss-custom-properties postcss-loader promise prop-types react react-copy-to-clipboard react-dom react-ga rollup rollup-plugin-filesize rollup-plugin-terser sass sass-loader serve-static style-loader terser terser-webpack-plugin through2 vinyl-named webpack webpack-dev-middleware webpack-hot-middleware whatwg-fetch

Versions

Carbon Design System

Carbon is an open-source design system built by IBM. With the IBM Design Language as its foundation, the system consists of working code, design tools and resources, human interface guidelines, and a vibrant community of contributors.

Getting started

If you're just getting started, check out @carbon/react or @carbon/web-components.

We also have community-contributed components for the following technologies:

If you're trying to find something specific, here's a full list of packages that we support!

Package name	Description
`@carbon/react`	React components and styles
`@carbon/web-components`	Web Components
`@carbon/styles`	Sass styles for components
`@carbon/elements`	IBM Design Language elements like colors, type, iconography, and more
`@carbon/colors`	Work with IBM Design Language colors
`@carbon/grid`	Build layouts using the new 16 column grid system
`@carbon/icons`	Iconography assets. We also offer support in: React, Angular, Vue, and Svelte
`@carbon/pictograms`	Pictogram assets. We also offer support in: React and Svelte
`@carbon/layout`	Layout-based units and spacing scale
`@carbon/motion`	Productive and expressive motion curves
`@carbon/themes`	Color tokens available in the Carbon Design System, like `$interactive-01`
`@carbon/type`	New type tokens used alongside IBM Plex

:books: Documentation

See our documentation site here for full how-to docs and guidelines
Contributing: Guidelines for making contributions to this repo.
🏃‍♀️ Migration Guides

🙌 Contributing

We're always looking for contributors to help us fix bugs, build new features, or help us improve the project documentation. If you're interested, definitely check out our Contributing Guide and our Developer Guide! 👀

Contributors

_{Taylor Jones} 💻 📖 ️️️️♿️	_{TJ Egan} 💻 📖 🚇 👀 ️️️️♿️	_{Alessandra Davila} 💻 📖 👀 ️️️️♿️	_{Andrea N. Cardona} 💻 📖 👀 ️️️️♿️	_{Francine Lucca} 💻 📖 👀 ️️️️♿️	_{Scott Strubberg} 💻 📖 👀 ️️️️♿️	_{Alison Joseph} 💻 📖 👀 ️️️️♿️
_{Anna Gonzales} 🎨 👀	_{Lauren Rice} 🎨 👀	_{Josh Black} 💻 📖 🚇 👀 ️️️️♿️	_DAK 💻 📖 👀 ️️️️♿️	_{Josefina Mancilla} 💻 📖 👀 ️️️️♿️	_emyarod 💻 📖 👀 ️️️️♿️	_{Eric Marcoux} 💻
_{Vince Picone} 💻 📖 👀 ️️️️♿️	_{jillianhowarth} 🖋 🎨 👀	_{Ricardo Henriquez} 💻 📖 👀 ️️️️♿️	_johnbister 🎨 👀	_{Dominik Brugger} 💻 🚧	_{Jan Hassel} 💻 📖 ️️️️♿️ 🎨	_{Alexander Lyon} 💻
_{Rosie Z} 💻	_{Nishith P} 📖	_{Eric Charpentier} 💻	_{Luiza Mendes} 💻 🚧	_{Akmal Hakimi Mohd Zamri} 💻	_sanjitbauli 📖	_{Laszlo Moczo} 💻
_LMapes 🖋 📖	_conradennis 🎨	_{Eric Liu} 💻 📖	_{Richard Všianský} 💻	_{Lee Chase} 💻 📖	_Anton 💻	_{Panpan Lin} 📖
_{Ashley Harrison} 💻	_{Jen Downs} 💻 📖 ️️️️♿️	_{Abdul Rehman} 💻	_{MIchael Dudley} 🎨	_{David Bradshaw} 💻	_{Simon Finney} 💻 ️️️️♿️	_{Attila Bartha} 💻
_배하람 💻	_{Yohanna Gadelrab} 📖	_{Akira Sudoh} 💻 📖 ️️️️♿️ 🚇	_{Oyinkan Oyetunmibi} 📖	_pbenson322 📖	_{Abbey Hart} 💻 📖 ️️️️♿️	_Lucas 💻
_{Dylan Klohr} 📖	_{Gilli Sigurdsson} 🎨	_kennylam 💻 ️️️️♿️	_Sébastien 💻	_{Dusan Milko} 💻	_{Taras Polovyi} 💻	_{Chris Connors} 🎨 📖
_{David Conner} 💻 ️️️️♿️	_{Harish Mohanani} 💻	_{Frivalszky-Mayer Péter} 💻 ️️️️♿️	_s100 💻	_{Taranveer Virk} 💻	_{Niall Cargill} 📖	_{Matt Chapman} 💻
_{Boston Cartwright} 💻	_DavidSCChen 💻	_molyholy 💻	_{Scott Dickerson} 💻	_{Evgeniy Podgaetskiy} 💻	_{CassidyJensen} 💻 ️️️️♿️	_{Zsolt Lattmann} 💻
_{Conrad Schmidt} 💻	_{Ignacio Becerra} 💻	_{Swapnil Patil} 📖	_{Fei Z} 💻	_{Ignas Ausiejus} 📖	_{Ryan O. Mackey} 💻	_{Dávid Halász} 💻
_{Bill Guigue} 💻	_{szymonbrandys} 💻	_{Adam Alston} 📖	_{Krithika S Udupa} 📖	_{Eshin Griffith} 💻	_{@RianTavaresOn} 💻 🎨	_ColbyJohnIBM 💻
_Håkon 💻 📖	_{Tanner Summers} 💻	_{Zhen Wang} 💻 📖	_{Cathal Kenneally} 💻	_{Joel Humberto Gómez Paredes} 💻	_{James Nash} 💻 📖	_{Jakub Faliszewski} 💻
_{Nick Gong} 💻	_{Hannele Valtanen} 💻	_Llam4u 💻 🐛	_{G. Torres} 💻	_Fiona 💻	_kindoflew 💻	_{Mario Gueyraud} 💻
_{Dongjoon Lee} 💻	_{ShankarV-CodeJunkie} 💻	_{dario platania} 💻	_{Mateusz Krzyżanowski} 💻	_jpsorensen 💻	_{jae kaplan} 🚇	_{Sierra Wetmore} 💻
_kcprevatt 💻	_{Marcin Lewandowski} 💻	_remolueoend 💻	_{Jesse Hull} 💻 ️️️️♿️	_{Ashvin Warrier} 💻	_GalvinGao 💻	_{Bianca Sparxs} 💻
_{Mahmoud Abdulazim} 💻	_{Dave Steinberg} 💻	_{Seong-Hyun Ryoo} 💻	_{Pratik Karad} 💻 ️️️️♿️	_Gerzon 💻	_{Guilherme Datilio Ribeiro} 💻 📖 ️️️️♿️ 👀	_{Josef Kubíček} 💻
_{Sunny Johal} 💻	_{Steven Black} 💻 ️️️️♿️	_{Mark Judy} 💻	_{Anton Tsymuk} 💻	_{Mohammed Aslam P. A.} 💻 📖	_{Tony ZL} 💻	_{Petr Kadlec} 💻
_{David Ragsdale} 💻	_{Hao Cheng} 💻	_cordesmj 💻	_{Aziz Chebbi} 💻	_{Michał Konopski} 💻	_{Omkar Ajagunde} 💻 📖	_{Aman Lajpal} 💻 📖
_{Niraj Sah} 💻	_{David Padilla} 💻	_{Allison Ishida} 💻	_{Alex Lewitt} 💻	_Tresau 💻	_{Daniel Castillo} 💻	_HaRuki 💻 📖
_{Matej Ocovsky} 💻	_{SamChinellato} 💻	_{stevenpatrick009} 💻	_HunterXalc 💻	_{Onur Özkardeş} 💻	_{Matias Borghi} 💻	_{Alexandr Ovchinnikov} 💻
_{J Thomas} 💻	_{Garrett Dawson} 💻 📖	_{Daniel Adebonojo} 📖	_{Anjana M R} 💻	_{Joseph Schultz} 💻	_anjaly0606 💻	_jesnajoseijk 💻
_{Jawahar S} 💻	_{Holly Springsteen} 💻	_{Nikhil Tomar} 💻	_{Anina Antony} 💻	_{Ahmed Semih Erkan} 💻	_{Yael Chavoya} 💻 📖	_{Kilian Collender} 💻
_{nandininarayanofficial} 💻	_{Andrea DG} 💻	_Luis 💻	_{Luke Harrison} 💻	_{Ahmed Alsinan} 💻	_{Nevan Tan} 💻	_{Ali Al Dobyan} 💻
_{Adam Shea} 💻	_{Md Nabeel Ayubee} 💻	_{Patan Amrulla Khan} 💻 📖	_{Noah Sgorbati} 💻 📖	_{Divya G} 💻	_{Soumya Raju} 💻	_{Mohammed Mikdhad C} 💻
_{IRFAD KP} 💻	_{ziyadzulfikar} 💻	_{IRFAD KP} 💻	_Mariat 💻	_{Thamjith Thaha} 💻	_{Zoë Gathercole} 💻	_{Zach Tindall} 💻
_{Ashna Thomas} 💻

This project follows the all-contributors specification. Contributions of any kind welcome!

📝 License

Licensed under the Apache 2.0 License.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

SAST

Determines if the project uses static code analysis.

8

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

7

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 7

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:298: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:310: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:317: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:329: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issue-triage.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/issue-triage.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-web-components-cdn.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/publish-web-components-cdn.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-web-components-cdn.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/publish-web-components-cdn.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-web-components-cdn.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/publish-web-components-cdn.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-web-components-cdn.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/publish-web-components-cdn.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-web-components-cdn.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/carbon-design-system/carbon/publish-web-components-cdn.yml/main?enable=pin
Warn: containerImage not pinned by hash: actions/add-review-labels/Dockerfile:1: pin your Docker image by updating node:slim to node:slim@sha256:682fa023644199a084456630af5a29cd76e42d26b3355f1d9cd65ae00e49951e
Warn: containerImage not pinned by hash: actions/issues/Dockerfile:1: pin your Docker image by updating node:slim to node:slim@sha256:682fa023644199a084456630af5a29cd76e42d26b3355f1d9cd65ae00e49951e
Warn: containerImage not pinned by hash: actions/promote/Dockerfile:1: pin your Docker image by updating node:slim to node:slim@sha256:682fa023644199a084456630af5a29cd76e42d26b3355f1d9cd65ae00e49951e
Warn: containerImage not pinned by hash: actions/release-notifications/Dockerfile:1: pin your Docker image by updating node:slim to node:slim@sha256:682fa023644199a084456630af5a29cd76e42d26b3355f1d9cd65ae00e49951e
Warn: containerImage not pinned by hash: actions/wait-for-it/Dockerfile:1: pin your Docker image by updating node:slim to node:slim@sha256:682fa023644199a084456630af5a29cd76e42d26b3355f1d9cd65ae00e49951e
Info: 84 out of 89 GitHub-owned GitHubAction dependencies pinned
Info: 24 out of 29 third-party GitHubAction dependencies pinned
Info: 0 out of 5 containerImage dependencies pinned

5

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

Reason

detected GitHub workflow tokens with excessive permissions

Details

Warn: jobLevel 'contents' permission set to 'write': .github/workflows/nightly-release.yml:14
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release.yml:19
Warn: jobLevel 'contents' permission set to 'write': .github/workflows/v10-release.yml:17
Warn: no topLevel permission defined: .github/workflows/add-review-labels.yml:1
Warn: no topLevel permission defined: .github/workflows/add-to-project.yml:1
Warn: no topLevel permission defined: .github/workflows/ci.yml:1
Warn: no topLevel permission defined: .github/workflows/code-connect.yml:1
Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
Warn: no topLevel permission defined: .github/workflows/dco.yml:1
Warn: no topLevel permission defined: .github/workflows/deploy-packages.yml:1
Info: topLevel 'contents' permission set to 'read': .github/workflows/deploy-react-storybook.yml:18
Warn: no topLevel permission defined: .github/workflows/deploy-web-components-storybook.yml:1
Warn: no topLevel permission defined: .github/workflows/issue-triage-strategic-adopter.yml:1
Warn: no topLevel permission defined: .github/workflows/issue-triage.yml:1
Warn: no topLevel permission defined: .github/workflows/metrics-merge-rate.yml:1
Warn: no topLevel permission defined: .github/workflows/metrics-repo-stats.yml:1
Warn: no topLevel permission defined: .github/workflows/nightly-release.yml:1
Warn: no topLevel permission defined: .github/workflows/promote.yml:1
Warn: no topLevel permission defined: .github/workflows/publish-web-components-cdn.yml:1
Warn: no topLevel permission defined: .github/workflows/pull-request-closed.yml:1
Warn: no topLevel permission defined: .github/workflows/release-notifications.yml:1
Warn: no topLevel permission defined: .github/workflows/release.yml:1
Warn: no topLevel permission defined: .github/workflows/slack-announcement.yml:1
Warn: no topLevel permission defined: .github/workflows/slack-build-notifications.yml:1
Warn: no topLevel permission defined: .github/workflows/slack-office-hours-design.yml:1
Warn: no topLevel permission defined: .github/workflows/slack-office-hours-dev.yml:1
Warn: no topLevel permission defined: .github/workflows/stale.yml:1
Warn: no topLevel permission defined: .github/workflows/sync-generated-files.yml:1
Warn: no topLevel permission defined: .github/workflows/v10-ci.yml:1
Warn: no topLevel permission defined: .github/workflows/v10-deploy-react-storybook.yml:1
Warn: no topLevel permission defined: .github/workflows/v10-release.yml:1
Warn: no topLevel permission defined: .github/workflows/version.yml:1

0

Fuzzing

Determines if the project uses fuzzing.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

145 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-g77x-44xx-532m
Warn: Project is vulnerable to: GHSA-gp8f-8m3g-qvj9
Warn: Project is vulnerable to: GHSA-7gfc-8cq8-jh5f
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-wvhm-4hhf-97x9
Warn: Project is vulnerable to: GHSA-h4hr-7fg3-h35w
Warn: Project is vulnerable to: GHSA-gj77-59wh-66hg
Warn: Project is vulnerable to: GHSA-hqhp-5p83-hx96
Warn: Project is vulnerable to: GHSA-3949-f494-cm99
Warn: Project is vulnerable to: GHSA-6chw-6frg-f759
Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-vh7m-p724-62c2
Warn: Project is vulnerable to: GHSA-r9p9-mrjm-926w
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-6h5x-7c5m-7cr7
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-vfrc-7r7c-w9mx
Warn: Project is vulnerable to: GHSA-7wwv-vh3v-89cq
Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-ccrp-c664-8p4j
Warn: Project is vulnerable to: GHSA-4wx3-54gh-9fr9
Warn: Project is vulnerable to: GHSA-r6rj-9ch6-g264
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m / GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-fhjf-83wg-r2j9
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-5q6m-3h65-w53x
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-h9rv-jmmf-4pgx
Warn: Project is vulnerable to: GHSA-hxcc-f52p-wc94
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp
Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr
Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw
Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc
Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-9m6j-fcg5-2442
Warn: Project is vulnerable to: GHSA-hh27-ffr2-f2jc
Warn: Project is vulnerable to: GHSA-rqff-837h-mm52
Warn: Project is vulnerable to: GHSA-8v38-pw62-9cw2
Warn: Project is vulnerable to: GHSA-hgjh-723h-mx2j
Warn: Project is vulnerable to: GHSA-jf5r-8hm2-f872
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-g78m-2chm-r7qv
Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
Warn: Project is vulnerable to: GHSA-46c4-8wrp-j99v
Warn: Project is vulnerable to: GHSA-5j4c-8p2g-v4jx
Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
Warn: Project is vulnerable to: GHSA-257v-vj4p-3w2h
Warn: Project is vulnerable to: GHSA-3wcq-x3mq-6r9p
Warn: Project is vulnerable to: GHSA-3gx7-xhv7-5mx3
Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
Warn: Project is vulnerable to: GHSA-6x33-pw7p-hmpq
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-7r28-3m3f-r2pr
Warn: Project is vulnerable to: GHSA-r8j5-h5cx-65gg
Warn: Project is vulnerable to: GHSA-92xj-mqp7-vmcj
Warn: Project is vulnerable to: GHSA-wxgw-qj99-44c2
Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-c9g6-9335-x697
Warn: Project is vulnerable to: GHSA-pgr8-jg6h-8gw6
Warn: Project is vulnerable to: GHSA-cf66-xwfp-gvc4
Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-64vr-g452-qvp3
Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Warn: Project is vulnerable to: GHSA-hpx4-r86g-5jrg
Warn: Project is vulnerable to: GHSA-prr3-c3m5-p7q2
Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-hm92-vgmw-qfmx
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-ch52-vgq2-943f
Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
Warn: Project is vulnerable to: GHSA-px4h-xg32-q955
Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
Warn: Project is vulnerable to: GHSA-jv35-xqg7-f92r
Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-mv48-hcvh-8jj8
Warn: Project is vulnerable to: GHSA-353f-5xf4-qw67
Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

6.7

/10

Last Scanned on 2024-12-23

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to carbon-components

carbon-components-react

8.67.0

The Carbon Design System is IBM’s open-source design system for products and experiences.

@carbon/react

1.72.0

React components for the Carbon Design System

@carbon/web-components

2.19.0

Web components for the Carbon Design System

@carbon/feature-flags

0.24.0

Build with feature flags in Carbon