Gathering detailed insights and metrics for cloneable-readable
Gathering detailed insights and metrics for cloneable-readable
Installations
npm install cloneable-readableScore
98.1
Supply Chain
83.6
Quality
75.4
Maintenance
100
Vulnerability
100
License
Releases
11
Contributors
5
![greenkeeper[bot]](https://avatars.githubusercontent.com/in/505?v=4){kind=avatar}
![dependabot-preview[bot]](https://avatars.githubusercontent.com/in/2141?v=4){kind=avatar}
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4){kind=avatar}
Developer
mcollina
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
16.15.1
NPM Version
8.11.0
Statistics
119 Stars
67 Commits
14 Forks
5 Watching
4 Branches
5 Contributors
Updated on 05 Nov 2024
Bundle Size
78.60 kB
Minified
22.99 kB
Minified + Gzipped
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
666,333,150
Last day
-8.7%
486,547
Compared to previous day
Last week
1.2%
2,894,516
Compared to previous week
Last month
19.2%
11,773,290
Compared to previous month
Last year
5.7%
125,654,527
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
6
Versions
cloneable-readable
Clone a Readable stream, safely.
1'use strict' 2 3var cloneable = require('cloneable-readable') 4var fs = require('fs') 5var pump = require('pump') 6 7var stream = cloneable(fs.createReadStream('./package.json')) 8 9pump(stream.clone(), fs.createWriteStream('./out1')) 10 11// simulate some asynchronicity 12setImmediate(function () { 13 pump(stream, fs.createWriteStream('./out2')) 14})
cloneable-readable automatically handles objectMode: true.
This module comes out of an healthy discussion on the 'right' way to clone a Readable in https://github.com/gulpjs/vinyl/issues/85 and https://github.com/nodejs/readable-stream/issues/202. This is my take.
YOU MUST PIPE ALL CLONES TO START THE FLOW
You can also attach 'data' and 'readable' events to them.
API
cloneable(stream)
Create a Cloneable stream.
A Cloneable has a clone() method to create more clones.
All clones must be resumed/piped to start the flow.
cloneable.isCloneable(stream)
Check if stream needs to be wrapped in a Cloneable or not.
Acknowledgements
This project was kindly sponsored by nearForm.
License
MIT
No vulnerabilities found.
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 5/16 approved changesets -- score normalized to 3
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/mcollina/cloneable-readable/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/mcollina/cloneable-readable/ci.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:27
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 24 are checked with a SAST tool
Score
4.3
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More