npmpackage.info

compress-commons

a library that defines a common interface for working with archive formats within node

7.0.0

MIT

JavaScript

Installations

npm install compress-commons

Score

Supply Chain

76.1

Quality

81.7

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

8

Total

170

Closed

83

Merged

79

Issues

Open

6

Total

27

Closed

21

Releases

7.0.0

Published on 14 Oct 2024

6.0.2

Published on 10 Mar 2024

6.0.1

Published on 29 Feb 2024

6.0.0

Published on 27 Feb 2024

5.0.3

Published on 27 Feb 2024

5.0.2

Published on 27 Feb 2024

View all 41 releases

Developer

archiverjs

Developer Guide

BETA

Module System

ESM

Min. Node Version

>=18

Typescript Support

No

Node Version

20.17.0

NPM Version

10.8.2 Statistics

14 Stars

285 Commits

28 Forks

5 Watching

7 Branches

11 Contributors

Updated on 14 Oct 2024

Languages

JavaScript (100%)

Total Downloads

Cumulative downloads

Total Downloads

1,537,604,713

Last day

-3.9%

1,817,286

Compared to previous day

Last week

10,225,171

Compared to previous week

Last month

6.2%

42,645,414

Compared to previous month

Last year

31.9%

444,279,164

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

crc-32 crc32-stream is-stream normalize-path readable-stream

Dev Dependencies

chai mkdirp mocha prettier rimraf

Versions

Compress Commons

Compress Commons is a library that defines a common interface for working with archive formats within node.

Install

1npm install compress-commons --save

You can also use npm install https://github.com/archiverjs/node-compress-commons/archive/master.tar.gz to test upcoming versions.

Things of Interest

Credits

Concept inspired by Apache Commons Compress™.

Some logic derived from Apache Commons Compress™ and OpenJDK 7.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

9

Maintained

Determines if the project is "actively maintained".

9

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

4

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 4

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labels.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/labels.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/labels.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/labels.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/nodejs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/nodejs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/nodejs.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/npmpublish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/npmpublish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/npmpublish.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npmpublish.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/npmpublish.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-drafter.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/archiverjs/node-compress-commons/release-drafter.yml/master?enable=pin
Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 2 third-party GitHubAction dependencies pinned
Info: 3 out of 3 npmCommand dependencies pinned

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

Score

4.9

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

Other packages similar to compress-commons

@types/compress-commons

7.0.1

TypeScript definitions for compress-commons

zip-stream

7.0.2

a streaming zip archive generator.

@sinonjs/commons

4.0.0-alpha.0

Simple functions shared among the sinon end user libraries

@types/zip-stream

7.0.0

TypeScript definitions for zip-stream