Gathering detailed insights and metrics for d3
Gathering detailed insights and metrics for d3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
Installations
npm install d3Developer
Developer Guide
BETA
Module System
ESM
Min. Node Version
>=12
Typescript Support
No
Node Version
20.11.0
NPM Version
10.2.4
Statistics
109,094 Stars
4,505 Commits
22,857 Forks
3,616 Watching
33 Branches
137 Contributors
Updated on 28 Nov 2024
Bundle Size
290.35 kB
Minified
90.66 kB
Minified + Gzipped
Languages
Shell (92.12%)
JavaScript (7.88%)
Total Downloads
Cumulative downloads
Total Downloads
555,310,774
Last day
-9.4%
622,780
Compared to previous day
Last week
-1%
3,466,587
Compared to previous week
Last month
11.4%
14,966,545
Compared to previous month
Last year
28.9%
146,744,728
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
30
Versions
D3: Data-Driven Documents
D3 (or D3.js) is a free, open-source JavaScript library for visualizing data. Its low-level approach built on web standards offers unparalleled flexibility in authoring dynamic, data-driven graphics. For more than a decade D3 has powered groundbreaking and award-winning visualizations, become a foundational building block of higher-level chart libraries, and fostered a vibrant community of data practitioners around the world.
Daily downloads of D3 ยท oss-analytics
Resources
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
8 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
project is fuzzed
Details
- Info: OSSFuzz integration found
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: ISC License: LICENSE:0
Reason
3 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Reason
Found 20/30 approved changesets -- score normalized to 6
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/deploy.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/d3/d3/deploy.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/d3/d3/deploy.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/d3/d3/deploy.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/d3/d3/deploy.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/d3/d3/deploy.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/d3/d3/deploy.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/d3/d3/test.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/d3/d3/test.yml/main?enable=pin
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 21 are checked with a SAST tool
Score
5.8
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More