Gathering detailed insights and metrics for detect-libc
Gathering detailed insights and metrics for detect-libc
Node.js module to detect details of the C standard library (libc) implementation provided by a given Linux system
Installations
npm install detect-libcDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>=8
Node Version
22.14.0
NPM Version
10.9.2
Releases
Unable to fetch releases
Languages
1
JavaScript
JavaScript (100%)
Developer
lovell
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
Apache-2.0 License
66 Stars
60 Commits
13 Forks
2 Watchers
2 Branches
7 Contributors
Updated on May 08, 2025
Maintainers
1
Package Meta Information
Latest Version
2.0.4
Package Id
detect-libc@2.0.4
Unpacked Size
23.10 kB
Size
6.94 kB
File Count
7
NPM Version
10.9.2
Node Version
22.14.0
Published on
Apr 22, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
5
detect-libc
Node.js module to detect details of the C standard library (libc) implementation provided by a given Linux system.
Currently supports detection of GNU glibc and MUSL libc.
Provides asychronous and synchronous functions for the
family (e.g. glibc, musl) and version (e.g. 1.23, 1.2.3).
The version numbers of libc implementations are not guaranteed to be semver-compliant.
For previous v1.x releases, please see the v1 branch.
Install
1npm install detect-libc
API
GLIBC
1const GLIBC: string = 'glibc';
A String constant containing the value glibc.
MUSL
1const MUSL: string = 'musl';
A String constant containing the value musl.
family
1function family(): Promise<string | null>;
Resolves asychronously with:
glibcormuslwhen the libc family can be determinednullwhen the libc family cannot be determinednullwhen run on a non-Linux platform
1const { family, GLIBC, MUSL } = require('detect-libc'); 2 3switch (await family()) { 4 case GLIBC: ... 5 case MUSL: ... 6 case null: ... 7}
familySync
1function familySync(): string | null;
Synchronous version of family().
1const { familySync, GLIBC, MUSL } = require('detect-libc'); 2 3switch (familySync()) { 4 case GLIBC: ... 5 case MUSL: ... 6 case null: ... 7}
version
1function version(): Promise<string | null>;
Resolves asychronously with:
- The version when it can be determined
nullwhen the libc family cannot be determinednullwhen run on a non-Linux platform
1const { version } = require('detect-libc'); 2 3const v = await version(); 4if (v) { 5 const [major, minor, patch] = v.split('.'); 6}
versionSync
1function versionSync(): string | null;
Synchronous version of version().
1const { versionSync } = require('detect-libc'); 2 3const v = versionSync(); 4if (v) { 5 const [major, minor, patch] = v.split('.'); 6}
isNonGlibcLinux
1function isNonGlibcLinux(): Promise<boolean>;
Resolves asychronously with:
falsewhen the libc family isglibctruewhen the libc family is notglibcfalsewhen run on a non-Linux platform
1const { isNonGlibcLinux } = require('detect-libc'); 2 3if (await isNonGlibcLinux()) { ... }
isNonGlibcLinuxSync
1function isNonGlibcLinuxSync(): boolean;
Synchronous version of isNonGlibcLinux().
1const { isNonGlibcLinuxSync } = require('detect-libc'); 2 3if (isNonGlibcLinuxSync()) { ... }
Licensing
Copyright 2017 Lovell Fuller and others.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
0 existing vulnerabilities detected
Reason
4 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 4
Reason
Found 7/30 approved changesets -- score normalized to 2
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/integration.yml:173: update your workflow using https://app.stepsecurity.io/secureworkflow/lovell/detect-libc/integration.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/lovell/detect-libc/unit.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/unit.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/lovell/detect-libc/unit.yml/main?enable=pin
- Warn: downloadThenRun not pinned by hash: .github/workflows/integration.yml:149
- Warn: downloadThenRun not pinned by hash: .github/workflows/integration.yml:165
- Warn: npmCommand not pinned by hash: .github/workflows/unit.yml:27
- Info: 0 out of 3 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
- Info: 0 out of 2 downloadThenRun dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/integration.yml:1
- Warn: no topLevel permission defined: .github/workflows/unit.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'main'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 7 are checked with a SAST tool
Score
4
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More