Gathering detailed insights and metrics for docx
Gathering detailed insights and metrics for docx
Easily generate and modify .docx files with JS/TS with a nice declarative API. Works for Node and on the Browser.
Installations
npm install docxDeveloper Guide
BETA
Typescript
Yes
Module System
ESM
Min. Node Version
>=10
Node Version
20.19.1
NPM Version
10.8.2
Score
94.7
Supply Chain
98
Quality
85.6
Maintenance
100
Vulnerability
98.2
License
Releases
88
Languages
1
TypeScript
TypeScript (100%)
Developer
Download Statistics
Total Downloads
22,616,978
Last Day
11,859
Last Week
288,700
Last Month
1,264,866
Last Year
9,889,302
GitHub Statistics
MIT License
4,983 Stars
3,902 Commits
537 Forks
46 Watchers
7 Branches
116 Contributors
Updated on Jun 16, 2025
Bundle Size
390.64 kB
Minified
108.64 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
9.5.0
Package Id
docx@9.5.0
Unpacked Size
3.20 MB
Size
627.71 kB
File Count
9
NPM Version
10.8.2
Node Version
20.19.1
Published on
May 05, 2025
Total Downloads
Cumulative downloads
Total Downloads
22,616,978
Last Day
-16.7%
11,859
Compared to previous day
Last Week
-12.5%
288,700
Compared to previous week
Last Month
5.3%
1,264,866
Compared to previous month
Last Year
82.1%
9,889,302
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
37
@types/eslint__js@types/inquirer@types/prompt@types/unzipper@types/xml@typescript-eslint/eslint-plugin@typescript-eslint/parser@vitest/coverage-v8@vitest/uicspelldocsify-clieslinteslint-import-resolver-typescripteslint-plugin-functionaleslint-plugin-importeslint-plugin-jsdoceslint-plugin-no-nulleslint-plugin-prefer-arroweslint-plugin-unicornexecaglobinquirerjitijsdompre-commitprettiertsconfig-pathstsxtypedoctypescripttypescript-eslintunzippervitevite-plugin-dtsvite-plugin-node-polyfillsvite-tsconfig-pathsvitest
Easily generate and modify .docx files with JS/TS. Works for Node and on the Browser.
Demo
Browser
Here are examples of docx being used with basic HTML/JS in a browser environment:
Here are examples of docx working in Angular:
Here are examples of docx working in React:
- https://stackblitz.com/edit/react-docx
- https://stackblitz.com/edit/react-docx-images (adding images to Word Document)
Here is an example of docx working in Vue.js:
Node
Press endpoint on the RunKit website:
- https://runkit.com/dolanmiu/docx-demo1 - Simple paragraph and text
- https://runkit.com/dolanmiu/docx-demo2 - Advanced Paragraphs and text
- https://runkit.com/dolanmiu/docx-demo3 - Bullet points
- https://runkit.com/dolanmiu/docx-demo4 - Simple table
- https://runkit.com/dolanmiu/docx-demo5 - Images
- https://runkit.com/dolanmiu/docx-demo6 - Margins
- https://runkit.com/dolanmiu/docx-demo7 - Landscape
- https://runkit.com/dolanmiu/docx-demo8 - Header and Footer
- https://runkit.com/dolanmiu/docx-demo10 - My CV generated with docx
More here
How to use & Documentation
Please refer to the documentation at https://docx.js.org/ for details on how to use this library, examples and much more!
Playground
Experience docx in action through Docx.js Editor, an interactive playground where you can code and preview the results in real-time.
Examples
Check the demo folder for examples.
Contributing
Read the contribution guidelines here.
Used by
...and many more!
Made with 💖
No vulnerabilities found.
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
SAST tool is not run on all commits -- score normalized to 9
Details
- Warn: 27 commits out of 29 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 6
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/default.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/default.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/default.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/default.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/default.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/default.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/default.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/default.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/default.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/default.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/default.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/default.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/default.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/default.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/demos.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/demos.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/github-pages.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/github-pages.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/github-pages.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/github-pages.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/github-pages.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/github-pages.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/github-pages.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/github-pages.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/github-pages.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/github-pages.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/npm-publish.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm-publish.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/npm-publish.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/remove-old-artifacts.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/dolanmiu/docx/remove-old-artifacts.yml/master?enable=pin
- Info: 0 out of 17 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
- Info: 9 out of 9 npmCommand dependencies pinned
Reason
Found 2/4 approved changesets -- score normalized to 5
Reason
7 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-4r62-v4vq-hr96
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/default.yml:1
- Warn: no topLevel permission defined: .github/workflows/demos.yml:1
- Warn: no topLevel permission defined: .github/workflows/github-pages.yml:1
- Warn: no topLevel permission defined: .github/workflows/npm-publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/remove-old-artifacts.yml:1
- Info: no jobLevel write permissions found
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
6.3
/10
Last Scanned on 2025-06-09
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More