Gathering detailed insights and metrics for extract-react-types-loader
Gathering detailed insights and metrics for extract-react-types-loader
One stop shop for documenting your react components.
Installations
npm install extract-react-types-loaderDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
12.22.1
NPM Version
6.14.12
Score
56.8
Supply Chain
51.9
Quality
76.7
Maintenance
100
Vulnerability
99.3
License
Releases
26
pretty-proptypes@1.3.0
pretty-proptypes@1.3.0
Updated on Jul 04, 2021
extract-react-types-loader@1.0.0
extract-react-types-loader@1.0.0
Updated on Jun 09, 2021
extract-react-types@0.30.2
extract-react-types@0.30.2
Updated on May 25, 2021
extract-react-types@0.30.1
extract-react-types@0.30.1
Updated on Apr 20, 2021
pretty-proptypes@1.2.0
pretty-proptypes@1.2.0
Updated on Mar 08, 2021
extract-react-types@0.30.0
extract-react-types@0.30.0
Updated on Mar 05, 2021
Languages
2
JavaScript
TypeScript
JavaScript (99.71%)
TypeScript (0.29%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
184 Stars
288 Commits
29 Forks
5 Watchers
52 Branches
79 Contributors
Updated on Jul 10, 2025
Maintainers
3
Package Meta Information
Latest Version
1.0.0
Package Id
extract-react-types-loader@1.0.0
Unpacked Size
9.31 kB
Size
3.41 kB
File Count
5
NPM Version
6.14.12
Node Version
12.22.1
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Extract React Types Loader
Please see the documentation for pretty-proptypes for information on how to use this package.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
11 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 9
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 6 commits out of 23 are checked with a SAST tool
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'master'
- Info: 'force pushes' disabled on branch 'master'
- Warn: 'branch protection settings apply to administrators' is disabled on branch 'master'
- Warn: 'stale review dismissal' is disabled on branch 'master'
- Warn: required approving review count is 1 on branch 'master'
- Warn: codeowners review is not required on branch 'master'
- Warn: 'last push approval' is disabled on branch 'master'
- Warn: no status checks found to merge onto branch 'master'
- Info: PRs are required in order to make changes on branch 'master'
Reason
Found 9/20 approved changesets -- score normalized to 4
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'packages' permission set to 'read': .github/workflows/codeql.yml:36
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:39
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:40
- Warn: no topLevel permission defined: .github/workflows/codeql.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/test.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/atlassian/extract-react-types/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/atlassian/extract-react-types/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:98: update your workflow using https://app.stepsecurity.io/secureworkflow/atlassian/extract-react-types/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/atlassian/extract-react-types/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/atlassian/extract-react-types/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/atlassian/extract-react-types/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/atlassian/extract-react-types/test.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/atlassian/extract-react-types/test.yml/master?enable=pin
- Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 third-party GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
17 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
4.6
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More