Installations
npm install gerador-validador-cpfDeveloper Guide
Typescript
No
Module System
CommonJS
Node Version
15.10.0
NPM Version
7.5.3
Score
78.3
Supply Chain
88.3
Quality
75.7
Maintenance
100
Vulnerability
100
License
Releases
Contributors
Languages
TypeScript (36.33%)
Stylus (35.64%)
JavaScript (25.97%)
EJS (1.81%)
Shell (0.24%)
Developer
Download Statistics
Total Downloads
1,333,195
Last Day
119
Last Week
6,303
Last Month
27,319
Last Year
295,441
GitHub Statistics
393 Stars
482 Commits
75 Forks
12 Watching
2 Branches
8 Contributors
Maintainers
Package Meta Information
Latest Version
5.0.2
Package Id
gerador-validador-cpf@5.0.2
Unpacked Size
16.91 kB
Size
5.43 kB
File Count
10
NPM Version
7.5.3
Node Version
15.10.0
Total Downloads
Cumulative downloads
Total Downloads
1,333,195
Last day
-27.9%
119
Compared to previous day
Last week
-14.4%
6,303
Compared to previous week
Last month
-5.4%
27,319
Compared to previous month
Last year
-10.7%
295,441
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
88
Gerador e Validador de CPF 
Cobertura
Estatísticas
Biblioteca JS open-source para gerar e validar CPF.
A ferramenta pode ser acessada em tiagoporto.github.io/gerador-validador-cpf.
Leia em outros idiomas: English, Português(Brasil)
Instalação
1npm install gerador-validador-cpf --save
Gerando CPF
1import { generate } from 'gerador-validador-cpf' 2 3generate() // Gera um CPF no formato 00000000000 4generate({ format: true }) // Gera um CPF no formato 000.000.000-00
Validando CPF
1import { validate } from 'gerador-validador-cpf' 2 3validate('12345678900') 4// ou 5validate('123.456.789-00')
Obs. os caracteres ., - e espaço, são ignorados na validação.
Contribuição
Doações
Licença
Gerador e validador de CPF está sob os termos da licença MIT.
No vulnerabilities found.
Reason
12 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
SAST tool is not run on all commits -- score normalized to 6
Details
- Warn: 6 commits out of 10 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 5
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/checks.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/checks.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/gh-pages.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/gh-pages.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/gh-pages.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/gh-pages.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/release.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/release.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/tests.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/tests.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/tests.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/tiagoporto/gerador-validador-cpf/tests.yml/main?enable=pin
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 third-party GitHubAction dependencies pinned
- Info: 4 out of 4 npmCommand dependencies pinned
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/tiagoporto/.github/SECURITY.md:1
- Warn: no linked content found
- Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy
- Info: Found text in security policy: github.com/tiagoporto/.github/SECURITY.md:1
Reason
Found 0/20 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/checks.yml:1
- Warn: topLevel 'contents' permission set to 'write': .github/workflows/gh-pages.yml:14
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
25 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-7jxr-cg7f-gpgv
- Warn: Project is vulnerable to: GHSA-xj72-wvfv-8985
- Warn: Project is vulnerable to: GHSA-ch3r-j5x3-6q2m
- Warn: Project is vulnerable to: GHSA-p5gc-c584-jj6v
- Warn: Project is vulnerable to: GHSA-whpj-8f3w-67p5
- Warn: Project is vulnerable to: GHSA-cchq-frgv-rjh5
- Warn: Project is vulnerable to: GHSA-g644-9gfx-q4q4
- Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-f9xv-q969-pqx4
Score
4.8
/10
Last Scanned on 2024-12-16
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More