Installations
npm install gulp-amphtml-validatorDeveloper Guide
Typescript
No
Module System
N/A
Node Version
20.12.2
NPM Version
10.8.1
Score
70.3
Supply Chain
89.5
Quality
76.6
Maintenance
100
Vulnerability
100
License
Releases
2501101900000
Published on 14 Jan 2025
2410292120000
Published on 05 Nov 2024
2410250306000
Published on 29 Oct 2024
2410161801000
Published on 22 Oct 2024
2410081535000
Published on 15 Oct 2024
2410031633000
Published on 08 Oct 2024
Contributors
Languages
JavaScript (79.92%)
HTML (9.11%)
C++ (7.54%)
CSS (2.22%)
TypeScript (0.55%)
Python (0.28%)
Starlark (0.15%)
Yacc (0.12%)
Shell (0.08%)
Go (0.03%)
Developer
Download Statistics
Total Downloads
111,876
Last Day
10
Last Week
119
Last Month
1,351
Last Year
17,719
GitHub Statistics
14,895 Stars
22,542 Commits
3,894 Forks
632 Watching
166 Branches
1,175 Contributors
Bundle Size
93.34 kB
Minified
28.66 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
1.0.8
Package Id
gulp-amphtml-validator@1.0.8
Unpacked Size
12.76 kB
Size
3.66 kB
File Count
6
NPM Version
10.8.1
Node Version
20.12.2
Publised On
23 Jul 2024
Total Downloads
Cumulative downloads
Total Downloads
111,876
Last day
-9.1%
10
Compared to previous day
Last week
-61.6%
119
Compared to previous week
Last month
-17.9%
1,351
Compared to previous month
Last year
35.5%
17,719
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Gulp AMPHTML Validator
A Gulp plugin for validating AMPHTML files using the official AMPHTML Validator.
Installation
Install package with npm and add it to your development dependencies:
1npm install --save-dev gulp-amphtml-validator
Usage
1const gulpAmpValidator = require('gulp-amphtml-validator'); 2 3gulp.task('amphtml:validate', () => { 4 return ( 5 gulp 6 .src('*.html') 7 // Validate the input and attach the validation result to the "amp" property 8 // of the file object. 9 .pipe(gulpAmpValidator.validate()) 10 // Print the validation results to the console. 11 .pipe(gulpAmpValidator.format()) 12 // Exit the process with error code (1) if an AMP validation error 13 // occurred. 14 .pipe(gulpAmpValidator.failAfterError()) 15 ); 16});
To treat warnings as errors, replace the last line of the validation closure with:
1// Exit the process with error code (1) if an AMP validation warning or 2// error occurred. 3.pipe(gulpAmpValidator.failAfterWarningOrError());
Release Notes
1.0.6
- Use fancy-log log.info (#30744)
1.0.5
- Update repository location.
1.0.4
- Update amphtml-validator dependency to 1.0.30, gulp to 4.0.2 and mocha to 7.0.1.
1.0.3
- Remove engine section from package.json to allow any version of gulpjs.
1.0.2
- Add failAfterWarningOrError option
- Upgrade amphtml-validator version to 1.0.21
1.0.1
- Upgrade amphtml-validator version to 1.0.18
1.0.0
- initial release
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
30 out of 30 merged PRs checked by a CI test -- score normalized to 10
Reason
all changesets reviewed
Reason
project has 17 contributing companies or organizations
Details
- Info: fastpack contributor org/company found, ampproject contributor org/company found, google contributor org/company found, babel contributor org/company found, Brawker contributor org/company found, palestine-web-summit contributor org/company found, carbon-tools contributor org/company found, human-tools contributor org/company found, googlers contributor org/company found, vercel contributor org/company found, vanadium contributor org/company found, perpay contributor org/company found, manshar contributor org/company found, mend contributor org/company found, jsconf contributor org/company found, tc39 contributor org/company found, linkedin contributor org/company found,
Reason
no dangerous workflow patterns detected
Reason
update tool detected
Details
- Info: detected update tool: RenovateBot: .renovaterc.json:1
Reason
project is fuzzed
Details
- Info: OSSFuzz integration found
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
25 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10
Reason
SAST tool is run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Info: all commits (30) are checked with a SAST tool
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:20
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:21
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/cross-platform-builds.yml:41
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/cut-nightly.yml:52
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-tagger.yml:53
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/status-page.yml:49
- Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:13
- Info: topLevel 'contents' permission set to 'read': .github/workflows/cross-platform-builds.yml:9
- Info: topLevel 'contents' permission set to 'read': .github/workflows/cut-nightly.yml:12
- Info: topLevel 'contents' permission set to 'read': .github/workflows/dependency-review.yml:13
- Info: topLevel 'contents' permission set to 'read': .github/workflows/release-tagger.yml:21
- Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18
- Info: topLevel 'contents' permission set to 'read': .github/workflows/status-page.yml:8
- Info: topLevel 'contents' permission set to 'read': .github/workflows/update-session-issues.yml:13
- Info: no jobLevel write permissions found
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Warn: required approving review count is 1 on branch 'main'
- Warn: codeowners review is not required on branch 'main'
- Info: status check found to merge onto on branch 'main'
- Info: PRs are required in order to make changes on branch 'main'
Reason
dependency not pinned by hash detected -- score normalized to 8
Details
- Warn: pipCommand not pinned by hash: .circleci/install_validator_dependencies.sh:19
- Warn: npmCommand not pinned by hash: third_party/inputmask/build.sh:2
- Warn: npmCommand not pinned by hash: third_party/react-dates/build.sh:2
- Warn: npmCommand not pinned by hash: third_party/react-dates/debug.sh:2
- Info: 21 out of 21 GitHub-owned GitHubAction dependencies pinned
- Info: 17 out of 17 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 pipCommand dependencies pinned
- Info: 4 out of 7 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
37 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-gx9m-whjm-85jf
- Warn: Project is vulnerable to: GHSA-mmhx-hmjr-r674
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
- Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
- Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-gqgv-6jq5-jjj9
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
8.6
/10
Last Scanned on 2025-01-14T21:49:04Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More