Gathering detailed insights and metrics for gulp-amphtml-validator
Gathering detailed insights and metrics for gulp-amphtml-validator
The AMP web component framework.
Installations
npm install gulp-amphtml-validatorDeveloper Guide
BETA
Typescript
No
Module System
N/A
Node Version
20.12.2
NPM Version
10.8.1
Releases
856
Languages
11
JavaScript
HTML
C++
CSS
TypeScript
Python
Starlark
Yacc
Shell
Go
C
JavaScript (79.94%)
HTML (9.1%)
C++ (7.53%)
CSS (2.22%)
TypeScript (0.55%)
Python (0.28%)
Starlark (0.15%)
Yacc (0.12%)
Shell (0.08%)
Go (0.03%)
Developer
Download Statistics
Total Downloads
117,732
Last Day
44
Last Week
301
Last Month
1,298
Last Year
17,692
GitHub Statistics
Apache-2.0 License
14,895 Stars
22,555 Commits
3,936 Forks
627 Watchers
170 Branches
1,174 Contributors
Updated on May 08, 2025
Bundle Size
93.34 kB
Minified
28.66 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
1.0.8
Package Id
gulp-amphtml-validator@1.0.8
Unpacked Size
12.76 kB
Size
3.66 kB
File Count
6
NPM Version
10.8.1
Node Version
20.12.2
Published on
Jul 23, 2024
Total Downloads
Cumulative downloads
Total Downloads
117,732
Last Day
33.3%
44
Compared to previous day
Last Week
-10.9%
301
Compared to previous week
Last Month
-16%
1,298
Compared to previous month
Last Year
21.8%
17,692
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
3
Gulp AMPHTML Validator
A Gulp plugin for validating AMPHTML files using the official AMPHTML Validator.
Installation
Install package with npm and add it to your development dependencies:
1npm install --save-dev gulp-amphtml-validator
Usage
1const gulpAmpValidator = require('gulp-amphtml-validator'); 2 3gulp.task('amphtml:validate', () => { 4 return ( 5 gulp 6 .src('*.html') 7 // Validate the input and attach the validation result to the "amp" property 8 // of the file object. 9 .pipe(gulpAmpValidator.validate()) 10 // Print the validation results to the console. 11 .pipe(gulpAmpValidator.format()) 12 // Exit the process with error code (1) if an AMP validation error 13 // occurred. 14 .pipe(gulpAmpValidator.failAfterError()) 15 ); 16});
To treat warnings as errors, replace the last line of the validation closure with:
1// Exit the process with error code (1) if an AMP validation warning or 2// error occurred. 3.pipe(gulpAmpValidator.failAfterWarningOrError());
Release Notes
1.0.6
- Use fancy-log log.info (#30744)
1.0.5
- Update repository location.
1.0.4
- Update amphtml-validator dependency to 1.0.30, gulp to 4.0.2 and mocha to 7.0.1.
1.0.3
- Remove engine section from package.json to allow any version of gulpjs.
1.0.2
- Add failAfterWarningOrError option
- Upgrade amphtml-validator version to 1.0.21
1.0.1
- Upgrade amphtml-validator version to 1.0.18
1.0.0
- initial release
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
30 out of 30 merged PRs checked by a CI test -- score normalized to 10
Reason
all changesets reviewed
Reason
project has 17 contributing companies or organizations
Details
- Info: perpay contributor org/company found, manshar contributor org/company found, carbon-tools contributor org/company found, human-tools contributor org/company found, mend contributor org/company found, ampproject contributor org/company found, googlers contributor org/company found, tc39 contributor org/company found, babel contributor org/company found, vanadium contributor org/company found, jsconf contributor org/company found, google contributor org/company found, Brawker contributor org/company found, vercel contributor org/company found, fastpack contributor org/company found, linkedin contributor org/company found, palestine-web-summit contributor org/company found,
Reason
no dangerous workflow patterns detected
Reason
update tool detected
Details
- Info: detected update tool: RenovateBot: .renovaterc.json:1
Reason
project is fuzzed
Details
- Info: OSSFuzz integration found
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
12 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:21
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:20
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/cross-platform-builds.yml:41
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/cut-nightly.yml:52
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/release-tagger.yml:53
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/status-page.yml:49
- Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:13
- Info: topLevel 'contents' permission set to 'read': .github/workflows/cross-platform-builds.yml:9
- Info: topLevel 'contents' permission set to 'read': .github/workflows/cut-nightly.yml:12
- Info: topLevel 'contents' permission set to 'read': .github/workflows/dependency-review.yml:13
- Info: topLevel 'contents' permission set to 'read': .github/workflows/release-tagger.yml:21
- Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:18
- Info: topLevel 'contents' permission set to 'read': .github/workflows/status-page.yml:8
- Info: topLevel 'contents' permission set to 'read': .github/workflows/update-session-issues.yml:13
- Info: no jobLevel write permissions found
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 29 commits out of 30 are checked with a SAST tool
Reason
branch protection is not maximal on development and all release branches
Details
- Info: 'allow deletion' disabled on branch 'main'
- Info: 'force pushes' disabled on branch 'main'
- Warn: required approving review count is 1 on branch 'main'
- Warn: codeowners review is not required on branch 'main'
- Info: status check found to merge onto on branch 'main'
- Info: PRs are required in order to make changes on branch 'main'
Reason
dependency not pinned by hash detected -- score normalized to 8
Details
- Warn: pipCommand not pinned by hash: .circleci/install_validator_dependencies.sh:19
- Warn: npmCommand not pinned by hash: third_party/inputmask/build.sh:2
- Warn: npmCommand not pinned by hash: third_party/react-dates/build.sh:2
- Warn: npmCommand not pinned by hash: third_party/react-dates/debug.sh:2
- Info: 21 out of 21 GitHub-owned GitHubAction dependencies pinned
- Info: 17 out of 17 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 pipCommand dependencies pinned
- Info: 4 out of 7 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
47 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-w5hq-hm5m-4548
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-gx9m-whjm-85jf
- Warn: Project is vulnerable to: GHSA-mmhx-hmjr-r674
- Warn: Project is vulnerable to: GHSA-vhxf-7vqr-mrjg
- Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
- Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-fvqr-27wr-82fm
- Warn: Project is vulnerable to: GHSA-4xc9-xhrj-v574
- Warn: Project is vulnerable to: GHSA-x5rq-j2xg-h7qm
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-gqgv-6jq5-jjj9
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
8.6
/10
Last Scanned on 2025-05-07T08:55:45Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More