Gathering detailed insights and metrics for heic-decode
Gathering detailed insights and metrics for heic-decode
Installations
npm install heic-decodeDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=8.0.0
Node Version
16.20.2
NPM Version
8.19.4
Score
99.2
Supply Chain
91
Quality
81.8
Maintenance
100
Vulnerability
98.9
License
Releases
Unable to fetch releases
Languages
1
JavaScript
JavaScript (100%)
Developer
catdad-experiments
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
47 Stars
68 Commits
16 Forks
3 Watchers
1 Branches
2 Contributors
Updated on Jul 04, 2025
Maintainers
1
Package Meta Information
Latest Version
2.1.0
Package Id
heic-decode@2.1.0
Unpacked Size
6.50 kB
Size
2.60 kB
File Count
4
NPM Version
8.19.4
Node Version
16.20.2
Published on
Jul 04, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
heic-decode
Decode HEIC images to extract raw pixel data.
Install
1npm install heic-decode
Usage
Decode the main image in the file:
1const fs = require('fs'); 2const { promisify } = require('util'); 3const decode = require('heic-decode'); 4 5(async () => { 6 const buffer = await promisify(fs.readFile)('/path/to/my/image.heic'); 7 const { 8 width, // integer width of the image 9 height, // integer height of the image 10 data // Uint8ClampedArray containing pixel data 11 } = await decode({ buffer }); 12})();
Decode all images in the file:
1const fs = require('fs'); 2const { promisify } = require('util'); 3const decode = require('heic-decode'); 4 5(async () => { 6 const buffer = await promisify(fs.readFile)('/path/to/my/multi-image.heic'); 7 const images = await decode.all({ buffer }); 8 9 for (let image of images) { 10 // decode and use each image individually 11 // so you don't run out of memory 12 const { 13 width, // integer width of the image 14 height, // integer height of the image 15 data // Uint8ClampedArray containing pixel data 16 } = await image.decode(); 17 } 18 19 // when you are done, make sure to free all memory used to convert the images 20 images.dispose(); 21})();
Note: when decoding a single image (i.e. using
decode), all resources are freed automatically after the conversion. However, when decoding all images in a file (i.e. usingdecode.all), you can decode the images at any time, so there is no safe time for the library to free resources -- you need to make sure to calldisposeonce you are done.
When the images are decoded, the return value is a plain object in the format of ImageData. You can use this object to integrate with other imaging libraries for processing.
Note that while the decoder returns a Promise, it does the majority of the work synchronously, so you should consider using a worker thread in order to not block the main thread in highly concurrent production environments.
Related
- heic-cli - convert heic/heif images to jpeg or png from the command line
- heic-convert - convert heic/heif images to jpeg and png
- libheif-js - libheif as a pure-javascript npm module
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
9 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 8
Reason
Found 0/10 approved changesets -- score normalized to 0
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/catdad-experiments/heic-decode/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/catdad-experiments/heic-decode/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/catdad-experiments/heic-decode/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/catdad-experiments/heic-decode/ci.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:24
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 25 are checked with a SAST tool
Score
3.9
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More