Gathering detailed insights and metrics for hexo-theme-keep
Gathering detailed insights and metrics for hexo-theme-keep
Installations
npm install hexo-theme-keepDeveloper
Developer Guide
BETA
Module System
Unable to determine the module system for this package.
Min. Node Version
Typescript Support
No
Node Version
16.20.2
NPM Version
8.19.4
Statistics
1,345 Stars
1,155 Commits
183 Forks
55 Watching
3 Branches
22 Contributors
Updated on 27 Nov 2024
Languages
Stylus (42.16%)
JavaScript (30.49%)
EJS (27.31%)
Shell (0.05%)
Total Downloads
Cumulative downloads
Total Downloads
361,595
Last day
47.8%
572
Compared to previous day
Last week
4.7%
3,088
Compared to previous week
Last month
19.9%
12,237
Compared to previous month
Last year
-8.4%
159,875
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
hexo-theme-keep
Keep is a simple and light Hexo theme. It makes you more focused on writing.
:star2: Online Preview
If you want to put a link to your blog in the online preview list, you can give the author a PR.
:books: Documents
Please see the official documents of Keep.
:rocket: Installation
If you're using Hexo 5.0 or later, the simplest way to install is through NPM:
1# recommend 2 3cd your-hexo 4npm install hexo-theme-keep
Or you can clone the entire repository:
1cd your-hexo 2git clone https://github.com/XPoet/hexo-theme-keep --depth=1 themes/keep
After the installation, open Hexo config file and set theme variable to keep.
1theme: keep
:tada: Update
Keep releases new versions from time to time. You can update Keep by the following command.
Install the latest version through NPM:
1# recommend 2 3cd your-hexo 4npm install hexo-theme-keep@latest
Or update to the latest master branch:
1cd themes/keep 2git pull
It is not recommended to directly modify any files in the Keep theme. Because this may cause errors (e.g. merge conflicts), and the modified files may be discarded when upgrading the theme.
:art: Contributors
This project exists thanks to all the people who contribute.
We welcome you to join the development of Keep. Please see contributing guide.
:sparkling_heart: Thanks
Keep send special thanks to these great services that sponsor our core infrastructure:
- GitHub allows us to host the Git repository and run the test suite.
- Thanks cdnjs, jsDelivr and UNPKG for providing public CDN service.
:memo: License
Copyright © 2020-present XPoet
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
23 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: GNU Affero General Public License v3.0: LICENSE:0
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:9
Reason
Found 1/11 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/auto-merge.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-merge.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/XPoet/hexo-theme-keep/auto-merge.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/XPoet/hexo-theme-keep/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/XPoet/hexo-theme-keep/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/XPoet/hexo-theme-keep/release.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/release.yml:93
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
4.7
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More