Gathering detailed insights and metrics for html-to-image
Gathering detailed insights and metrics for html-to-image
✂️ Generates an image from a DOM node using HTML5 canvas and SVG.
Installations
npm install html-to-imageDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
20.18.0
NPM Version
10.8.2
Score
98.8
Supply Chain
100
Quality
78
Maintenance
100
Vulnerability
100
License
Releases
60
Languages
5
TypeScript
CSS
HTML
JavaScript
Shell
TypeScript (82.58%)
CSS (7.22%)
HTML (6.46%)
JavaScript (3.55%)
Shell (0.19%)
Developer
bubkoo
Download Statistics
Total Downloads
55,087,274
Last Day
134,393
Last Week
613,499
Last Month
3,015,529
Last Year
26,066,612
GitHub Statistics
MIT License
6,266 Stars
452 Commits
591 Forks
30 Watchers
2 Branches
48 Contributors
Updated on Apr 24, 2025
Bundle Size
13.66 kB
Minified
5.22 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
1.11.13
Package Id
html-to-image@1.11.13
Unpacked Size
307.70 kB
Size
69.41 kB
File Count
82
NPM Version
10.8.2
Node Version
20.18.0
Published on
Feb 14, 2025
Total Downloads
Cumulative downloads
Total Downloads
55,087,274
Last Day
-6.8%
134,393
Compared to previous day
Last Week
-18%
613,499
Compared to previous week
Last Month
4.4%
3,015,529
Compared to previous month
Last Year
75.6%
26,066,612
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
27
@bubkoo/commitlint-config@bubkoo/eslint-config@bubkoo/rollup-config@bubkoo/semantic-release-config@bubkoo/tsconfig@fortawesome/fontawesome-free@types/jasmine@types/pixelmatchcoverallseslinthuskyis-cijasmine-corekarmakarma-chrome-launcherkarma-coveragekarma-jasminekarma-spec-reporterkarma-typescriptnpm-run-allpixelmatchprettierpretty-quickrimrafrolluptslibtypescript
html-to-image
✂️ Generates an image from a DOM node using HTML5 canvas and SVG.
Fork from dom-to-image with more maintainable code and some new features.
Install
1npm install --save html-to-image
Usage
1/* ES6 */ 2import * as htmlToImage from 'html-to-image'; 3import { toPng, toJpeg, toBlob, toPixelData, toSvg } from 'html-to-image'; 4 5/* ES5 */ 6var htmlToImage = require('html-to-image');
All the top level functions accept DOM node and rendering options, and return a promise fulfilled with corresponding dataURL:
Go with the following examples.
toPng
Get a PNG image base64-encoded data URL and display it right away:
1const node = document.getElementById('my-node'); 2 3htmlToImage 4 .toPng(node) 5 .then((dataUrl) => { 6 const img = new Image(); 7 img.src = dataUrl; 8 document.body.appendChild(img); 9 }) 10 .catch((err) => { 11 console.error('oops, something went wrong!', err); 12 });
Get a PNG image base64-encoded data URL and download it (using download):
1htmlToImage 2 .toPng(document.getElementById('my-node')) 3 .then((dataUrl) => download(dataUrl, 'my-node.png'));
toSvg
Get an SVG data URL, but filter out all the <i> elements:
1function filter (node) { 2 return (node.tagName !== 'i'); 3} 4 5htmlToImage 6 .toSvg(document.getElementById('my-node'), { filter: filter }) 7 .then(function (dataUrl) { 8 /* do something */ 9 });
toJpeg
Save and download a compressed JPEG image:
1htmlToImage 2 .toJpeg(document.getElementById('my-node'), { quality: 0.95 }) 3 .then(function (dataUrl) { 4 var link = document.createElement('a'); 5 link.download = 'my-image-name.jpeg'; 6 link.href = dataUrl; 7 link.click(); 8 });
toBlob
Get a PNG image blob and download it (using FileSaver):
1htmlToImage
2 .toBlob(document.getElementById('my-node'))
3 .then(function (blob) {
4 if (window.saveAs) {
5 window.saveAs(blob, 'my-node.png');
6 } else {
7 FileSaver.saveAs(blob, 'my-node.png');
8 }
9 });toCanvas
Get a HTMLCanvasElement, and display it right away:
1htmlToImage
2 .toCanvas(document.getElementById('my-node'))
3 .then(function (canvas) {
4 document.body.appendChild(canvas);
5 });toPixelData
Get the raw pixel data as a Uint8Array with every 4 array elements representing the RGBA data of a pixel:
1var node = document.getElementById('my-node'); 2 3htmlToImage 4 .toPixelData(node) 5 .then(function (pixels) { 6 for (var y = 0; y < node.scrollHeight; ++y) { 7 for (var x = 0; x < node.scrollWidth; ++x) { 8 pixelAtXYOffset = (4 * y * node.scrollHeight) + (4 * x); 9 /* pixelAtXY is a Uint8Array[4] containing RGBA values of the pixel at (x, y) in the range 0..255 */ 10 pixelAtXY = pixels.slice(pixelAtXYOffset, pixelAtXYOffset + 4); 11 } 12 } 13 });
React
1import React, { useCallback, useRef } from 'react'; 2import { toPng } from 'html-to-image'; 3 4const App: React.FC = () => { 5 const ref = useRef<HTMLDivElement>(null) 6 7 const onButtonClick = useCallback(() => { 8 if (ref.current === null) { 9 return 10 } 11 12 toPng(ref.current, { cacheBust: true, }) 13 .then((dataUrl) => { 14 const link = document.createElement('a') 15 link.download = 'my-image-name.png' 16 link.href = dataUrl 17 link.click() 18 }) 19 .catch((err) => { 20 console.log(err) 21 }) 22 }, [ref]) 23 24 return ( 25 <> 26 <div ref={ref}> 27 {/* DOM nodes you want to convert to PNG */} 28 </div> 29 <button onClick={onButtonClick}>Click me</button> 30 </> 31 ) 32}
Options
filter
1(domNode: HTMLElement) => boolean
A function taking DOM node as argument. Should return true if passed node should be included in the output. Excluding node means excluding it's children as well.
You can add filter to every image function. For example,
1const filter = (node: HTMLElement) => { 2 const exclusionClasses = ['remove-me', 'secret-div']; 3 return !exclusionClasses.some((classname) => node.classList?.contains(classname)); 4} 5 6htmlToImage.toJpeg(node, { quality: 0.95, filter: filter});
or
1htmlToImage.toPng(node, {filter:filter})Not called on the root node.
backgroundColor
A string value for the background color, any valid CSS color value.
width, height
Width and height in pixels to be applied to node before rendering.
canvasWidth, canvasHeight
Allows to scale the canva's size including the elements inside to a given width and height (in pixels).
style
An object whose properties to be copied to node's style before rendering. You might want to check this reference for JavaScript names of CSS properties.
quality
A number between 0 and 1 indicating image quality (e.g. 0.92 => 92%) of the JPEG image.
Defaults to 1.0 (100%)
cacheBust
Set to true to append the current time as a query string to URL requests to enable cache busting.
Defaults to false
includeQueryParams
Set false to use all URL as cache key. If the value has falsy value, it will exclude query params from the provided URL.
Defaults to false
imagePlaceholder
A data URL for a placeholder image that will be used when fetching an image fails.
Defaults to an empty string and will render empty areas for failed images.
pixelRatio
The pixel ratio of the captured image. Default use the actual pixel ratio of the device. Set 1 to
use as initial-scale 1 for the image.
preferredFontFormat
The format required for font embedding. This is a useful optimisation when a webfont provider specifies several different formats for fonts in the CSS, for example:
1@font-face { 2 name: 'proxima-nova'; 3 src: url("...") format("woff2"), url("...") format("woff"), url("...") format("opentype"); 4}
Instead of embedding each format, all formats other than the one specified will be discarded. If this option is not specified then all formats will be downloaded and embedded.
fontEmbedCSS
When supplied, the library will skip the process of parsing and embedding webfont URLs in CSS,
instead using this value. This is useful when combined with getFontEmbedCSS() to only perform the
embedding process a single time across multiple calls to library functions.
1const fontEmbedCSS = await htmlToImage.getFontEmbedCSS(element1); 2html2Image.toSVG(element1, { fontEmbedCSS }); 3html2Image.toSVG(element2, { fontEmbedCSS });
skipAutoScale
When supplied, the library will skip the process of scaling extra large doms into the canvas object.
You may experience loss of parts of the image if set to true and you are exporting a very large image.
Defaults to false
type
A string indicating the image format. The default type is image/png; that type is also used if the given type isn't supported. When supplied, the toCanvas function will return a blob matching the given image type and quality.
Defaults to image/png
includeStyleProperties
An array of style property names. Can be used to manually specify which style properties are included when cloning nodes. This can be useful for performance-critical scenarios.
Browsers
Only standard lib is currently used, but make sure your browser supports:
- Promise
- SVG
<foreignObject>tag
It's tested on latest Chrome, Firefox and Safari (49, 45 and 16 respectively at the time of writing), with Chrome performing significantly better on big DOM trees, possibly due to it's more performant SVG support, and the fact that it supports CSSStyleDeclaration.cssText property.
Internet Explorer is not (and will not be) supported, as it does not support SVG <foreignObject> tag.
How it works
There might some day exist (or maybe already exists?) a simple and standard way of exporting parts of the HTML to image (and then this script can only serve as an evidence of all the hoops I had to jump through in order to get such obvious thing done) but I haven't found one so far.
This library uses a feature of SVG that allows having arbitrary HTML content inside of the <foreignObject> tag. So, in order to render that DOM node for you, following steps are taken:
- Clone the original DOM node recursively
- Compute the style for the node and each sub-node and copy it to corresponding clone
- and don't forget to recreate pseudo-elements, as they are not cloned in any way, of course
- Embed web fonts
- find all the
@font-facedeclarations that might represent web fonts - parse file URLs, download corresponding files
- base64-encode and inline content as dataURLs
- concatenate all the processed CSS rules and put them into one
<style>element, then attach it to the clone
- find all the
- Embed images
- embed image URLs in
<img>elements - inline images used in
backgroundCSS property, in a fashion similar to fonts
- embed image URLs in
- Serialize the cloned node to XML
- Wrap XML into the
<foreignObject>tag, then into the SVG, then make it a data URL - Optionally, to get PNG content or raw pixel data as a Uint8Array, create an Image element with the SVG as a source, and render it on an off-screen canvas, that you have also created, then read the content from the canvas
- Done!
Things to watch out for
- If the DOM node you want to render includes a
<canvas>element with something drawn on it, it should be handled fine, unless the canvas is tainted - in this case rendering will rather not succeed. - Rendering will failed on huge DOM due to the dataURI limit varies.
Contributing
Please let us know how can we help. Do check out issues for bug reports or suggestions first.
To become a contributor, please follow our contributing guide.
License
The scripts and documentation in this project are released under the MIT License
No vulnerabilities found.
Reason
30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 8 are checked with a SAST tool
Reason
Found 7/29 approved changesets -- score normalized to 2
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql.yml:16
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql.yml:17
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Warn: no topLevel permission defined: .github/workflows/codeql.yml:1
- Warn: no topLevel permission defined: .github/workflows/label-commands.yml:1
- Warn: no topLevel permission defined: .github/workflows/lock.yml:1
- Warn: no topLevel permission defined: .github/workflows/needs-more-info.yml:1
- Warn: no topLevel permission defined: .github/workflows/potential-duplicates.yml:1
- Warn: no topLevel permission defined: .github/workflows/pr-label-branch-name.yml:1
- Warn: no topLevel permission defined: .github/workflows/pr-label-patch-size.yml:1
- Warn: no topLevel permission defined: .github/workflows/pr-label-status.yml:1
- Warn: no topLevel permission defined: .github/workflows/pr-label-title-body.yml:1
- Warn: no topLevel permission defined: .github/workflows/release.yml:1
- Warn: no topLevel permission defined: .github/workflows/update-authors.yml:1
- Warn: no topLevel permission defined: .github/workflows/update-contributors.yml:1
- Warn: no topLevel permission defined: .github/workflows/update-license.yml:1
- Warn: no topLevel permission defined: .github/workflows/welcome.yml:1
- Info: no jobLevel write permissions found
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/codeql.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/codeql.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/label-commands.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/label-commands.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/label-commands.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/label-commands.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/lock.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/lock.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/lock.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/needs-more-info.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/needs-more-info.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/needs-more-info.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/needs-more-info.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/potential-duplicates.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/potential-duplicates.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/potential-duplicates.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/potential-duplicates.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-label-branch-name.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/pr-label-branch-name.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-label-branch-name.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/pr-label-branch-name.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-label-patch-size.yml:7: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/pr-label-patch-size.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-label-patch-size.yml:8: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/pr-label-patch-size.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-label-patch-size.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/pr-label-patch-size.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-label-status.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/pr-label-status.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-label-status.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/pr-label-status.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-label-title-body.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/pr-label-title-body.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-label-title-body.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/pr-label-title-body.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/release.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/release.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-authors.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/update-authors.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-authors.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/update-authors.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-authors.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/update-authors.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-contributors.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/update-contributors.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-contributors.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/update-contributors.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update-license.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/update-license.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-license.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/update-license.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update-license.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/update-license.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/welcome.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/welcome.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/welcome.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/bubkoo/html-to-image/welcome.yml/master?enable=pin
- Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 31 third-party GitHubAction dependencies pinned
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
30 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
- Warn: Project is vulnerable to: GHSA-q9mw-68c2-j6m5
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Score
4.1
/10
Last Scanned on 2025-04-21
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More