Gathering detailed insights and metrics for i18n-calypso
Gathering detailed insights and metrics for i18n-calypso
Installations
npm install i18n-calypsoReleases
42
WP-Desktop 6.15.0 [updater redirect to wp-desktop repository]
v6.15.0
Published on 02 Jun 2021
WP-Desktop 6.15.0-beta1
v6.15.0-beta1
Published on 05 May 2021
WP-Desktop 6.14.0
v6.14.0
Published on 03 May 2021
WP-Desktop 6.14.0-beta1
v6.14.0-beta1
Published on 19 Apr 2021
WP-Desktop 6.13.0
v6.13.0
Published on 06 Apr 2021
WP-Desktop 6.13.0-beta1
v6.13.0-beta1
Published on 22 Mar 2021
Developer
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
Yes
Node Version
NPM Version
Statistics
12,434 Stars
71,460 Commits
1,988 Forks
486 Watching
3,159 Branches
911 Contributors
Updated on 27 Nov 2024
Languages
TypeScript (46.93%)
JavaScript (42.98%)
SCSS (9.74%)
PHP (0.14%)
HTML (0.12%)
Shell (0.04%)
CSS (0.02%)
Dockerfile (0.01%)
Makefile (0.01%)
Handlebars (0.01%)
Ruby (0.01%)
Total Downloads
Cumulative downloads
Total Downloads
1,307,553
Last day
118.6%
4,554
Compared to previous day
Last week
26.3%
14,376
Compared to previous week
Last month
154.9%
44,213
Compared to previous month
Last year
379.7%
707,832
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
Calypso
Calypso is the new WordPress.com front-end – a beautiful redesign of the WordPress dashboard using a single-page web application, powered by the WordPress.com REST API. Calypso is built for reading, writing, and managing all of your WordPress sites in one place.
It’s built with JavaScript – a very light node plus express server, React.js, Redux, wpcom.js, and many other wonderful libraries on the front-end.
You can read more about Calypso at developer.wordpress.com/calypso.
Getting Started
You can try out the user-side of Calypso on WordPress.com (a lot of the logged-in area is Calypso; if in doubt, view source), you can poke around the code here on GitHub, or you can install it and run it locally. The latter is the most fun.
- Make sure you have
git,node, andyarninstalled. - Clone this repository locally.
- Add
127.0.0.1 calypso.localhostto your localhostsfile. - Execute
yarnand thenyarn startfrom the root directory of the repository. - Open
calypso.localhost:3000in your browser.
Need more detailed installation instructions? We have them.
Contributing
If Calypso sparks your interest, don’t hesitate to send a pull request, send a suggestion, file a bug, or just ask a question. We promise we’ll be nice. Just don’t forget to check out our CONTRIBUTING doc – it includes a few technical details that will make the process a lot smoother.
Calypso welcomes – and indeed has been built by – contributors from all walks of life, with different backgrounds, and with a wide range of experience. We're committed to doing our part to make both Calypso and the wider WordPress community welcoming to everyone.
You can contribute in many ways. You can help reporting, testing, and detailing bugs, and also test new features we release in our "beta" program for testing on Horizon.
To clarify these expectations, Calypso has adopted the code of conduct defined by the Contributor Covenant. It can be read in full here.
Security
Need to report a security vulnerability? Go to https://automattic.com/security/ or directly to our security bug bounty site https://hackerone.com/automattic.
Our security policy can be read in full here.
Browser Support
We support the latest two versions of all major browsers. (see Browse Happy for current latest versions).
Troubleshooting
If you have any problems running Calypso, please see the most common issues.
License
Calypso is licensed under GNU General Public License v2 (or later).
No vulnerabilities found.
Reason
30 commit(s) and 9 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: GNU General Public License v2.0: LICENSE.md:0
Reason
no binaries found in the repo
Reason
Found 20/30 approved changesets -- score normalized to 6
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/apply-stale-closure-label.yml:1
- Warn: no topLevel permission defined: .github/workflows/calypso-live.yml:1
- Warn: no topLevel permission defined: .github/workflows/gardening.yml:1
- Warn: no topLevel permission defined: .github/workflows/icfy-stats.yml:1
- Warn: no topLevel permission defined: .github/workflows/is-calypso-channel-green.yml:1
- Warn: no topLevel permission defined: .github/workflows/is-pull-request.yml:1
- Warn: no topLevel permission defined: .github/workflows/lighthouse-review-requested.yml:1
- Warn: no topLevel permission defined: .github/workflows/mark-issue-stale.yml:1
- Warn: no topLevel permission defined: .github/workflows/renovate.yml:1
- Warn: no topLevel permission defined: .github/workflows/sentry-release.yml:1
- Info: no jobLevel write permissions found
Reason
Project has not signed or included provenance with any releases.
Details
- Warn: release artifact v6.15.0 not signed: https://api.github.com/repos/Automattic/wp-calypso/releases/43946544
- Warn: release artifact v6.15.0-beta1 not signed: https://api.github.com/repos/Automattic/wp-calypso/releases/42382645
- Warn: release artifact v6.14.0 not signed: https://api.github.com/repos/Automattic/wp-calypso/releases/42260963
- Warn: release artifact v6.14.0-beta1 not signed: https://api.github.com/repos/Automattic/wp-calypso/releases/41616676
- Warn: release artifact v6.13.0 not signed: https://api.github.com/repos/Automattic/wp-calypso/releases/40793350
- Warn: release artifact v6.15.0 does not have provenance: https://api.github.com/repos/Automattic/wp-calypso/releases/43946544
- Warn: release artifact v6.15.0-beta1 does not have provenance: https://api.github.com/repos/Automattic/wp-calypso/releases/42382645
- Warn: release artifact v6.14.0 does not have provenance: https://api.github.com/repos/Automattic/wp-calypso/releases/42260963
- Warn: release artifact v6.14.0-beta1 does not have provenance: https://api.github.com/repos/Automattic/wp-calypso/releases/41616676
- Warn: release artifact v6.13.0 does not have provenance: https://api.github.com/repos/Automattic/wp-calypso/releases/40793350
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/apply-stale-closure-label.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/apply-stale-closure-label.yml/trunk?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/apply-stale-closure-label.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/apply-stale-closure-label.yml/trunk?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/apply-stale-closure-label.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/apply-stale-closure-label.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/calypso-live.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/calypso-live.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/calypso-live.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/calypso-live.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gardening.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/gardening.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gardening.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/gardening.yml/trunk?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/gardening.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/gardening.yml/trunk?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/gardening.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/gardening.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/icfy-stats.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/icfy-stats.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/icfy-stats.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/icfy-stats.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/icfy-stats.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/icfy-stats.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mark-issue-stale.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/mark-issue-stale.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/mark-issue-stale.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/mark-issue-stale.yml/trunk?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/mark-issue-stale.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/mark-issue-stale.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/renovate.yml:58: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/renovate.yml/trunk?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/renovate.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/renovate.yml/trunk?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/renovate.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/renovate.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/renovate.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/renovate.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/renovate.yml:120: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/renovate.yml/trunk?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sentry-release.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/sentry-release.yml/trunk?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/sentry-release.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/Automattic/wp-calypso/sentry-release.yml/trunk?enable=pin
- Warn: containerImage not pinned by hash: Dockerfile:6
- Warn: containerImage not pinned by hash: Dockerfile:12
- Warn: containerImage not pinned by hash: Dockerfile:21
- Warn: containerImage not pinned by hash: Dockerfile:85
- Warn: containerImage not pinned by hash: Dockerfile:93
- Warn: containerImage not pinned by hash: Dockerfile.base:5
- Warn: containerImage not pinned by hash: Dockerfile.base:33
- Warn: containerImage not pinned by hash: Dockerfile.base:70
- Warn: containerImage not pinned by hash: Dockerfile.base:107
- Warn: containerImage not pinned by hash: desktop/Dockerfile:1: pin your Docker image by updating debian:latest to debian:latest@sha256:10901ccd8d249047f9761845b4594f121edef079cfd8224edebd9ea726f0a7f6
- Warn: containerImage not pinned by hash: packages/wp-babel-makepot/Dockerfile:1: pin your Docker image by updating node:22.9.0 to node:22.9.0@sha256:8398ea18b8b72817c84af283f72daed9629af2958c4f618fe6db4f453c5c9328
- Warn: downloadThenRun not pinned by hash: Dockerfile.base:117-128
- Warn: downloadThenRun not pinned by hash: desktop/Dockerfile:25
- Warn: npmCommand not pinned by hash: desktop/Dockerfile:28-32
- Warn: npmCommand not pinned by hash: packages/wp-babel-makepot/Dockerfile:15
- Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 8 third-party GitHubAction dependencies pinned
- Info: 0 out of 11 containerImage dependencies pinned
- Info: 0 out of 2 downloadThenRun dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
53 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-2rxp-v6pw-ch6m
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-257v-vj4p-3w2h
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-593m-55hh-j8gv
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-r4pf-3v7r-hh55
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-36jr-mh4h-2g58
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-9jxc-qjr9-vjxq
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-282f-qqgm-c34q
- Warn: Project is vulnerable to: GHSA-4wx3-54gh-9fr9
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-gg8r-xjwq-4w92
- Warn: Project is vulnerable to: GHSA-hgqx-r2hp-jr38
- Warn: Project is vulnerable to: GHSA-v65r-p3vv-jjfv
- Warn: Project is vulnerable to: GHSA-v626-r774-j7f8
- Warn: Project is vulnerable to: GHSA-9hcv-j9pv-qmph
- Warn: Project is vulnerable to: GHSA-w9jx-4g6g-rp7x
- Warn: Project is vulnerable to: GHSA-438c-3975-5x3f
- Warn: Project is vulnerable to: GHSA-5359-pvf2-pw78
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-mgfv-m47x-4wqp
- Warn: Project is vulnerable to: MAL-2022-7233
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
4.6
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More