Gathering detailed insights and metrics for img-optimize-loader
Gathering detailed insights and metrics for img-optimize-loader
Image webpack loader. Minify image, compress image, encode image(eg: base64) and inline image automaticlly. Support PNG, JPG, JPEG, GIF, WEBP, SVG.
Installations
npm install img-optimize-loaderDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>= 10.13.0
Node Version
12.16.3
NPM Version
6.14.4
Languages
1
JavaScript
JavaScript (100%)
Developer
GaoYYYang
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
54 Stars
16 Commits
7 Forks
1 Watchers
8 Branches
1 Contributors
Updated on Jan 17, 2025
Maintainers
1
Package Meta Information
Latest Version
1.0.7
Package Id
img-optimize-loader@1.0.7
Unpacked Size
35.77 kB
Size
8.64 kB
File Count
10
NPM Version
6.14.4
Node Version
12.16.3
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
10
Peer Dependencies
2
Dev Dependencies
24
@babel/cli@babel/core@babel/preset-env@commitlint/cli@commitlint/config-conventional@webpack-contrib/defaults@webpack-contrib/eslint-config-webpackbabel-jestcommitlint-azure-pipelines-clicross-envdeldel-clieslinteslint-config-prettiereslint-plugin-importhuskyjestjest-junitlint-stagedmemfsnpm-run-allprettierstandard-versionwebpack
image-optimize-loader
This special image optimize webpack loader can:
-
Help you [encode image / inline image] and [compress image / minify image] when loaded with webpack.
-
Help you tranform PNG/JPG images into WEBP when needed.
Its special encoding(inlining) ability is stronger than url-loader, especially useful for performance-optimization scenarios. And it will compress images automatically both for emited image file or inlined images string, without complicated configurations.
Getting Started
To begin, you'll need to install img-optimize-loader:
1$ npm install img-optimize-loader --save-dev
Then, all you need to do is adding the img-optimize-loader to your webpack config.
You don't need to specify extra loaders like
file-loaderorurl-loaderfor your images.img-optimize-loaderwill automaticlly handle everything.
For example:
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 test: /\.(png|jpe?g|webp|git|svg|)$/i, 6 use: [ 7 { 8 loader: 'img-optimize-loader', 9 }, 10 ], 11 }, 12 ], 13 }, 14};
You can import your image. Compression and encoding will happen according to your configuration.
1import file from 'image.png';
Features
1. Encode images and inline them into js/css files.
Encode image with
base64,utf8,latin1,hex,ascii,binary,ucs2
Inline image into JS / CSS files
When I use url-loader to encode images, I can only depend on limit configuration to decide whether to enable encodeing. As we know, the image whose size was smaller than the limit, will always be encoded.
But I found problems when i want to inline a large size image into my entry jsbundle because this image is so important to my first screen rendering; Or when I don't want to inline trivial small images because there is no need to load them in time. I can't improve my page performance in this scene with url-loader.
Now with img-optimize-loader we can take more flexible control on this. We can specify every image whether or not to be encoded easily(using file query)regardless of limit configuration. Still, if we don't specify it, limit configuration will take control.
index.js
1// Always let foo.png be encoded and inlined here regardless of 'limit configuration' 2import encodedImage from './encode.png?__inline'; 3 4// Always emit real image file regardless of 'limit configuration' 5import fileImage from './emit.png?__antiInline';
The query symbol __inline and __antiInline can be customed by your self.
2. Compress your images
The compression algorithm is based on imagemin. It supports images in png, jpg, gif, webp, svg format.
- minify JPEG image
- minify PNG image
- minify GIF image
- minify WEBP image
- minify SVG image
We support 3 levels for you to compress images automaticlly.
| level | description |
|---|---|
| loseless | Only use lossless compress algorithm. Only support png/webp/svg images |
| low | Cause a little distortion,and get small files. It will compress png/jpg/svg/gif images |
| high | Cause more distortion,and get smaller files. It will compress png/jpg/svg/gif images |
To deal with webp images, please refer webp
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 test: /\.(png|jpe?g|webp|git|svg|)$/i, 6 use: [ 7 { 8 loader: `img-optimize-loader`, 9 options: { 10 compress: { 11 // This will take more time and get smaller images. 12 mode: 'high', // 'lossless', 'low' 13 disableOnDevelopment: true, 14 }, 15 }, 16 }, 17 ], 18 }, 19 ], 20 }, 21};
And you can also adjust the compression manually using more params.
1module.exports = { 2 module: { 3 rules: [ 4 { 5 test: /\.(png|jpe?g|webp|git|svg|)$/i, 6 use: [ 7 { 8 loader: 'img-optimize-loader', 9 options: { 10 compress: { 11 // loseless compression for png 12 optipng: { 13 optimizationLevel: 4, 14 }, 15 // lossy compression for png. This will generate smaller file than optipng. 16 pngquant: { 17 quality: [0.2, 0.8], 18 }, 19 // Compression for webp. 20 // You can also tranform jpg/png into webp. 21 webp: { 22 quality: 100, 23 }, 24 // Compression for svg. 25 svgo: true, 26 // Compression for gif. 27 gifsicle: { 28 optimizationLevel: 3, 29 }, 30 // Compression for jpg. 31 mozjpeg: { 32 progressive: true, 33 quality: 60, 34 }, 35 }, 36 }, 37 }, 38 ], 39 }, 40 ], 41 }, 42};
3. Transform your png/jpg into webp
When you enable compress.webp, it will transform your png/jpg into webp files, and there will be no png/jpg files generated. Your source code will directly use webp file instead of png/jpg.
Generally, when you can use webp without incompatibility problem , there will be no need to use png or jpg any more, because webp files are always smaller than their png/jpg origin.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 test: /\.(png|jpe?g|webp|git|svg|)$/i, 6 use: [ 7 { 8 loader: `img-optimize-loader`, 9 options: { 10 compress: { 11 // This will transform your png/jpg into webp. 12 webp: true, 13 disableOnDevelopment: true, 14 }, 15 }, 16 }, 17 ], 18 }, 19 ], 20 }, 21};
Referer to webp configuration for details.
index.js
1// This two images will be transformed into webp and your source code will use the webp format. 2import encodedImage from './encode.png'; 3 4import fileImage from './test.jpg';
Options
name
Type: [string]
Default: 'imgs/[contenthash].[ext]'
Specifies a custom filename template for the target images(s) using the query parameter name. For example, to emit a image from your context directory into the output directory retaining the full directory structure, you might use:
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 name: '[path][name].[ext]', 8 }, 9 }, 10 ], 11 }, 12};
esModule
Type: [Boolean]
Default: false
Decides js modules generated from image. Whether to use the ES modules or commonjs.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 esModule: false, 8 }, 9 }, 10 ], 11 }, 12};
inline.symbol
Type: [String]
Default: __inline
Query symbol used to specify the image that should be encoded and inlined.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 inline: { 8 symbol: '__inline', 9 }, 10 }, 11 }, 12 ], 13 }, 14};
inline.antiSymbol
Type: [String]
Default: __antiInline
Query symbol used to specify the image that should not be encoded and inlined.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 inline: { 8 antiSymbol: '__antiInline', 9 }, 10 }, 11 }, 12 ], 13 }, 14};
inline.limit
Type: [Boolean|Number|String]
Default: 5000
A Number or String specifying the maximum size of a encoded image in bytes. If the image size is equal or greater than the limit file-loader will be used (by default) and all query parameters are passed to it.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 inline: { 8 antiSymbol: '__antiInline', 9 }, 10 }, 11 }, 12 ], 13 }, 14};
inline.mimetype
Type: Boolean|String
Default: based from mime-types
Specify the mimetype which the file will be inlined with.
If unspecified the mimetype value will be used from mime-types.
Boolean
The true value allows to generation the mimetype part from mime-types.
The false value removes the mediatype part from a Data URL (if omitted, defaults to text/plain;charset=US-ASCII).
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 inline: { 8 mimetype: false, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
String
Sets the MIME type for the file to be transformed.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 inline: { 8 mimetype: 'image/png', 9 }, 10 }, 11 }, 12 ], 13 }, 14};
inline.encoding
Type: Boolean|String
Default: base64
Specify the encoding which the file will be inlined with.
If unspecified the encoding will be base64.
Boolean
If you don't want to use any encoding you can set encoding to false however if you set it to true it will use the default encoding base64.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 test: /\.svg$/i, 6 use: [ 7 { 8 loader: `img-optimize-loader`, 9 options: { 10 inline: { 11 encoding: false, 12 }, 13 }, 14 }, 15 ], 16 }, 17 ], 18 }, 19};
String
It supports Node.js Buffers and Character Encodings which are ["utf8","utf16le","latin1","base64","hex","ascii","binary","ucs2"].
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 inline: { 8 encoding: 'utf8', 9 }, 10 }, 11 }, 12 ], 13 }, 14};
inline.generator
Type: Function
Default: (mimetype, encoding, content, resourcePath) => mimetype;encoding,base64_content
You can create you own custom implementation for encoding data.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 inline: { 8 // The `mimetype` and `encoding` arguments will be obtained from your options 9 // The `resourcePath` argument is path to file. 10 generator: (content, mimetype, encoding, resourcePath) => { 11 if (/\.html$/i.test(resourcePath)) { 12 return `data:${mimetype},${content.toString()}`; 13 } 14 15 return `data:${mimetype}${ 16 encoding ? `;${encoding}` : '' 17 },${content.toString(encoding)}`; 18 }, 19 }, 20 }, 21 }, 22 ], 23 }, 24};
compress.mode
Type: string
Default: low
Specify the compress level.
| level | description |
|---|---|
| loseless | Only use lossless compress algorithm. Only support png/webp/svg images |
| low | Cause a little distortion,and get small files. It will compress png/jpg/svg/webp/gif images |
| high | Cause more distortion,and get smaller files. It will compress png/jpg/svg/webp/gif images |
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 mode: 'high', 9 }, 10 }, 11 }, 12 ], 13 }, 14};
compress.mozjpeg
Type: [Object|Boolean]
Compress jpg images.
Boolean
If you don't want to compress jpg files, you can set mozjpeg to false however if you set it to true it will generator the settings according to compress.mode configuration.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 mozjpeg: false, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Object
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 mozjpeg: {}, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Link to mozjpeg configuration
compress.optipng
Type: [Object|Boolean]
Compress png images.
Boolean
If you don't want to use optipng to compress png files, you can set optipng to false however if you set it to true it will generator the settings according to compress.mode configuration.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 optipng: false, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Object
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 optipng: {}, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Link to optipng configuration
compress.pngquant
Type: [Object|Boolean]
Compress png images.
Boolean
If you don't want to use pngquant to compress png files, you can set pngquant to false however if you set it to true it will generator the settings according to compress.mode configuration.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 pngquant: false, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Object
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 pngquant: {}, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Link to pngquant configuration
compress.svgo
Type: [Object|Boolean]
Compress svg images.
Boolean
If you don't want to compress svg files, you can set svgo to false however if you set it to true it will generator the settings according to compress.mode configuration.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 svgo: false, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Object
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 svgo: {}, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Link to svgo configuration
compress.gifsicle
Type: [Object|Boolean]
Compress gif images.
Boolean
If you don't want to compress gif files, you can set gifsicle to false however if you set it to true it will generator the settings according to compress.mode configuration.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 gifsicle: false, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Object
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 gifsicle: {}, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
compress.webp
Type: [Object|Boolean]
Default: false
Transform png/jpg into webp. Compress webp files.
Boolean
If you want to transform png/jpg into webp, you can set webp to true.
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 webp: true, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Object
webpack.config.js
1module.exports = { 2 module: { 3 rules: [ 4 { 5 loader: `img-optimize-loader`, 6 options: { 7 compress: { 8 webp: {}, 9 }, 10 }, 11 }, 12 ], 13 }, 14};
Link to webp configuration
Inspiration
License
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/GaoYYYang/image-optimize-loader/node.js.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/GaoYYYang/image-optimize-loader/node.js.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/GaoYYYang/image-optimize-loader/node.js.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/GaoYYYang/image-optimize-loader/node.js.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/GaoYYYang/image-optimize-loader/node.js.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/GaoYYYang/image-optimize-loader/node.js.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/node.js.yml:44
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 3 out of 4 npmCommand dependencies pinned
Reason
Found 0/16 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no SAST tool detected
Details
- Warn: no pull requests merged into dev branch
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/node.js.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
66 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-r9p9-mrjm-926w
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-7r28-3m3f-r2pr
- Warn: Project is vulnerable to: GHSA-r8j5-h5cx-65gg
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
- Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
- Warn: Project is vulnerable to: GHSA-8g77-54rh-46hx
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6
- Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx
- Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
- Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
- Warn: Project is vulnerable to: GHSA-4rq4-32rv-6wp6
- Warn: Project is vulnerable to: GHSA-64g7-mvw6-v9qj
- Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
- Warn: Project is vulnerable to: GHSA-7xcx-6wjh-7xp2
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
2.7
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More