Gathering detailed insights and metrics for inferno-server
Gathering detailed insights and metrics for inferno-server
Installations
npm install inferno-serverDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>=8
Node Version
21.4.0
NPM Version
lerna/6.6.2/node@v21.4.0+x64 (linux)
Score
98.3
Supply Chain
79.6
Quality
90.1
Maintenance
100
Vulnerability
100
License
Releases
188
Contributors
193
Unable to fetch Contributors
Languages
3
JavaScript
HTML
CSS
JavaScript (99.5%)
HTML (0.46%)
CSS (0.04%)
Developer
Download Statistics
Total Downloads
5,520,773
Last Day
1,830
Last Week
31,956
Last Month
198,926
Last Year
2,280,277
GitHub Statistics
16,099 Stars
6,290 Commits
634 Forks
266 Watching
6 Branches
193 Contributors
Maintainers
5
Package Meta Information
Latest Version
8.2.3
Package Id
inferno-server@8.2.3
Unpacked Size
175.71 kB
Size
24.38 kB
File Count
19
NPM Version
lerna/6.6.2/node@v21.4.0+x64 (linux)
Node Version
21.4.0
Publised On
10 Dec 2023
Total Downloads
Cumulative downloads
Total Downloads
5,520,773
Last day
-81%
1,830
Compared to previous day
Last week
-34.1%
31,956
Compared to previous week
Last month
-7.3%
198,926
Compared to previous month
Last year
29.2%
2,280,277
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Versions
inferno-server
Inferno package for working with the server
This package serves as the entry point of the Server-related rendering paths. It is intended to be paired with the isomorphic Inferno, which will be shipped as inferno to npm.
Install
npm install inferno inferno-server
Contents
- renderToString
- RenderQueueStream
- RenderStream
- renderToStaticMarkup
- renderToString
- streamAsStaticMarkup
- streamAsString
- streamQueueAsStaticMarkup
- streamQueueAsString
Usage
1import { renderToString } from 'inferno-server'; 2 3renderToString(<div>Hello world</div>, container);
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
13 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
SAST tool is run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Info: all commits (2) are checked with a SAST tool
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:28
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:29
- Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
- Info: no jobLevel write permissions found
Reason
Found 2/30 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/infernojs/inferno/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/infernojs/inferno/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/infernojs/inferno/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/infernojs/inferno/codeql-analysis.yml/master?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
24 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-x3m3-4wpv-5vgc
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Score
5.4
/10
Last Scanned on 2024-12-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More