Gathering detailed insights and metrics for isutf8
Gathering detailed insights and metrics for isutf8
Quick check if a Node.js Buffer or Uint8Array is UTF-8
Installations
npm install isutf8Developer Guide
BETA
Typescript
No
Module System
CommonJS
Min. Node Version
>= 12
Node Version
22.6.0
NPM Version
10.8.2
Score
99.5
Supply Chain
81.5
Quality
76.8
Maintenance
100
Vulnerability
100
License
Releases
14
Contributors
1
Unable to fetch Contributors
Languages
2
TypeScript
JavaScript
TypeScript (81.46%)
JavaScript (18.54%)
Developer
Download Statistics
Total Downloads
24,464,855
Last Day
22,617
Last Week
92,512
Last Month
457,299
Last Year
5,209,486
GitHub Statistics
21 Stars
117 Commits
3 Forks
3 Watching
2 Branches
1 Contributors
Bundle Size
706.00 B
Minified
369.00 B
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
4.0.1
Package Id
isutf8@4.0.1
Unpacked Size
8.26 kB
Size
2.47 kB
File Count
6
NPM Version
10.8.2
Node Version
22.6.0
Publised On
27 Aug 2024
Total Downloads
Cumulative downloads
Total Downloads
24,464,855
Last day
-2.9%
22,617
Compared to previous day
Last week
-24.1%
92,512
Compared to previous week
Last month
17.6%
457,299
Compared to previous month
Last year
0.2%
5,209,486
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
isutf8
Quick check if a Node.js Buffer or Uint8Array is valid UTF-8.
Advantages
- Ultra-small package size
- No dependencies
- No pre-compilation
Install
npm install isutf8
Usage
CommonJS
1const isUtf8 = require('isutf8'); 2 3const buf = Buffer.from([0xd0, 0x90]); 4console.log(isUtf8(buf)); // => boolean 5 6// or 7 8const arr = new Uint8Array([0xd0, 0x90]); 9console.log(isUtf8(arr)); // => boolean 10
ES Modules or TypeScript
1import isUtf8 from 'isutf8'; 2 3const buf = Buffer.from([0xd0, 0x90]); 4console.log(isUtf8(buf)); // => boolean 5 6// or 7 8const arr = new Uint8Array([0xd0, 0x90]); 9console.log(isUtf8(arr)); // => boolean
License
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
2 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 0 commits out of 18 are checked with a SAST tool
Reason
dependency not pinned by hash detected -- score normalized to 1
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/hcodes/isutf8/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/hcodes/isutf8/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/hcodes/isutf8/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/hcodes/isutf8/codeql-analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/hcodes/isutf8/nodejs.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/hcodes/isutf8/nodejs.yml/master?enable=pin
- Info: 0 out of 6 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
Found 0/13 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/codeql-analysis.yml:28
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:29
- Warn: no topLevel permission defined: .github/workflows/codeql-analysis.yml:1
- Warn: no topLevel permission defined: .github/workflows/nodejs.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
4.1
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More