Gathering detailed insights and metrics for javascript-typescript-langserver-fast
Installations
npm install javascript-typescript-langserver-fastDeveloper Guide
BETA
Typescript
No
Module System
N/A
Min. Node Version
>=6.0.0
Node Version
8.9.1
NPM Version
5.5.1
Score
59.7
Supply Chain
96.8
Quality
71.9
Maintenance
50
Vulnerability
83.3
License
Releases
27
Contributors
186
Unable to fetch Contributors
Languages
2
TypeScript
JavaScript
TypeScript (99.2%)
JavaScript (0.8%)
Developer
Download Statistics
Total Downloads
2,564
Last Day
7
Last Week
14
Last Month
38
Last Year
202
GitHub Statistics
793 Stars
811 Commits
72 Forks
77 Watching
83 Branches
186 Contributors
Maintainers
1
Package Meta Information
Latest Version
0.0.8
Package Id
javascript-typescript-langserver-fast@0.0.8
Unpacked Size
1.02 MB
Size
188.86 kB
File Count
101
NPM Version
5.5.1
Node Version
8.9.1
Total Downloads
Cumulative downloads
Total Downloads
2,564
Last day
-36.4%
7
Compared to previous day
Last week
27.3%
14
Compared to previous week
Last month
100%
38
Compared to previous month
Last year
-18.5%
202
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
19
Dev Dependencies
28
@sourcegraph/prettierrc@sourcegraph/tsconfig@sourcegraph/tslint-config@types/chai@types/chai-as-promised@types/glob@types/lodash@types/mocha@types/mz@types/node@types/object-hash@types/rimraf@types/sinon@types/tempcommitizencz-conventional-changeloghuskymochanycprettierrimrafsemantic-releasesinonsource-map-supporttemptslinttslint-language-servicevalidate-commit-msg
Versions
JavaScript/TypeScript language server
This is a language server for JavaScript and TypeScript that adheres to the Language Server Protocol (LSP). It uses TypeScript's LanguageService to perform source code analysis.
Try it out
- On sourcegraph.com
- In Visual Studio Code (as an alternative to the built-in TypeScript integration)
- In Eclipse Che
- In NeoVim
- In Sublime Text
Features
- Hovers
- Goto definition
- Goto type definition
- Find all references
- Document symbols
- Workspace symbol search
- Rename
- Completion
- Signature help
- Diagnostics
- Quick fixes
Run it from source
1# install dependencies 2npm install 3 4# compile 5npm run build 6# or compile on file changes 7npm run watch 8 9# run over STDIO 10node lib/language-server-stdio 11# or run over TCP 12node lib/language-server 13 14# run tests 15npm test
Options
Usage: language-server [options]
Options:
-h, --help output usage information
-V, --version output the version number
-s, --strict enabled strict mode
-p, --port [port] specifies LSP port to use (2089)
-c, --cluster [num] number of concurrent cluster workers (defaults to number of CPUs, 8)
-t, --trace print all requests and responses
-l, --logfile [file] log to this file
-j, --enable-jaeger enable OpenTracing through Jaeger
Extensions
This language server implements some LSP extensions, prefixed with an x.
- Files extension Allows the server to request file contents without accessing the file system
- SymbolDescriptor extension Get a SymbolDescriptor for a symbol, search the workspace for symbols or references to it
- Streaming Supports streaming partial results for all endpoints through JSON Patches
- Packages extension Methods to get information about dependencies
- TCP / multiple client support
When running over TCP, the
exitnotification will not kill the process, but close the TCP socket
Versioning
This project follows semver for command line arguments and standard LSP methods. Any change to command line arguments, Node version or protocol breaking changes will result in a major version increase.
Debugging Performance with OpenTracing
The language server is fully traced through OpenTracing, which allows to debug what exact operations caused method calls to take long.
You can pass a span context through an optional meta field on the JSON RPC message object.
For local development, there is built-in support for the open source OpenTracing implementation Jaeger, which can be set up to run on localhost with just one command (you need Docker installed):
docker run -d -p5775:5775/udp -p6831:6831/udp -p6832:6832/udp \
-p5778:5778 -p16686:16686 -p14268:14268 jaegertracing/all-in-one:latest
After that, run the language server with the --enable-jaeger command line flag and do some requests from your client.
Open http://localhost:16686 in your browser and you will see method calls broken down into spans.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: Apache License 2.0: LICENSE:0
Reason
Found 1/2 approved changesets -- score normalized to 5
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/lsif.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lsif.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/sourcegraph/javascript-typescript-langserver/lsif.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/lsif.yml:12
- Info: 0 out of 1 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
59 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm
- Warn: Project is vulnerable to: GHSA-8gh8-hqwg-xf34
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-q42p-pg8m-cqh6
- Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
- Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
- Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
- Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-pc5p-h8pf-mvwp
- Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37
- Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
- Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
- Warn: Project is vulnerable to: GHSA-675m-85rw-j3w4
- Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp
- Warn: Project is vulnerable to: GHSA-jf85-cpcp-j695
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-xf5p-87ch-gxw2
- Warn: Project is vulnerable to: GHSA-5v2h-r2cx-5xgj
- Warn: Project is vulnerable to: GHSA-rrrm-qjm4-v8hf
- Warn: Project is vulnerable to: GHSA-4xcv-9jjx-gfj3
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-fhjf-83wg-r2j9
- Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-4p35-cfcx-8653
- Warn: Project is vulnerable to: GHSA-7f3x-x4pr-wqhj
- Warn: Project is vulnerable to: GHSA-jpp7-7chh-cf67
- Warn: Project is vulnerable to: GHSA-q6wq-5p59-983w
- Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
- Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg
- Warn: Project is vulnerable to: GHSA-r2j6-p67h-q639
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp
- Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr
- Warn: Project is vulnerable to: GHSA-29xr-v42j-r956
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-38fc-wpqx-33j7
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
Score
3.3
/10
Last Scanned on 2025-01-20
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More