Gathering detailed insights and metrics for jquery-ui
Gathering detailed insights and metrics for jquery-ui
Installations
npm install jquery-uiReleases
6
jQuery UI 1.14.1 released
1.14.1
Published on 30 Oct 2024
jQuery UI 1.14.0 released
1.14.0
Published on 08 Aug 2024
jQuery UI 1.13.3 released
1.13.3
Published on 26 Apr 2024
jQuery UI 1.13.2 released
1.13.2
Published on 14 Jul 2022
jQuery UI 1.13.1 released
1.13.1
Published on 20 Jan 2022
jQuery UI 1.13.0 released
1.13.0
Published on 07 Oct 2021
Developer
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
20.18.0
NPM Version
10.8.2
Statistics
11,257 Stars
7,372 Commits
5,317 Forks
641 Watching
10 Branches
317 Contributors
Updated on 26 Nov 2024
Languages
JavaScript (88.41%)
HTML (9.15%)
CSS (2.44%)
Total Downloads
Cumulative downloads
Total Downloads
133,824,323
Last day
-4.3%
99,269
Compared to previous day
Last week
0.9%
550,645
Compared to previous week
Last month
7.8%
2,353,206
Compared to previous month
Last year
2.5%
25,602,805
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
Dev Dependencies
22
diffgruntyargsrimrafexpressexit-hookgrunt-htmlbody-parsercommitpleasegrunt-eslintgrunt-bowercopyload-grunt-tasksgrunt-git-authorsbrowserstack-localgrunt-compare-sizeselenium-webdrivereslint-config-jquerygrunt-contrib-concatgrunt-contrib-uglifygrunt-contrib-csslintgrunt-contrib-requirejsexpress-body-parser-error-handler
Versions
jQuery UI - Interactions and Widgets for the web
Note: jQuery UI is in maintenance-only mode. Please read the project status blog post for more information.
jQuery UI is a curated set of user interface interactions, effects, widgets, and themes built on top of jQuery. Whether you're building highly interactive web applications, or you just need to add a date picker to a form control, jQuery UI is the perfect choice.
If you want to use jQuery UI, go to jqueryui.com to get started, jqueryui.com/demos/ for demos, api.jqueryui.com for API documentation, or the Using jQuery UI Forum for discussions and questions.
If you want to report a bug/issue, please visit the GitHub issues page. Archive of older bug reports is kept for historical reasons in read-only mode at bugs.jqueryui.com. If any of them still matters to you, please open a bug about it on GitHub, linking to the legacy bugs.jqueryui.com issue for context.
If you are interested in helping develop jQuery UI, you are in the right place. To discuss development with team members and the community, visit the Developing jQuery UI Forum or #jqueryui-dev on irc.freenode.net.
For Contributors
If you want to help and provide a patch for a bugfix or new feature, please take a few minutes and look at our Getting Involved guide. In particular check out the Coding standards and Commit Message Style Guide.
In general, fork the project, create a branch for a specific change and send a pull request for that branch. Don't mix unrelated changes. You can use the commit message as the description for the pull request.
For more information, see the contributing page.
Running the Unit Tests
Run the unit tests manually with appropriate browsers and any local web server. See our environment setup and information on running tests.
You can also run the unit tests npm run test:unit -- --help.
Stable Version
The latest stable version of the package.
Stable Version
1.14.1
HIGH
1
HIGH
0/10
Summary
High severity vulnerability that affects jquery-ui
Affected Versions
< 1.12.0
Patched Versions
1.12.0
MODERATE
7
MODERATE
6.1/10
Summary
jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label
Affected Versions
< 1.13.2
Patched Versions
1.13.2
MODERATE
0/10
Summary
jquery-ui Tooltip widget vulnerable to XSS
Affected Versions
< 1.10.0
Patched Versions
1.10.0
MODERATE
6.1/10
Summary
Cross-site Scripting in jquery-ui
Affected Versions
>= 1.7.0, < 1.10.0
Patched Versions
1.10.0
MODERATE
6.1/10
Summary
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText
Affected Versions
< 1.12.0
Patched Versions
1.12.0
MODERATE
6.5/10
Summary
XSS in the `of` option of the `.position()` util in jquery-ui
Affected Versions
< 1.13.0
Patched Versions
1.13.0
MODERATE
6.5/10
Summary
XSS in `*Text` options of the Datepicker widget in jquery-ui
Affected Versions
< 1.13.0
Patched Versions
1.13.0
MODERATE
6.5/10
Summary
XSS in the `altField` option of the Datepicker widget in jquery-ui
Affected Versions
< 1.13.0
Patched Versions
1.13.0
Reason
19 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:16
- Info: topLevel 'contents' permission set to 'read': .github/workflows/codeql-analysis.yml:11
- Info: topLevel 'contents' permission set to 'read': .github/workflows/filestash.yml:9
- Info: topLevel 'contents' permission set to 'read': .github/workflows/node.js.yml:12
- Info: no jobLevel write permissions found
Reason
no binaries found in the repo
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.txt:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
dependency not pinned by hash detected -- score normalized to 8
Details
- Warn: npmCommand not pinned by hash: .github/workflows/filestash.yml:37
- Warn: npmCommand not pinned by hash: .github/workflows/node.js.yml:136
- Warn: npmCommand not pinned by hash: .github/workflows/node.js.yml:51
- Info: 16 out of 16 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 3 npmCommand dependencies pinned
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 6 commits out of 23 are checked with a SAST tool
Reason
Found 16/24 approved changesets -- score normalized to 6
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
8.2
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More