Gathering detailed insights and metrics for lz-string
Gathering detailed insights and metrics for lz-string
Installations
npm install lz-stringReleases
15
Typescript conversion and bundler updates
2.0.0-rc.0
Published on 20 Jun 2023
Changed to MIT license
1.4.5
Published on 20 Jun 2023
Minified version
1.5.0
Published on 20 Jun 2023
Fix for IE6&7
1.4.4
Published on 25 May 2015
amd loaders code and typescript support
1.4.3
Published on 26 Apr 2015
Bugfix in decompressFromEncodedURIComponent
1.4.2
Published on 25 Mar 2015
Developer
pieroxy
Developer Guide
BETA
Module System
CommonJS
Min. Node Version
Typescript Support
No
Node Version
16.19.1
NPM Version
8.19.3
Statistics
4,136 Stars
248 Commits
569 Forks
87 Watching
9 Branches
28 Contributors
Updated on 28 Nov 2024
Languages
TypeScript (77.12%)
Shell (14.81%)
JavaScript (8.07%)
Total Downloads
Cumulative downloads
Total Downloads
1,543,674,456
Last day
-6.7%
2,287,377
Compared to previous day
Last week
2.4%
12,868,021
Compared to previous week
Last month
7.5%
53,946,626
Compared to previous month
Last year
21.4%
568,770,787
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Versions
lz-string
LZ-based compression algorithm for JavaScript
[!IMPORTANT] The file layout has changed in version 2, this is now a joint
commonjs/esmoduleproject so modern build tools should be happy with it, but if importing a file directly (such as in a direct javascript project) it is important to use the correct one.
[!TIP] The "old style" minified AMD file is available as
dist/index.umd.jsvia various CDNs or package managers.
Install via npm
1$ npm install -g lz-string 2$ lz-string input.txt > output.txt
Home page
Home page for this program with examples, documentation and a live demo: http://pieroxy.net/blog/pages/lz-string/index.html
Command line
If installed globally there is a command line tool available, and a test suite that can use it to show things are working properly. If other langauges build a command line tool that supports the same arguments then the test suite can be run against them too.
1$ lz-string -h 2Usage: cli [options] [input-file] 3 4Use lz-string to compress or decompress a file 5 6Arguments: 7 input-file file to process, if no file then read from stdin 8 9Options: 10 -V, --version output the version number 11 -d, --decompress if unset then this will compress 12 -e, --encoder <type> character encoding to use (choices: "base64", "encodeduri", "raw", "uint8array", "utf16", default: "raw") 13 -v, --verify verify before returning (default: true) 14 -b, --binary <file> lz-string binary to use (default: "../dist/index.js") 15 -l, --legacy use legacy mode where uint8array decompression must be an even length 16 -o, --output <output-file> output file, otherwise write to stdout 17 -q, --quiet don't print any error messages 18 -h, --help display help for command
Other languages
This lib has numerous ports to other languages, for server side processing, mostly. Here they are:
[!CAUTION] These are all developed separately, so if you are using two versions to transfer data (such as a client and server version) it is important to check that they are compatible and have identical behaviours on the data!
[!NOTE] Version 1.3.8 of this package had a slight change in the encoding which might impact compatibility.
- Java: by Diogo Duailibe
- Java: by rufushuang, with base64 support and better performances
- C#: by Jawa-the-Hutt
- C#: by kreudom, another implementation in C#, more up to date
- PHP: by nullpunkt
- Python3: by eduardtomasek
- Another Python: by marcel-dancak
- Ruby by Altivi
- Go I helped a friend to write a Go implementation of the decompression algorithm
- Go Austin wrote the decompression part as well
- Go by daku10, another implementation supports multiple encoding formats and can be used as a CLI tool
- Elixir by Michael Shapiro
- C++/QT by AmiArt
- C++ by Andrey Krasnov, another implementation in C++11
- VB.NET by gsemac
- Salesforce Apex (Java like language): bilal did the port
- Kotlin: from Zen Liu
- Dart: from skipness
- Haxe: from markknol
- Rust: from adumbidiot
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
SAST tool is run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Info: all commits (14) are checked with a SAST tool
Reason
6 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:61: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:94: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:95: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:115: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:119: update your workflow using https://app.stepsecurity.io/secureworkflow/pieroxy/lz-string/ci.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: test/profiles/legacy.sh:6
- Info: 0 out of 13 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 4 third-party GitHubAction dependencies pinned
- Info: 4 out of 5 npmCommand dependencies pinned
Reason
Found 1/17 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:46
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:70
- Warn: jobLevel 'checks' permission set to 'write': .github/workflows/ci.yml:90
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:91
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:24
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/ci.yml:23
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
Reason
0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Score
4.3
/10
Last Scanned on 2024-11-18
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More