npmpackage.info

Gathering detailed insights and metrics for markdownlint-micromark

markdownlint-micromark - 0.1.12 | npmpackage.info

markdownlint-micromark

A Node.js style checker and lint tool for Markdown/CommonMark files.

0.1.12

5,250

MIT

JavaScript

493.15 kB

39,568,125 5.5

Installations

npm install markdownlint-micromark

Developer Guide

BETA

Typescript

Yes

Module System

ESM

Min. Node Version

>=18

Node Version

20.16.0

NPM Version

10.8.3 Pull Requests

Open

0

Total

801

Closed

102

Merged

699

Issues

Open

78

Total

730

Closed

652

Releases

Unable to fetch releases

Languages

JavaScript

TypeScript

JavaScript (95.16%)

TypeScript (4.84%)

Developer

DavidAnson

Download Statistics

Total Downloads

39,568,125

Last Day

17,834

Last Week

288,718

Last Month

1,266,596

Last Year

23,829,362

GitHub Statistics

MIT License

5,250 Stars

2,048 Commits

786 Forks

69 Watchers

4 Branches

53 Contributors

Updated on Jul 08, 2025

Sponsor this package

https://github.com/sponsors/DavidAnson

Maintainers

View All 53 Contributors

Package Meta Information

Latest Version

0.1.12

Package Id

markdownlint-micromark@0.1.12

Unpacked Size

493.15 kB

Size

141.25 kB

File Count

NPM Version

10.8.3

Node Version

20.16.0

Published on

Oct 22, 2024

Total Downloads

Cumulative downloads

Total Downloads

39,568,125

Last Day

-25.3%

17,834

Compared to previous day

Last Week

-5.7%

288,718

Compared to previous week

Last Month

-6%

1,266,596

Compared to previous month

Last Year

56.2%

23,829,362

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

@microsoft/api-extractor micromark micromark-extension-directive micromark-extension-gfm-autolink-literal micromark-extension-gfm-footnote micromark-extension-gfm-table micromark-extension-math micromark-util-types terser-webpack-plugin webpack webpack-cli

markdownlint-micromark

A trivial package that re-exports some micromark functionality as a CommonJS module

This package is unlikely to be of any use beyond a specific scenario used by markdownlint.

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Maintained

Determines if the project is "actively maintained".

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

License

Determines if the project has defined a license.

9

SAST

Determines if the project uses static code analysis.

1

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 1

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checkers.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/checkers.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checkers.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/checkers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checkers.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/checkers.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checkers.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/checkers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-repos.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/test-repos.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-repos.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/test-repos.yml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:30
Warn: npmCommand not pinned by hash: .github/workflows/test-repos.yml:28
Info: 0 out of 11 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 3 third-party GitHubAction dependencies pinned
Info: 1 out of 3 npmCommand dependencies pinned

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

Score

5.5

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More