npmpackage.info

Gathering detailed insights and metrics for markdownlint-micromark

markdownlint-micromark - 0.1.12 | npmpackage.info

markdownlint-micromark

A Node.js style checker and lint tool for Markdown/CommonMark files.

0.1.12

5,247

MIT

JavaScript

493.15 kB

39,568,125 5.5

Installations

npm install markdownlint-micromark

Developer Guide

BETA

Typescript

Yes

Module System

ESM

Min. Node Version

>=18

Node Version

20.16.0

NPM Version

10.8.3 Pull Requests

Open

2

Total

796

Closed

99

Merged

695

Issues

Open

78

Total

729

Closed

651

Releases

Unable to fetch releases

Languages

JavaScript

TypeScript

JavaScript (95.16%)

TypeScript (4.84%)

Developer

DavidAnson

Download Statistics

Total Downloads

39,568,125

Last Day

17,834

Last Week

288,718

Last Month

1,266,596

Last Year

23,829,362

GitHub Statistics

MIT License

5,247 Stars

2,048 Commits

785 Forks

69 Watchers

16 Branches

53 Contributors

Updated on Jul 05, 2025

Sponsor this package

https://github.com/sponsors/DavidAnson

Maintainers

View All 53 Contributors

Package Meta Information

Latest Version

0.1.12

Package Id

markdownlint-micromark@0.1.12

Unpacked Size

493.15 kB

Size

141.25 kB

File Count

NPM Version

10.8.3

Node Version

20.16.0

Published on

Oct 22, 2024

Total Downloads

Cumulative downloads

Total Downloads

39,568,125

Last Day

-25.3%

17,834

Compared to previous day

Last Week

-5.7%

288,718

Compared to previous week

Last Month

-6%

1,266,596

Compared to previous month

Last Year

56.2%

23,829,362

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

@microsoft/api-extractor micromark micromark-extension-directive micromark-extension-gfm-autolink-literal micromark-extension-gfm-footnote micromark-extension-gfm-table micromark-extension-math micromark-util-types terser-webpack-plugin webpack webpack-cli

markdownlint-micromark

A trivial package that re-exports some micromark functionality as a CommonJS module

This package is unlikely to be of any use beyond a specific scenario used by markdownlint.

No vulnerabilities found.

10

Maintained

Determines if the project is "actively maintained".

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

9

SAST

Determines if the project uses static code analysis.

1

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 1

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checkers.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/checkers.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checkers.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/checkers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checkers.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/checkers.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checkers.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/checkers.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql-analysis.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/codeql-analysis.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-repos.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/test-repos.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-repos.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/DavidAnson/markdownlint/test-repos.yml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:30
Warn: npmCommand not pinned by hash: .github/workflows/test-repos.yml:28
Info: 0 out of 11 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 3 third-party GitHubAction dependencies pinned
Info: 1 out of 3 npmCommand dependencies pinned

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

Score

5.5

/10

Last Scanned on 2025-06-30

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More