npmpackage.info

multishift

ProseMirror toolkit for React 🎉

2.0.10

2,787

MIT

TypeScript

14.29 kB

3,547,313 3.5

Installations

npm install multishift

Developer Guide

BETA

Typescript

Yes

Module System

ESM

Node Version

18.20.4

NPM Version

10.7.0 Pull Requests

Open

29

Total

1,484

Closed

129

Merged

1,326

Issues

Open

166

Total

658

Closed

492

Releases

529

remirror@3.0.1

Published on 01 Aug 2024

@remirror/react@3.0.1

Published on 01 Aug 2024

remirror@3.0.0

Published on 30 Jul 2024

@remirror/pm@3.0.0

Published on 30 Jul 2024

@remirror/react@3.0.0

Published on 30 Jul 2024

remirror@3.0.0-rc.9

Published on 30 Jul 2024

View all 529 releases

Contributors

View all 74 contributors

Languages

TypeScript

CSS

JavaScript

HTML

TypeScript (95.56%)

CSS (3.65%)

JavaScript (0.79%)

Love this project? Help keep it running — sponsor us today! 🚀

Developer

remirror

Download Statistics

Total Downloads

3,547,313

Last Day

281

Last Week

281

Last Month

122,424

Last Year

1,600,699

GitHub Statistics

2,787 Stars

2,882 Commits

249 Forks

19 Watching

62 Branches

74 Contributors

Bundle Size

45.35 kB

Minified

14.29 kB

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

2.0.10

Package Id

multishift@2.0.10

Unpacked Size

424.42 kB

Size

91.74 kB

File Count

NPM Version

10.7.0

Node Version

18.20.4

Publised On

30 Jul 2024

Total Downloads

Cumulative downloads

Total Downloads

3,547,313

Last day

281

Compared to previous day

Last week

-98.9%

281

Compared to previous week

Last month

122,424

Compared to previous month

Last year

31.6%

1,600,699

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Versions

multishift

Docs coming soon.

No vulnerabilities found.

10

License

Determines if the project has defined a license.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

7

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Security-Policy

Determines if the project has published a security policy.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:129: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/ci.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/e2e.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/label-pull-requests.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/label-pull-requests.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/label-sponsors.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/label-sponsors.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr-name-linter.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/pr-name-linter.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-name-linter.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/pr-name-linter.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-pr.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-pr.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-pr.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-v1.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v1.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v1.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v1.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v1.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v1.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v1.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v1.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v1.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v1.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v1.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v1.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v1.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v1.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-v3.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v3.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v3.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v3.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v3.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v3.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v3.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v3.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v3.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v3.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v3.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v3.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-v3.yml:81: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish-v3.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/publish.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/rebase.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/rebase.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/rebase.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/rebase.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/storybook.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/storybook.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/storybook.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/storybook.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/storybook.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/storybook.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/version.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/version.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/version.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/remirror/remirror/version.yml/main?enable=pin
Warn: npmCommand not pinned by hash: .github/workflows/pr-name-linter.yml:21
Info: 0 out of 17 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 26 third-party GitHubAction dependencies pinned
Info: 0 out of 1 npmCommand dependencies pinned

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

55 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-hpx4-r86g-5jrg
Warn: Project is vulnerable to: GHSA-prr3-c3m5-p7q2
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-jrvm-mcxc-mf6m
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-8cf7-32gw-wr33
Warn: Project is vulnerable to: GHSA-hjrf-2m68-5959
Warn: Project is vulnerable to: GHSA-qwph-4952-7xr6
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-54xq-cgqr-rpm3
Warn: Project is vulnerable to: GHSA-325j-24f4-qv5x
Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq
Warn: Project is vulnerable to: GHSA-w5hq-hm5m-4548
Warn: Project is vulnerable to: GHSA-8266-84wp-wv5c
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

3.5

/10

Last Scanned on 2025-01-27

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More

multishift

Installations

Developer Guide

Yes

ESM

18.20.4

10.7.0

Pull Requests

29

1,484

129

1,326

Issues

166

658

492

Releases

Contributors

Languages

Developer

Download Statistics

GitHub Statistics

Bundle Size

45.35 kB

14.29 kB

Maintainers

Package Meta Information

Total Downloads

3,547,313

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

Peer Dependencies

Dev Dependencies

multishift

10

10

10

7

0

0

0

0

0

0

0

0

3.5

/10