Installations
npm install node-xlsxDeveloper Guide
Typescript
Yes
Module System
ESM
Min. Node Version
>=10.0.0
Node Version
20.12.0
NPM Version
10.5.0
Score
89.6
Supply Chain
99
Quality
77
Maintenance
100
Vulnerability
100
License
Releases
Contributors
Unable to fetch Contributors
Languages
TypeScript (89.89%)
JavaScript (10.11%)
Developer
mgcrea
Download Statistics
Total Downloads
36,828,667
Last Day
30,688
Last Week
254,790
Last Month
1,261,594
Last Year
13,335,495
GitHub Statistics
2,995 Stars
171 Commits
275 Forks
31 Watching
1 Branches
21 Contributors
Bundle Size
476.15 kB
Minified
153.83 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
0.24.0
Package Id
node-xlsx@0.24.0
Unpacked Size
42.04 kB
Size
8.16 kB
File Count
17
NPM Version
10.5.0
Node Version
20.12.0
Publised On
15 Apr 2024
Total Downloads
Cumulative downloads
Total Downloads
36,828,667
Last day
-44.8%
30,688
Compared to previous day
Last week
-16.3%
254,790
Compared to previous week
Last month
3.9%
1,261,594
Compared to previous month
Last year
47.9%
13,335,495
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
node-xlsx
Features
Straightforward excel file parser and builder.
- Relies on SheetJS xlsx module to parse/build excel sheets.
- Built with TypeScript for static type checking with exported types along the library.
Install
1npm install node-xlsx --save 2# or 3pnpm add node-xlsx
Quickstart
Parse an xlsx file
1import xlsx from 'node-xlsx'; 2// Or var xlsx = require('node-xlsx').default; 3 4// Parse a buffer 5const workSheetsFromBuffer = xlsx.parse(fs.readFileSync(`${__dirname}/myFile.xlsx`)); 6// Parse a file 7const workSheetsFromFile = xlsx.parse(`${__dirname}/myFile.xlsx`);
Build an xlsx file
1import xlsx from 'node-xlsx'; 2// Or var xlsx = require('node-xlsx').default; 3 4const data = [ 5 [1, 2, 3], 6 [true, false, null, 'sheetjs'], 7 ['foo', 'bar', new Date('2014-02-19T14:30Z'), '0.3'], 8 ['baz', null, 'qux'], 9]; 10var buffer = xlsx.build([{name: 'mySheetName', data: data}]); // Returns a buffer
Custom column width
1import xlsx from 'node-xlsx'; 2// Or var xlsx = require('node-xlsx').default; 3 4const data = [ 5 [1, 2, 3], 6 [true, false, null, 'sheetjs'], 7 ['foo', 'bar', new Date('2014-02-19T14:30Z'), '0.3'], 8 ['baz', null, 'qux'], 9]; 10const sheetOptions = {'!cols': [{wch: 6}, {wch: 7}, {wch: 10}, {wch: 20}]}; 11 12var buffer = xlsx.build([{name: 'mySheetName', data: data}], {sheetOptions}); // Returns a buffer
Spanning multiple rows A1:A4 in every sheets
1import xlsx from 'node-xlsx'; 2// Or var xlsx = require('node-xlsx').default; 3 4const data = [ 5 [1, 2, 3], 6 [true, false, null, 'sheetjs'], 7 ['foo', 'bar', new Date('2014-02-19T14:30Z'), '0.3'], 8 ['baz', null, 'qux'], 9]; 10const range = {s: {c: 0, r: 0}, e: {c: 0, r: 3}}; // A1:A4 11const sheetOptions = {'!merges': [range]}; 12 13var buffer = xlsx.build([{name: 'mySheetName', data: data}], {sheetOptions}); // Returns a buffer
Spanning multiple rows A1:A4 in second sheet
1import xlsx from 'node-xlsx'; 2// Or var xlsx = require('node-xlsx').default; 3 4const dataSheet1 = [ 5 [1, 2, 3], 6 [true, false, null, 'sheetjs'], 7 ['foo', 'bar', new Date('2014-02-19T14:30Z'), '0.3'], 8 ['baz', null, 'qux'], 9]; 10const dataSheet2 = [ 11 [4, 5, 6], 12 [7, 8, 9, 10], 13 [11, 12, 13, 14], 14 ['baz', null, 'qux'], 15]; 16const range = {s: {c: 0, r: 0}, e: {c: 0, r: 3}}; // A1:A4 17const sheetOptions = {'!merges': [range]}; 18 19var buffer = xlsx.build([ 20 {name: 'myFirstSheet', data: dataSheet1}, 21 {name: 'mySecondSheet', data: dataSheet2, options: sheetOptions}, 22]); // Returns a buffer
Beware that if you try to merge several times the same cell, your xlsx file will be seen as corrupted.
- Using Primitive Object Notation Data values can also be specified in a non-abstracted representation.
Examples:
1const rowAverage = [[{t: 'n', z: 10, f: '=AVERAGE(2:2)'}], [1, 2, 3]]; 2var buffer = xlsx.build([{name: 'Average Formula', data: rowAverage}]);
Refer to xlsx documentation for valid structure and values:
Troubleshooting
This library requires at least node.js v10. For legacy versions, you can use this workaround before using the lib.
1npm i --save object-assign
1Object.prototype.assign = require('object-assign');
Contributing
Please submit all pull requests the against master branch. If your unit test contains javascript patches or features, you should include relevant unit tests. Thanks!
Available scripts
| Script | Description |
|---|---|
| start | Alias of test:watch |
| test | Run mocha unit tests |
| test:watch | Run and watch mocha unit tests |
| lint | Run eslint static tests |
| compile | Compile the library |
| compile:watch | Compile and watch the library |
Authors
Olivier Louvignes
Copyright and license
Copyright (C) 2012-2014 Olivier Louvignes
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
Except where noted, this license applies to any and all software programs and associated documentation files created by the Original Author and distributed with the Software:
Inspired by SheetJS gist examples, Copyright (c) SheetJS.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
5 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Reason
Found 4/30 approved changesets -- score normalized to 1
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/main.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/mgcrea/node-xlsx/main.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/mgcrea/node-xlsx/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/mgcrea/node-xlsx/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/mgcrea/node-xlsx/main.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/mgcrea/node-xlsx/main.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/mgcrea/node-xlsx/main.yml/master?enable=pin
- Info: 0 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 4 are checked with a SAST tool
Score
3
/10
Last Scanned on 2024-12-16
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More