Installations
npm install path-matchDeveloper Guide
Typescript
No
Module System
N/A
Node Version
5.7.0
NPM Version
3.6.0
Score
98.6
Supply Chain
78
Quality
80.8
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Contributors
Unable to fetch Contributors
Languages
JavaScript (100%)
Developer
Download Statistics
Total Downloads
53,823,870
Last Day
124,480
Last Week
573,588
Last Month
2,335,621
Last Year
25,949,577
GitHub Statistics
138 Stars
27 Commits
14 Forks
13 Watching
2 Branches
20 Contributors
Bundle Size
7.82 kB
Minified
3.34 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
1.2.4
Package Id
path-match@1.2.4
Size
2.18 kB
NPM Version
3.6.0
Node Version
5.7.0
Publised On
27 Feb 2016
Total Downloads
Cumulative downloads
Total Downloads
53,823,870
Last day
7.1%
124,480
Compared to previous day
Last week
-6.4%
573,588
Compared to previous week
Last month
12.7%
2,335,621
Compared to previous month
Last year
196.5%
25,949,577
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
path match
Thin wrapper around path-to-regexp to make extracting the param names easier.
1var route = require('path-match')({ 2 // path-to-regexp options 3 sensitive: false, 4 strict: false, 5 end: false, 6}); 7 8// create a match function from a route 9var match = route('/post/:id'); 10 11// match a route 12var parse = require('url').parse; 13require('http').createServer(function (req, res) { 14 var params = match(parse(req.url).pathname); 15 16 // no match 17 if (params === false) { 18 res.statusCode = 404; 19 res.end(); 20 return; 21 } 22 23 // the matched id 24 var id = params.id; 25 26 // do stuff with the ID 27})
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
security policy file detected
Details
- Info: security policy file detected: github.com/pillarjs/.github/SECURITY.md:1
- Info: Found linked content: github.com/pillarjs/.github/SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: github.com/pillarjs/.github/SECURITY.md:1
- Info: Found text in security policy: github.com/pillarjs/.github/SECURITY.md:1
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/pillarjs/path-match/node.js.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/node.js.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/pillarjs/path-match/node.js.yml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
Found 1/27 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/node.js.yml:1
- Info: no jobLevel write permissions found
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 2 are checked with a SAST tool
Reason
32 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-xp63-6vf5-xf3v
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6
- Warn: Project is vulnerable to: GHSA-43f8-2h32-f4cj
- Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-5fw9-fq32-wv5p
- Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-6fc8-4gx4-v693
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh
Score
3.7
/10
Last Scanned on 2025-01-27
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to path-match
egg-path-matching
match or ignore url path
unc-path-regex
Regular expression for testing if a file path is a windows UNC file path. Can also be used as a component of another regexp via the `.source` property.
is-unc-path
Returns true if a filepath is a windows UNC file path.
find-up
Find a file or directory by walking up parent directories