npmpackage.info

Gathering detailed insights and metrics for pkg-jq

Other packages similar to pkg-jq

@x-cmd-pkg/jq

0.0.0-v1.7.1-meta.yml

publish release of x-cmd organization

@jqlee/jq-test-pkg

0.1.2

hello!

@curry798/jq

0.0.0-v1.7.1-win.x64.0

publish release of x-cmd organization

Gathering detailed insights and metrics for pkg-jq

pkg-jq - 0.2.11 | npmpackage.info

pkg-jq

Find the nearest package.json then deal with jq syntax on it. (in-line edit supported!)

0.2.11

Apache-2.0

TypeScript

3.4

Installations

npm install pkg-jq

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

14.15.1

NPM Version

6.14.8 Pull Requests

Open

4

Total

31

Closed

26

Merged

1

Issues

Open

0

Total

2

Closed

2

Releases

Unable to fetch releases

Languages

TypeScript

JavaScript

Shell

TypeScript (57.65%)

JavaScript (29.5%)

Shell (12.85%)

Developer

huan

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

Apache-2.0 License

1 Stars

74 Commits

1 Watchers

6 Branches

1 Contributors

Updated on Jan 08, 2021

Maintainers

View All 1 Contributors

Package Meta Information

Latest Version

0.2.11

Package Id

pkg-jq@0.2.11

Size

46.15 kB

NPM Version

6.14.8

Node Version

14.15.1

Published on

Jan 08, 2021

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

argparse node-jq pkg-up update-notifier

Dev Dependencies

@chatie/eslint-config @chatie/git-scripts @chatie/semver @chatie/tsconfig @types/argparse @types/update-notifier read-pkg-up shx tstest

pkg-jq

Source: Processing JSON Data With jq

Find the nearest package.json then deal with jq syntax on it. (in-line edit supported!)

FEATURES

Search package.json in current and all parent directories by default, powered by pkg-up.
Use jq syntax to deal with the json file, powered by node-jq.
In-place edit support by specify a -i or --in-place argument.

USAGE

1$ npm-jq --help
2usage: pkg-jq [-h] [-v] [-i] [-r] filter [path]
3
4Node.js Package jq Utility
5
6Positional arguments:
7  filter          jq filter.
8  path            npm project subdir, or json file. default: $PWD.
9
10Optional arguments:
11  -h, --help      Show this help message and exit.
12  -v, --version   Show programs version number and exit.
13  -i, --in-place  edit files in place.
14  -r, --raw       output raw strings, not JSON texts.
15
16
17Exmaple: pkg-jq -i '.publishConfig.tag="next"'

1. Query

1$ grep version package.json
2  "version": "0.0.6",
3
4$ pkg-jq .version
5"0.0.6"
6
7# Raw mode: -r
8$ pkg-jq -r .version
90.0.6

2. Edit In Place

1$ grep -E 'publish|tag' package.json
2  "publishConfig": {
3    "tag": "next"
4
5$ pkg-jq -i '.publishConfig.tag="latest"'
6
7$ grep -E 'publish|tag' package.json
8  "publishConfig": {
9    "tag": "latest"

DEVELOPMENT

Ubuntu

1sudo apt-get install libtool

HISTORY

master

v0.2 (10 Jun 2019)

Support in-line edit by -i parameter
Support raw mode by -r parameter
Good unit tests coverage
Travis CI DevOps

v0.0.1 (09 Jun 2019)

Project inited.

AUTHOR

Huan LI (李卓桓) zixia@zixia.net

COPYRIGHT & LICENSE

Code released under the Apache-2.0 License
Docs released under Creative Commons

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

License

Determines if the project has defined a license.

0

Maintained

Determines if the project is "actively maintained".

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/huan/pkg-jq/npm.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/huan/pkg-jq/npm.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/huan/pkg-jq/npm.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/huan/pkg-jq/npm.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/huan/pkg-jq/npm.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm.yml:42: update your workflow using https://app.stepsecurity.io/secureworkflow/huan/pkg-jq/npm.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/huan/pkg-jq/npm.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm.yml:67: update your workflow using https://app.stepsecurity.io/secureworkflow/huan/pkg-jq/npm.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/npm.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/huan/pkg-jq/npm.yml/master?enable=pin
Warn: npmCommand not pinned by hash: scripts/npm-pack-testing.sh:14
Warn: npmCommand not pinned by hash: .github/workflows/npm.yml:29
Warn: npmCommand not pinned by hash: .github/workflows/npm.yml:51
Warn: npmCommand not pinned by hash: .github/workflows/npm.yml:80
Info: 0 out of 9 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 4 npmCommand dependencies pinned

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Security-Policy

Determines if the project has published a security policy.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

Score

3.4

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More