npmpackage.info

Gathering detailed insights and metrics for react-chartjs-2

react-chartjs-2

React components for Chart.js, the most popular charting library

5.2.0

6,650

MIT

TypeScript

1.09 kB

182,551,518 2.6

Installations

npm install react-chartjs-2

Pull Requests

Open

27

Total

471

Closed

122

Merged

322

Issues

Open

88

Total

761

Closed

673

Releases

v5.2.0

Published on 09 Jan 2023

v5.1.0

Published on 19 Dec 2022

v5.0.1

Published on 17 Nov 2022

v5.0.0

Published on 17 Nov 2022

v4.3.1

Published on 13 Jul 2022

v4.3.0

Published on 12 Jul 2022

View all 66 releases

Developer

reactchartjs

Developer Guide

BETA

Module System

ESM

Min. Node Version

Typescript Support

Yes

Node Version

16.18.1

NPM Version

8.19.2 Statistics

6,650 Stars

548 Commits

2,366 Forks

45 Watching

22 Branches

71 Contributors

Updated on 28 Nov 2024

Bundle Size

2.91 kB

Minified

1.09 kB

Minified + Gzipped

Bundlephobia

Languages

TypeScript (59.1%)

MDX (24.05%)

JavaScript (11.53%)

HTML (4.35%)

CSS (0.97%)

Total Downloads

Cumulative downloads

Total Downloads

182,551,518

Last day

-4.4%

257,997

Compared to previous day

Last week

1.9%

1,416,861

Compared to previous week

Last month

7.2%

5,972,464

Compared to previous month

Last year

35.7%

63,566,872

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Peer Dependencies

chart.js react

Versions

react-chartjs-2

React components for Chart.js, the most popular charting library.

Supports Chart.js v4 and v3.

Quickstart • Docs • Stack Overflow

Quickstart

Install this library with peer dependencies:

1pnpm add react-chartjs-2 chart.js
2# or
3yarn add react-chartjs-2 chart.js
4# or
5npm i react-chartjs-2 chart.js

We recommend using chart.js@^4.0.0.

Then, import and use individual components:

1import { Doughnut } from 'react-chartjs-2';
2
3<Doughnut data={...} />

Need an API to fetch data? Consider Cube, an open-source API for data apps.

Docs

License

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checks.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:86: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checks.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checks.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checks.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checks.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/checks.yml:72: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/checks.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/checks.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/ci.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/ci.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/commit.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/commit.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/commit.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/commit.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/release.yml/master?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/release.yml/master?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/reactchartjs/react-chartjs-2/release.yml/master?enable=pin
Info: 0 out of 14 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 10 third-party GitHubAction dependencies pinned

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

70 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-hpx4-r86g-5jrg
Warn: Project is vulnerable to: GHSA-prr3-c3m5-p7q2
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-353f-5xf4-qw67
Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-7gc6-qh9x-w6h8
Warn: Project is vulnerable to: GHSA-mf6x-hrgr-658f
Warn: Project is vulnerable to: GHSA-xrh7-m5pp-39r6
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-3949-f494-cm99
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3

Score

2.6

/10

Last Scanned on 2024-11-18

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More