npmpackage.info

Gathering detailed insights and metrics for react-native-flipper

Other packages similar to react-native-flipper

react-native-flipper-databases

2.5.1

Flipper Databases plugin for React Native

react-native-performance-flipper-reporter

5.0.0

This package feeds metrics, marks and measures collected by the `react-native-performance` library to the `Performance` Flipper plugin.

react-native-flipper-performance-plugin

0.4.0

Native side of flipper-rn-perf-monitor plugin

react-native-mmkv-flipper-plugin

1.0.0

React Native's MMKV debugger for Flipper

Gathering detailed insights and metrics for react-native-flipper

react-native-flipper - 0.273.0 | npmpackage.info

react-native-flipper

A desktop debugging platform for mobile developers.

0.273.0

13,411

MIT

TypeScript

117.46 kB

3.5

Installations

npm install react-native-flipper

Developer Guide

BETA

Typescript

Yes

Module System

CommonJS

Pull Requests

Open

88

Total

4,013

Closed

3,917

Merged

8

Issues

Open

419

Total

1,561

Closed

1,142

Releases

332

v0.273.0

Updated on Nov 21, 2024

v0.272.0

Updated on Nov 06, 2024

v0.271.0

Updated on Oct 30, 2024

v0.270.0

Updated on Oct 18, 2024

v0.269.0

Updated on Oct 09, 2024

v0.268.0

Updated on Oct 02, 2024

View All 332 releases

Languages

TypeScript

Java

Objective-C

Kotlin

C++

Objective-C++

JavaScript

Ruby

CSS

MDX

Rust

Haskell

Shell

Swift

HTML

Less

CMake

Starlark

Batchfile

TypeScript (60.26%)

Java (10.02%)

Objective-C (7.48%)

Kotlin (6.81%)

C++ (5.2%)

Objective-C++ (4.32%)

JavaScript (1.72%)

Ruby (0.96%)

CSS (0.94%)

MDX (0.57%)

Rust (0.36%)

Haskell (0.3%)

Shell (0.29%)

Swift (0.29%)

HTML (0.19%)

Less (0.15%)

CMake (0.08%)

Starlark (0.04%)

C (0.02%)

Developer

facebook

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

13,411 Stars

9,981 Commits

970 Forks

163 Watchers

799 Branches

354 Contributors

Updated on Jul 15, 2025

Maintainers

View All 354 Contributors

Package Meta Information

Latest Version

0.273.0

Package Id

react-native-flipper@0.273.0

Unpacked Size

117.46 kB

Size

25.56 kB

File Count

Published on

Nov 21, 2024

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Peer Dependencies

react react-native

Dev Dependencies

metro-config react react-native react-native-windows

react-native-flipper

This package exposes JavaScript bindings to talk from React Native JavaScript directly to flipper.

This package might also be required by other Flipper plugins for React Native.

Installation

Run the following command in the root of your React Native project

yarn add react-native-flipper

Note that this package requires React Native 0.62 or higher.

Usage

How to build Flipper plugins is explained in the flipper documentation: Creating a Flipper plugin. Building a Flipper plugin involves building a plugin for the Desktop app, and a plugin that runs on a Device (Native Android, Native IOS or React Native). This package is only needed for the plugin that runs on the mobile device, in React Native, and wants to use the JavaScript bridge.

This package exposes one method: addPlugin. The addPlugin accepts a plugin parameter, that registers a client plugin and will fire the relevant callbacks if the corresponding desktop plugin is selected in the Flipper Desktop. The full plugin API is documented here.

Example

An example plugin can be found in FlipperTicTacToe.js.

The corresponding Desktop plugin ships by default in Flipper, so importing the above file and dropping the <FlipperTicTacToe /> component somewhere in your application should work out of the box.

The sources of the corresponding Desktop plugin can be found here.

No vulnerabilities found.

10

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

10

Packaging

Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.

9

Security-Policy

Determines if the project has published a security policy.

0

Maintained

Determines if the project is "actively maintained".

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

SAST

Determines if the project uses static code analysis.

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

0

Fuzzing

Determines if the project uses fuzzing.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/android-sample.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/android-sample.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/android-sample.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/android-sample.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/android-sample.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/android-sample.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/android-sample.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/android-sample.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-and-deploy.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/build-and-deploy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-and-deploy.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/build-and-deploy.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/docs.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/docs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/docs.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/docs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/gradle-wrapper-validation.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/gradle-wrapper-validation.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/gradle-wrapper-validation.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/gradle-wrapper-validation.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-Sample.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-Sample.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-Sample.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-Sample.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-Sample.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-Sample.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-dependent-pod-lint.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-dependent-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-dependent-pod-lint.yml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-dependent-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:79: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:114: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:179: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:105: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:153: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:157: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:205: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:209: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:92: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:140: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:144: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:222: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:192: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:196: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:62: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/iOS-pod-lint.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/iOS-pod-lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/issues.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/issues.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/issues.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/issues.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/js.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/js.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/js.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/js.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/js.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/js.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/js.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/js.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/js.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/js.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/js.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-pkg.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs-pkg.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs-pkg.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs-pkg.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:70: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/nodejs.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/packer.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/packer.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/packer.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/packer.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-android.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-android.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-android.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-android.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-android.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-android.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-android.yml:47: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-android.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-android.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-android.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-npm.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-npm.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-npm.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-pods.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-pods.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-pods.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-pods.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish-pods.yml:53: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-pods.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish-pods.yml:127: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/publish-pods.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:74: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/react-native-example.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/react-native-example.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:187: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:193: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:199: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:28: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:73: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:83: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:88: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:101: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:104: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:131: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:136: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:154: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:170: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/flipper/release.yml/main?enable=pin
Warn: downloadThenRun not pinned by hash: scripts/install-retry.sh:16
Info: 0 out of 74 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 41 third-party GitHubAction dependencies pinned
Info: 0 out of 1 downloadThenRun dependencies pinned

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

106 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-w8qv-6jwh-64r5
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9
Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-36jr-mh4h-2g58
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-c429-5p7v-vgjp
Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-g954-5hwp-pp24
Warn: Project is vulnerable to: GHSA-h755-8qp9-cq85
Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
Warn: Project is vulnerable to: GHSA-4w2v-q235-vp99
Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-7gc6-qh9x-w6h8
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-r7qp-cfhv-p84w
Warn: Project is vulnerable to: GHSA-q9mw-68c2-j6m5
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-3q56-9cc2-46j4
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-8hfj-j24r-96c4
Warn: Project is vulnerable to: GHSA-wc69-rhjr-hc9g
Warn: Project is vulnerable to: GHSA-w7rc-rwvf-8q5r
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
Warn: Project is vulnerable to: GHSA-qm95-pgcg-qqfq
Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
Warn: Project is vulnerable to: GHSA-hpx4-r86g-5jrg
Warn: Project is vulnerable to: GHSA-prr3-c3m5-p7q2
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: RUSTSEC-2021-0145 / GHSA-g98v-hv3f-hcfr
Warn: Project is vulnerable to: RUSTSEC-2024-0375
Warn: Project is vulnerable to: RUSTSEC-2024-0384
Warn: Project is vulnerable to: RUSTSEC-2024-0370
Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
Warn: Project is vulnerable to: GHSA-crh6-fp67-6883
Warn: Project is vulnerable to: GHSA-4cpg-3vgw-4877
Warn: Project is vulnerable to: GHSA-rxrc-rgv4-jpvx
Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7
Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
Warn: Project is vulnerable to: GHSA-jgrx-mgxx-jf9v
Warn: Project is vulnerable to: GHSA-hqq7-2q2v-82xq
Warn: Project is vulnerable to: GHSA-q8gg-vj6m-hgmj
Warn: Project is vulnerable to: GHSA-jrvm-mcxc-mf6m
Warn: Project is vulnerable to: GHSA-p3vf-v8qc-cwcr
Warn: Project is vulnerable to: GHSA-gx9m-whjm-85jf
Warn: Project is vulnerable to: GHSA-mmhx-hmjr-r674
Warn: Project is vulnerable to: GHSA-vhxf-7vqr-mrjg
Warn: Project is vulnerable to: MAL-2022-3075
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-x3vm-38hw-55wf
Warn: Project is vulnerable to: GHSA-m4gq-x24j-jpmf
Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg

Score

3.5

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More