Gathering detailed insights and metrics for react-native-web
Gathering detailed insights and metrics for react-native-web
Installations
npm install react-native-webDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
22.14.0
NPM Version
10.9.2
Score
90
Supply Chain
85.8
Quality
80.2
Maintenance
100
Vulnerability
100
License
Releases
22
Languages
4
JavaScript
CSS
HTML
Shell
JavaScript (83%)
CSS (9.11%)
HTML (7.85%)
Shell (0.05%)
Developer
Download Statistics
Total Downloads
97,001,407
Last Day
226,134
Last Week
976,799
Last Month
3,998,470
Last Year
34,105,920
GitHub Statistics
MIT License
21,886 Stars
1,996 Commits
1,818 Forks
332 Watchers
21 Branches
187 Contributors
Updated on May 14, 2025
Bundle Size
252.39 kB
Minified
75.14 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
0.20.0
Package Id
react-native-web@0.20.0
Unpacked Size
2.84 MB
Size
571.85 kB
File Count
863
NPM Version
10.9.2
Node Version
22.14.0
Published on
Apr 03, 2025
Total Downloads
Cumulative downloads
Total Downloads
97,001,407
Last Day
28.6%
226,134
Compared to previous day
Last Week
3.7%
976,799
Compared to previous week
Last Month
5.9%
3,998,470
Compared to previous month
Last Year
63.4%
34,105,920
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
React Native for Web
"React Native for Web" makes it possible to run React Native components and APIs on the web using React DOM.
Documentation
The documentation site (source) covers installation, guides, and APIs.
Example
The examples app (source) demonstrates many available features. Fork the codesandbox to make changes and see the results.
You'll notice that there is no reference to react-dom in components. The App component that is shown below is defined using the APIs and Components of React Native, but it can also be rendered on the web using React Native for Web.
1// Example component 2import React from 'react'; 3import { AppRegistry, StyleSheet, Text, View } from 'react-native'; 4 5class App extends React.Component { 6 render() { 7 return ( 8 <View style={styles.box}> 9 <Text style={styles.text}>Hello, world!</Text> 10 </View> 11 ); 12 } 13} 14 15const styles = StyleSheet.create({ 16 box: { padding: 10 }, 17 text: { fontWeight: 'bold' } 18}); 19 20AppRegistry.registerComponent('App', () => App); 21AppRegistry.runApplication('App', { rootTag: document.getElementById('react-root') });
Contributing
Development happens in the open on GitHub and we are grateful for contributions including bugfixes, improvements, and ideas. Read below to learn how you can take part in improving React Native for Web.
Code of conduct
This project expects all participants to adhere to Meta's OSS Code of Conduct. Please read the full text so that you can understand what actions will and will not be tolerated.
Contributing guide
Read the contributing guide to learn about the development process, how to propose bugfixes and improvements, and how to build and test your changes to React Native for Web.
Good first issues
To help you get you familiar with the contribution process, there is a list of good first issues that contain bugs which have a relatively limited scope. This is a great place to get started.
License
React Native for Web is MIT licensed. By contributing to React Native for Web, you agree that your contributions will be licensed under its MIT license.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
4 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 6
Reason
Found 8/23 approved changesets -- score normalized to 3
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: topLevel 'contents' permission set to 'read': .github/workflows/labels.yml:10
- Warn: no topLevel permission defined: .github/workflows/performance.yml:1
- Warn: no topLevel permission defined: .github/workflows/react-integration.yml:1
- Warn: no topLevel permission defined: .github/workflows/tests.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/labels.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/labels.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/labels.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/labels.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/performance.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/performance.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/performance.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/performance.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-integration.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/react-integration.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/react-integration.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/react-integration.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/tests.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/tests.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/necolas/react-native-web/tests.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/react-integration.yml:17
- Warn: npmCommand not pinned by hash: .github/workflows/react-integration.yml:19
- Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:19
- Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:29
- Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:39
- Warn: npmCommand not pinned by hash: .github/workflows/tests.yml:49
- Info: 0 out of 12 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 0 out of 6 npmCommand dependencies pinned
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 17 are checked with a SAST tool
Reason
16 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-r7jx-5m6m-cpg9
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-45rm-2893-5f49
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-f82v-jwr5-mffw
- Warn: Project is vulnerable to: GHSA-c59h-r6p8-q9wc
- Warn: Project is vulnerable to: GHSA-g77x-44xx-532m
- Warn: Project is vulnerable to: GHSA-7gfc-8cq8-jh5f
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Score
3.3
/10
Last Scanned on 2025-05-05
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More