Installations
npm install statusesScore
99.2
Supply Chain
99.5
Quality
79.6
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Developer
jshttp
Developer Guide
Module System
Unable to determine the module system for this package.
Min. Node Version
>= 0.8
Typescript Support
No
Node Version
12.18.3
NPM Version
6.14.6
Statistics
273 Stars
289 Commits
29 Forks
15 Watching
1 Branches
30 Contributors
Updated on 22 Nov 2024
Languages
JavaScript (100%)
Total Downloads
Cumulative downloads
Total Downloads
10,506,531,464
Last day
-6.8%
11,002,307
Compared to previous day
Last week
1.5%
63,822,822
Compared to previous week
Last month
9.2%
266,226,492
Compared to previous month
Last year
9.9%
2,755,541,087
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
statuses
HTTP status utility for node.
This module provides a list of status codes and messages sourced from a few different projects:
Installation
This is a Node.js module available through the
npm registry. Installation is done using the
npm install command:
1$ npm install statuses
API
1var status = require('statuses')
status(code)
Returns the status message string for a known HTTP status code. The code may be a number or a string. An error is thrown for an unknown status code.
1status(403) // => 'Forbidden' 2status('403') // => 'Forbidden' 3status(306) // throws
status(msg)
Returns the numeric status code for a known HTTP status message. The message is case-insensitive. An error is thrown for an unknown status message.
1status('forbidden') // => 403 2status('Forbidden') // => 403 3status('foo') // throws
status.codes
Returns an array of all the status codes as Integers.
status.code[msg]
Returns the numeric status code for a known status message (in lower-case),
otherwise undefined.
1status['not found'] // => 404
status.empty[code]
Returns true if a status code expects an empty body.
1status.empty[200] // => undefined 2status.empty[204] // => true 3status.empty[304] // => true
status.message[code]
Returns the string message for a known numeric status code, otherwise
undefined. This object is the same format as the
Node.js http module http.STATUS_CODES.
1status.message[404] // => 'Not Found'
status.redirect[code]
Returns true if a status code is a valid redirect status.
1status.redirect[200] // => undefined 2status.redirect[301] // => true
status.retry[code]
Returns true if you should retry the rest.
1status.retry[501] // => undefined 2status.retry[503] // => true
License
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
11 different organizations found -- score normalized to 10
Details
- Info: contributors work for ExpressGateway,crypto-utils,expressjs,houzz,jshttp,koajs,mysqljs,nodejs,pillarjs,repo-utils,stream-utils
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: License file found in expected location: LICENSE:1
- Info: FSF or OSI recognized license: LICENSE:1
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:8
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:14
- Warn: jobLevel 'checks' permission set to 'write': .github/workflows/ci.yml:15: Verify which permissions are needed and consider whether you can reduce them. (High effort)
- Warn: jobLevel 'checks' permission set to 'write': .github/workflows/ci.yml:216: Verify which permissions are needed and consider whether you can reduce them. (High effort)
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/ci.yml:215
- Info: topLevel permissions set to 'read-all': .github/workflows/scorecard.yml:19
Reason
no vulnerabilities detected
Reason
dependency not pinned by hash detected -- score normalized to 6
Details
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:164
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yml:180
- Info: 4 out of 4 GitHub-owned GitHubAction dependencies pinned
- Info: 3 out of 3 third-party GitHubAction dependencies pinned
- Info: 0 out of 2 npmCommand dependencies pinned
Reason
2 out of 5 merged PRs checked by a CI test -- score normalized to 4
Reason
found 25 unreviewed changesets out of 30 -- score normalized to 1
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
no update tool detected
Details
- Warn: tool 'RenovateBot' is not used: Follow the instructions from https://docs.renovatebot.com/configuration-options/. (Low effort)
- Warn: tool 'Dependabot' is not used: Follow the instructions from https://docs.github.com/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates. (Low effort)
- Warn: tool 'PyUp' is not used: Follow the instructions from https://docs.pyup.io/docs. (Low effort)
- Warn: tool 'Sonatype Lift' is not used: Follow the instructions from https://help.sonatype.com/lift/getting-started. (Low effort)
Reason
project is not fuzzed
Details
- Warn: no OSSFuzz integration found: Follow the steps in https://github.com/google/oss-fuzz to integrate fuzzing for your project. Over time, try to add fuzzing for more functionalities of your project. (High effort)
- Warn: no OneFuzz integration found: Follow the steps in https://github.com/microsoft/onefuzz to start fuzzing for your project. Over time, try to add fuzzing for more functionalities of your project. (High effort)
- Warn: no GoBuiltInFuzzer integration found: Follow the steps in https://go.dev/doc/fuzz/ to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no PythonAtherisFuzzer integration found: Follow the steps in https://github.com/google/atheris to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no CLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no CppLibFuzzer integration found: Follow the steps in https://llvm.org/docs/LibFuzzer.html to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no SwiftLibFuzzer integration found: Follow the steps in https://google.github.io/oss-fuzz/getting-started/new-project-guide/swift-lang/ to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no RustCargoFuzzer integration found: Follow the steps in https://rust-fuzz.github.io/book/cargo-fuzz.html to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no JavaJazzerFuzzer integration found: Follow the steps in https://github.com/CodeIntelligenceTesting/jazzer to enable fuzzing on your project. Over time, try to add fuzzing for more functionalities of your project. (Medium effort)
- Warn: no ClusterFuzzLite integration found: Follow the steps in https://github.com/google/clusterfuzzlite to integrate fuzzing as part of CI. Over time, try to add fuzzing for more functionalities of your project. (High effort)
- Warn: no HaskellPropertyBasedTesting integration found: Use one of the following frameworks to fuzz your project: QuickCheck: https://hackage.haskell.org/package/QuickCheck hedgehog: https://hedgehog.qa/ validity: https://github.com/NorfairKing/validity smallcheck: https://hackage.haskell.org/package/smallcheck hspec: https://hspec.github.io/ tasty: https://hackage.haskell.org/package/tasty (High effort)
- Warn: no TypeScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)
- Warn: no JavaScriptPropertyBasedTesting integration found: Use fast-check: https://github.com/dubzzz/fast-check (High effort)
Reason
0 commit(s) out of 30 and 0 issue activity out of 10 found in the last 90 days -- score normalized to 0
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 5 are checked with a SAST tool
- Warn: CodeQL tool not detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected: On GitHub: Enable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository Add a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities. On GitLab: Add a section in your SECURITY.md indicating the process to disclose vulnerabilities for your project. Examples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. For additional information on vulnerability disclosure, see https://github.com/ossf/oss-vulnerability-guide/blob/main/maintainer-guide.md. (Medium effort)
- Warn: no security file to analyze: On GitHub: Enable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository Add a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities. On GitLab: Provide a point of contact in your SECURITY.md. Examples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. (Low effort)
- Warn: no security file to analyze: On GitHub: Enable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository Add a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities. On GitLab: Add a section in your SECURITY.md indicating the process to disclose vulnerabilities for your project. Examples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. (Low effort)
- Warn: no security file to analyze: On GitHub: Enable private vulnerability disclosure in your repository settings https://docs.github.com/en/code-security/security-advisories/repository-security-advisories/configuring-private-vulnerability-reporting-for-a-repository Add a section in your SECURITY.md indicating you have enabled private reporting, and tell them to follow the steps in https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing/privately-reporting-a-security-vulnerability to report vulnerabilities. On GitLab: Add a section in your SECURITY.md indicating the process to disclose vulnerabilities for your project. Examples: https://github.com/ossf/scorecard/blob/main/SECURITY.md, https://github.com/slsa-framework/slsa-github-generator/blob/main/SECURITY.md, https://github.com/sigstore/.github/blob/main/SECURITY.md. (Low effort)
Score
4.6
/10
Last Scanned on 2024-08-12T21:27:37Z
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn MoreOther packages similar to statuses
@types/statuses
TypeScript definitions for statuses
@bundled-es-modules/statuses
mirror of statuses, bundled and exposed as ES module
popsicle-status
Popsicle middleware for rejecting responses with bad HTTP statuses
semantic-release-slack-bot
A slack bot for semantic-release notifying release statuses