Gathering detailed insights and metrics for svgson-loader
Gathering detailed insights and metrics for svgson-loader
Installations
npm install svgson-loaderDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
8.7.0
NPM Version
5.5.1
Score
56.8
Supply Chain
67.3
Quality
71
Maintenance
50
Vulnerability
97.9
License
Releases
Unable to fetch releases
Languages
1
JavaScript
JavaScript (100%)
Developer
darkartur
Download Statistics
Total Downloads
37,247
Last Day
1
Last Week
3
Last Month
23
Last Year
225
GitHub Statistics
5 Stars
12 Commits
1 Watchers
1 Branches
2 Contributors
Updated on Mar 02, 2018
Bundle Size
415.61 kB
Minified
125.48 kB
Minified + Gzipped
Maintainers
1
Package Meta Information
Latest Version
2.0.0
Package Id
svgson-loader@2.0.0
Size
2.14 kB
NPM Version
5.5.1
Node Version
8.7.0
Total Downloads
Cumulative downloads
Total Downloads
37,247
SVGSON webpack loader
Converts svg+xml files to JSON. Based on svgson npm package. Can be used for rendering SVG via React components.
Installation
npm install svgson-loader --save-dev
Why not svg-react-loader?
We are writing React UI library with icon button which filling it's background color based on SVG 1.2 property "viewport-fill":
import vkIcon from 'svgson-loader!./icons/vk.svg';
import okIcon from 'svgson-loader!./icons/ok.svg';
import fbIcon from 'svgson-loader!./icons/fb.svg';
stories.add('Social buttons', () => (
<div>
<Button icon={vkIcon} />
<Button icon={okIcon} />
<Button icon={fbIcon} />
</div>
));
So Button reads "viewport-fill" attribute inside JSON, applies backgroundColor property
then generates React.createElement calls to render SVG.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
Found 1/11 approved changesets -- score normalized to 0
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 2 are checked with a SAST tool
Reason
11 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
- Warn: Project is vulnerable to: GHSA-qh2h-chj9-jffq
- Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
- Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-29xr-v42j-r956
Score
1.3
/10
Last Scanned on 2025-06-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More