Gathering detailed insights and metrics for taro-css-to-react-native
Gathering detailed insights and metrics for taro-css-to-react-native
开放式跨端跨框架解决方案,支持使用 React/Vue/Nerv 等框架来开发微信/京东/百度/支付宝/字节跳动/ QQ 小程序/H5/React Native 等应用。 https://taro.zone/
Installations
npm install taro-css-to-react-nativeDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Node Version
16.20.2
NPM Version
8.19.4
Releases
193
chore(release): publish 3.6.37 --tag=v3-latest
v3.6.37
Updated on May 09, 2025
chore(release): publish 4.0.13
v4.0.13
Updated on May 09, 2025
chore(release): publish 4.0.12
v4.0.12
Updated on Apr 15, 2025
chore(release): publish 4.0.10
v4.0.10
Updated on Apr 09, 2025
chore(release): publish 3.6.36
v3.6.36
Updated on Apr 10, 2025
fix(react-components): 导出新增组件
v4.0.10-beta.4
Updated on Apr 01, 2025
Languages
11
TypeScript
JavaScript
SCSS
Rust
HTML
CSS
Vue
Less
Sass
Stylus
Shell
TypeScript (53.58%)
JavaScript (41.57%)
SCSS (2.43%)
Rust (2.02%)
HTML (0.2%)
CSS (0.19%)
Vue (0.01%)
Developer
Download Statistics
Total Downloads
865,486
Last Day
220
Last Week
951
Last Month
7,919
Last Year
105,272
GitHub Statistics
NOASSERTION License
36,446 Stars
14,136 Commits
4,833 Forks
691 Watchers
125 Branches
592 Contributors
Updated on May 09, 2025
Bundle Size
36.71 kB
Minified
11.55 kB
Minified + Gzipped
Maintainers
2
Package Meta Information
Latest Version
3.6.37
Package Id
taro-css-to-react-native@3.6.37
Unpacked Size
109.12 kB
Size
21.93 kB
File Count
50
NPM Version
8.19.4
Node Version
16.20.2
Published on
May 09, 2025
Total Downloads
Cumulative downloads
Total Downloads
865,486
Last Day
69.2%
220
Compared to previous day
Last Week
-51.8%
951
Compared to previous week
Last Month
-8.5%
7,919
Compared to previous month
Last Year
-39.7%
105,272
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
4
taro-css-to-react-native
fork from css-to-react-native-transform
A lightweight wrapper on top of css-to-react-native to allow valid CSS to be turned into React Native Stylesheet objects.
To keep things simple it only transforms class selectors (e.g. .myClass {}) and grouped class selectors (e.g. .myClass, .myOtherClass {}). Parsing of more complex selectors can be added as a new feature behind a feature flag (e.g. transform(css, { parseAllSelectors: true })) in the future if needed.
Example:
1.myClass { 2 font-size: 18px; 3 line-height: 24px; 4 color: red; 5} 6 7.other { 8 padding: 1rem; 9}
is transformed to:
1{ 2 myClass: { 3 fontSize: 18, 4 lineHeight: 24, 5 color: "red" 6 }, 7 other: { 8 paddingBottom: 16, 9 paddingLeft: 16, 10 paddingRight: 16, 11 paddingTop: 16 12 } 13}
API
Transform CSS
1import transform from "taro-css-to-react-native"; 2// or const transform = require("taro-css-to-react-native").default; 3 4transform(` 5 .foo { 6 color: #f00; 7 } 8`);
↓ ↓ ↓ ↓ ↓ ↓
1{ 2 foo: { 3 color: "#f00"; 4 } 5}
CSS Modules :export block
Parsing the CSS Modules (ICSS) :export is supported. The :export is often used to share variables from CSS or from a preprocessor like Sass/Less/Stylus to Javascript:
1transform(` 2 .foo { 3 color: #f00; 4 } 5 6 :export { 7 myProp: #fff; 8 } 9`);
↓ ↓ ↓ ↓ ↓ ↓
1{ 2 foo: { 3 color: "#f00"; 4 }, 5 myProp: "#fff"; 6}
CSS Media Queries (experimental)
The API and parsed syntax for CSS Media Queries might change in the future
1transform( 2 ` 3 .container { 4 background-color: #f00; 5 } 6 7 @media (orientation: landscape) { 8 .container { 9 background-color: #00f; 10 } 11 } 12`, 13 { parseMediaQueries: true }, 14);
↓ ↓ ↓ ↓ ↓ ↓
1{ 2 __mediaQueries: { 3 "@media (orientation: landscape)": [{ 4 expressions: [ 5 { 6 feature: "orientation", 7 modifier: undefined, 8 value: "landscape", 9 }, 10 ], 11 inverse: false, 12 type: "all", 13 }], 14 }, 15 container: { 16 backgroundColor: "#f00", 17 }, 18 "@media (orientation: landscape)": { 19 container: { 20 backgroundColor: "#00f", 21 }, 22 }, 23}
You can also speficy a platform as the media query type ("android", "dom", "ios", "macos", "web", "windows"):
1transform( 2 ` 3 .container { 4 background-color: #f00; 5 } 6 7 @media android and (orientation: landscape) { 8 .container { 9 background-color: #00f; 10 } 11 } 12`, 13 { parseMediaQueries: true }, 14);
CSS Viewport Units (experimental)
When CSS Viewport Units are used, a special __viewportUnits feature flag is added to the result. This is done so that the implementation that transforms viewport units to pixels knows that the style object has viewport units inside it, and can avoid doing extra work if the style object does not contain any viewport units.
1transform(`.foo { font-size: 1vh; }`);
↓ ↓ ↓ ↓ ↓ ↓
1{ 2 __viewportUnits: true, 3 foo: { 4 fontSize: "1vh"; 5 } 6}
Limitations
- For
remunit the root elementfont-sizeis currently set to 16 pixels. A setting needs to be implemented to allow the user to define the root elementfont-size. - There is also support for the
box-shadowshorthand, and this converts intoshadow-properties. Note that these only work on iOS.
Dependencies
This library has the following packages as dependencies:
- css - CSS parser / stringifier
- css-mediaquery - Parses and determines if a given CSS Media Query matches a set of values.
- css-to-react-native - Convert CSS text to a React Native stylesheet object
No vulnerabilities found.
Reason
all changesets reviewed
Reason
30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish.yml:71
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Warn: project license file does not contain an FSF or OSI license.
Reason
binaries present in source code
Details
- Warn: binary detected: packages/taro-helper/swc-backup/swc_plugin_compile_mode.wasm:1
- Warn: binary detected: packages/taro-helper/swc-backup/swc_plugin_compile_mode_pre_process.wasm:1
- Warn: binary detected: packages/taro-helper/swc-backup/swc_plugin_define_config.wasm:1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/dependabot-update-lockfile.yml:10
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/publish.yml:73
- Warn: jobLevel 'actions' permission set to 'write': .github/workflows/publish.yml:74
- Warn: jobLevel 'actions' permission set to 'write': .github/workflows/publish.yml:24
- Warn: no topLevel permission defined: .github/workflows/auto-review.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-rust-binding.yml:1
- Warn: no topLevel permission defined: .github/workflows/build-rust-wasm.yml:1
- Info: topLevel permissions set to 'read-all': .github/workflows/dependabot-update-lockfile.yml:4
- Info: topLevel 'contents' permission set to 'read': .github/workflows/nodejs.yml:21
- Info: found token with 'none' permissions: .github/workflows/publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/sync-components-types.yml:1
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/auto-review.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/auto-review.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto-review.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/auto-review.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-rust-binding.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-binding.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-rust-binding.yml:50: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-binding.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-rust-binding.yml:54: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-binding.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-rust-binding.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-binding.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-rust-binding.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-binding.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-rust-binding.yml:78: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-binding.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-rust-binding.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-binding.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-rust-wasm.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-wasm.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/build-rust-wasm.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-wasm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-rust-wasm.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-wasm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-rust-wasm.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/build-rust-wasm.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot-update-lockfile.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/dependabot-update-lockfile.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dependabot-update-lockfile.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/dependabot-update-lockfile.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/dependabot-update-lockfile.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/dependabot-update-lockfile.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:63: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:65: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:102: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:118: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:126: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:134: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:150: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:162: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/nodejs.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/nodejs.yml:169: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/nodejs.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/publish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:93: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/publish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:164: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/publish.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/publish.yml:189: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:216: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:229: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-components-types.yml:14: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/sync-components-types.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-components-types.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/sync-components-types.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-components-types.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/sync-components-types.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/sync-components-types.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/sync-components-types.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/sync-components-types.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/sync-components-types.yml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/sync-components-types.yml:60: update your workflow using https://app.stepsecurity.io/secureworkflow/NervJS/taro/sync-components-types.yml/main?enable=pin
- Info: 0 out of 26 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 18 third-party GitHubAction dependencies pinned
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
136 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: RUSTSEC-2021-0139
- Warn: Project is vulnerable to: RUSTSEC-2021-0145 / GHSA-g98v-hv3f-hcfr
- Warn: Project is vulnerable to: RUSTSEC-2024-0375
- Warn: Project is vulnerable to: RUSTSEC-2020-0095
- Warn: Project is vulnerable to: RUSTSEC-2024-0421 / GHSA-h97m-ww89-6jmq
- Warn: Project is vulnerable to: RUSTSEC-2024-0019 / GHSA-r8w9-5wcg-vfj7
- Warn: Project is vulnerable to: GHSA-4p46-pwfr-66x6
- Warn: Project is vulnerable to: RUSTSEC-2025-0009
- Warn: Project is vulnerable to: RUSTSEC-2024-0336 / GHSA-6g7w-8wpp-frhj
- Warn: Project is vulnerable to: GHSA-rr8g-9fpq-6wmg
- Warn: Project is vulnerable to: RUSTSEC-2025-0023
- Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
- Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
- Warn: Project is vulnerable to: GHSA-whgm-jr23-g3j9
- Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
- Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
- Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
- Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx
- Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
- Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
- Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
- Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
- Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
- Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
- Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
- Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
- Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
- Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
- Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h
- Warn: Project is vulnerable to: GHSA-6h5x-7c5m-7cr7
- Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
- Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
- Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
- Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
- Warn: Project is vulnerable to: GHSA-8jmw-wjr8-2x66
- Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
- Warn: Project is vulnerable to: GHSA-pfq8-rq6v-vf5m
- Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
- Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
- Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
- Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
- Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
- Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
- Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
- Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
- Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
- Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9
- Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
- Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
- Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
- Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
- Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
- Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
- Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
- Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
- Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
- Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-hwj9-h5mp-3pm3
- Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
- Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
- Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
- Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
- Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
- Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
- Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
- Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
- Warn: Project is vulnerable to: GHSA-hgjh-723h-mx2j
- Warn: Project is vulnerable to: GHSA-jf5r-8hm2-f872
- Warn: Project is vulnerable to: GHSA-4w2j-2rg4-5mjw
- Warn: Project is vulnerable to: GHSA-mrgp-mrhc-5jrq
- Warn: Project is vulnerable to: GHSA-7jxr-cg7f-gpgv
- Warn: Project is vulnerable to: GHSA-xj72-wvfv-8985
- Warn: Project is vulnerable to: GHSA-ch3r-j5x3-6q2m
- Warn: Project is vulnerable to: GHSA-p5gc-c584-jj6v
- Warn: Project is vulnerable to: GHSA-whpj-8f3w-67p5
- Warn: Project is vulnerable to: GHSA-cchq-frgv-rjh5
- Warn: Project is vulnerable to: GHSA-g644-9gfx-q4q4
- Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
- Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
- Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
- Warn: Project is vulnerable to: GHSA-776f-qx25-q3cc
- Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp
- Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
- Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99
- Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
- Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986 / GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
- Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
- Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
- Warn: Project is vulnerable to: GHSA-x4c5-c7rf-jjgv
- Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
- Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
- Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
- Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj
- Warn: Project is vulnerable to: GHSA-3p22-ghq8-v749
- Warn: Project is vulnerable to: GHSA-77xc-hjv8-ww97
- Warn: Project is vulnerable to: GHSA-mq8j-3h7h-p8g7
- Warn: Project is vulnerable to: GHSA-p2jh-44qj-pf2v
- Warn: Project is vulnerable to: GHSA-p7v2-p9m8-qqg7
- Warn: Project is vulnerable to: GHSA-7x97-j373-85x5
- Warn: Project is vulnerable to: GHSA-7m48-wc93-9g85
- Warn: Project is vulnerable to: GHSA-qqvq-6xgj-jw8g
- Warn: Project is vulnerable to: GHSA-mpg4-rc92-vx8v
- Warn: Project is vulnerable to: GHSA-m5qc-5hw7-8vg7
- Warn: Project is vulnerable to: GHSA-6fx8-h7jm-663j
- Warn: Project is vulnerable to: GHSA-x565-32qp-m3vf
- Warn: Project is vulnerable to: GHSA-rxrc-rgv4-jpvx
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
- Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
- Warn: Project is vulnerable to: GHSA-3qxh-p7jc-5xh6
- Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-vg6x-rcgg-rjx6
- Warn: Project is vulnerable to: GHSA-x574-m823-4x7w
- Warn: Project is vulnerable to: GHSA-4r4m-qw57-chr8
- Warn: Project is vulnerable to: GHSA-xcj6-pq6g-qj4x
- Warn: Project is vulnerable to: GHSA-356w-63v5-8wf4
- Warn: Project is vulnerable to: GHSA-859w-5945-r5v3
- Warn: Project is vulnerable to: GHSA-9crc-q9x8-hgqq
Score
5.5
/10
Last Scanned on 2025-05-05
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More