npmpackage.info

Gathering detailed insights and metrics for tld-extract

Other packages similar to tld-extract

extract-domain

5.0.2

Extract domain name from URL

extract-tld

1.1.2

Extract the TLD from a URL against the [public suffix list](https://publicsuffix.org/).

mini-css-extract-plugin

2.9.2

extracts CSS into separate files

postcss-modules-extract-imports

3.1.0

A CSS Modules transform to extract local aliases for inline imports

Gathering detailed insights and metrics for tld-extract

tld-extract

Nodejs TLD extract

2.1.0

MIT

JavaScript

41.93 kB

3,329,511 3.4

Installations

npm install tld-extract

Score

99.4

Supply Chain

Quality

Maintenance

100

Vulnerability

99.6

License

Pull Requests

Open

0

Total

6

Closed

5

Merged

1

Issues

Open

1

Total

11

Closed

10

Releases

Unable to fetch releases

Developer

131 Developer Guide

BETA

Module System

CommonJS

Min. Node Version

Typescript Support

No

Node Version

8.17.0

NPM Version

6.13.4 Statistics

44 Stars

40 Commits

15 Forks

3 Watching

1 Branches

3 Contributors

Updated on 28 Oct 2024

Bundle Size

149.41 kB

Minified

41.93 kB

Minified + Gzipped

Bundlephobia

Languages

JavaScript (74.55%)

TypeScript (25.45%)

Total Downloads

Cumulative downloads

Total Downloads

3,329,511

Last day

7.4%

8,380

Compared to previous day

Last week

3.1%

39,719

Compared to previous week

Last month

-0%

163,705

Compared to previous month

Last year

107.8%

1,775,988

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

eslint-plugin-ivs expect.js mocha nyc

Versions

Motivation

Extract the TLD/domain/subdomain parts of an URL/hostname against mozilla TLDs official listing.

API

var parser = require('tld-extract');

console.log( parser("http://www.google.com") );
console.log( parser("http://google.co.uk") );
/**
* >> { tld: 'com', domain: 'google.com', sub: 'www' }
* >> { tld: 'co.uk', domain: 'google.co.uk', sub: '' }
*/

Private TLDs

Private TLDs are supported, see chromium source code for specs

console.log( parser("http://jeanlebon.cloudfront.net"));
/**
* >> { tld : 'net', domain : 'cloudfront.net', sub : 'jeanlebon' };
*/


console.log( parser("http://jeanlebon.cloudfront.net", {allowPrivateTLD : true}));
/**
* >> { tld : 'cloudfront.net', domain : 'jeanlebon.cloudfront.net', sub : '' };
*/

Unknown TLDs (level0)

By default, unknown TLD throw an exception, you can allow them and use tld-extract as a parser using the allowUnknownTLD option

  parse("http://nowhere.local")
    >> throws /Invalid TLD/

  parse("http://nowhere.local", {allowUnknownTLD : true}))
    >> { tld : 'local', domain : 'nowhere.local', sub : '' }

DotLess domain

Using a tld as a direct domain name, or dotless domain is highly not recommended (ICANN and IAB have spoken out against the practice, classifying it as a security risk among other concerns.[34] ICANN's Security and Stability Advisory Committee (SSAC) additionally claims that SMTP "requires at least two labels in the FQDN of a mail address" and, as such, mail servers would reject emails to addresses with dotless domains), and will throw an error in tld-extract. You can override this behavior using the allowDotlessTLD option.

  parse("http://notaires.fr")
    >> throws /Invalid TLD/

  parse("http://notaires.fr", {allowDotlessTLD : true}))
    >> { tld : 'notaires.fr', domain : 'notaires.fr', sub : '' }

Why

no dependencies
really fast
full code coverage
easy to read (10 lines)
easily updatable vs mozilla TLDs source list
TypeScript support

Maintenance

You can update the remote hash table using npm run update

Not Invented Here

A port of a yks/PHP library
tldextract => bad API, (no need for async, "domain" property is wrong), no need for dependencies
tld => (nothing bad, a bit outdated )
tld.js => no sane way to prove/trust/update TLD listing

Credits

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

10

License

Determines if the project has defined a license.

0

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

Security-Policy

Determines if the project has published a security policy.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

Score

3.4

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More