npmpackage.info

Gathering detailed insights and metrics for update-browserslist-db

Other packages similar to update-browserslist-db

caniuse-lite

1.0.30001684

A smaller version of caniuse-db, with only the essentials!

browserslist

4.24.2

Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset

node-releases

2.0.18

Node.js releases data

browserslist-ga

0.0.13

Target browsers tailored to your audience

Gathering detailed insights and metrics for update-browserslist-db

update-browserslist-db

CLI tool to update caniuse-lite to refresh target browsers from Browserslist config

1.1.1

363

MIT

JavaScript

3,349,940,373 3.2

Installations

npm install update-browserslist-db

Pull Requests

Open

0

Total

13

Closed

2

Merged

11

Issues

Open

7

Total

33

Closed

26

Releases

1.1.1

Published on 27 Sept 2024

1.1.0

Published on 27 Sept 2024

1.0.16

Published on 14 May 2024

1.0.15

Published on 03 May 2024

1.0.14

Published on 01 May 2024

View all 5 releases

Developer

browserslist

Developer Guide

BETA

Module System

ESM

Min. Node Version

Typescript Support

Yes

Node Version

20.17.0

NPM Version

10.8.2 Statistics

363 Stars

138 Commits

70 Forks

5 Watching

1 Branches

13 Contributors

Updated on 23 Nov 2024

Languages

JavaScript (100%)

Total Downloads

Cumulative downloads

Total Downloads

3,349,940,373

Last day

-2.9%

8,467,565

Compared to previous day

Last week

45,275,524

Compared to previous week

Last month

12.7%

186,878,892

Compared to previous month

Last year

46.8%

1,818,429,190

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

escalade picocolors

Peer Dependencies

browserslist

Versions

Update Browserslist DB

CLI tool to update caniuse-lite with browsers DB from Browserslist config.

Some queries like last 2 versions or >1% depend on actual data from caniuse-lite.

1npx update-browserslist-db@latest

Why you need to call it regularly

npx update-browserslist-db@latest updates caniuse-lite version in your npm, yarn, or pnpm lock file.

This update will bring data about new browsers to polyfill tools like Autoprefixer or Babel and reduce already unnecessary polyfills.

You need to do it regularly for three reasons:

To use the latest browser’s versions and statistics in queries like last 2 versions or >1%. For example, if you created your project 2 years ago and did not update your dependencies, last 1 version will return 2-year-old browsers.
Actual browser data will lead to using less polyfills. It will reduce size of JS and CSS files and improve website performance.
caniuse-lite deduplication: to synchronize versions in different tools.

No vulnerabilities found.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

License

Determines if the project has defined a license.

5

Maintained

Determines if the project is "actively maintained".

1

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

1

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:45: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test.yml:75: update your workflow using https://app.stepsecurity.io/secureworkflow/browserslist/update-db/test.yml/main?enable=pin
Info: 0 out of 7 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 6 third-party GitHubAction dependencies pinned

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Branch-Protection

Determines if the default and release branches are protected with GitHub's branch protection settings.

0

SAST

Determines if the project uses static code analysis.

Score

3.2

/10

Last Scanned on 2024-11-25

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More