Gathering detailed insights and metrics for uti
Gathering detailed insights and metrics for uti
Installations
npm install utiDeveloper Guide
BETA
Typescript
Yes
Module System
ESM
Min. Node Version
>=22.15.1
Node Version
22.15.1
NPM Version
10.9.2
Score
77.1
Supply Chain
100
Quality
86.1
Maintenance
100
Vulnerability
100
License
Releases
117
Languages
1
JavaScript
JavaScript (100%)
Developer
arlac77
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
0BSD License
5 Stars
2,917 Commits
1 Forks
3 Watchers
1 Branches
5 Contributors
Updated on Jun 29, 2025
Maintainers
1
Package Meta Information
Latest Version
8.9.0
Package Id
uti@8.9.0
Unpacked Size
45.74 kB
Size
8.65 kB
File Count
8
NPM Version
10.9.2
Node Version
22.15.1
Published on
May 21, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dev Dependencies
6
uti
Uniform Type Identifier
Please see ars technica article for a description about the principles of UTIs.
For a list of known UTIs please see here
example
myuti.js
1import { UTIController } from "uti"; 2 3const uc = new UTIController(); 4const doesConformTo = uc.conformsTo("public.image", "public.data"); 5console.log("doesConformTo: " + doesConformTo); 6 7console.log(uc.getUTIsForFileName("a.txt")[0]);
Output
1doesConformTo: true 2public.plain-text
API
Table of Contents
UTIDeclaration
Type: Object
Properties
namestringconformsTo(string | Array<string>)?mimeType(string | Array<string>)?fileNameExtension(string | Array<string>)?
UTI
Object representing a UTI.
Parameters
Properties
name
Type: string
conforms
conformsTo
Check for conformity.
Parameters
Returns boolean true if other conforms to the receiver
toString
name of the UTI.
Returns string
toJSON
Deliver JSON representation of the UTI. Sample result
1{ 2 "name": "myUTI", 3 "conformsTo": [ "uti1", "uti2"] 4}
Returns {name: string, conforms: Array<string>} json representation of the UTI
UTIController
Registry of UTIs.
Properties
registry
utiByMimeType
Type: Map<string, Array<string>>
utiByFileNameExtension
Type: Map<string, Array<string>>
register
Registers additional types.
Parameters
typesArray<UTIDeclaration>
getUTI
Lookup a given UTI.
Parameters
namestring UTI
Returns (UTI | undefined) UTI for the given name or undefined if UTI is not present.
getUTIsForMimeType
Lookup a UTIs for a mime type.
Parameters
mimeTypestring mime type to get UTIs for
Returns Array<string> UTIs for the given mime type
getUTIsForFileName
Lookup a UTI for a file name. First the file name extension is extracted. Then a lookup in the registered UTIs for file name extension is executed.
Parameters
fileNamestring file to detect UTI for
Returns Array<string> UTIs for the given fileName
conformsTo
Check whenever two UTI are conformant. If a conforms to b and b conforms to c then a also conforms to c.
Parameters
Returns boolean true if UTI a conforms to UTI b.
fileNameConformsTo
Lookup a UTI for a file name and check conformance.
Parameters
Returns boolean true if utils for file name are conformant
assignMimeTypes
Assign mime types to a UTI
Parameters
assignExtensions
Assign mime types to a UTI
Parameters
install
With npm do:
1npm install uti
license
BSD-2-Clause
No vulnerabilities found.
Reason
30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: BSD Zero Clause License: LICENSE:0
Reason
packaging workflow detected
Details
- Info: Project packages its releases by way of GitHub Actions.: .github/workflows/ci.yml:70
Reason
SAST tool detected but not run on all commits
Details
- Info: SAST configuration detected: CodeQL
- Warn: 15 commits out of 28 are checked with a SAST tool
Reason
2 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/auto_approve.yml:7: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/auto_approve.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:82: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:84: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/ci.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:103: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql_analysis.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/codeql_analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql_analysis.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/codeql_analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql_analysis.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/codeql_analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/codeql_analysis.yml:31: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/codeql_analysis.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pr_labeler.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/pr_labeler.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update_package_lock.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/update_package_lock.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update_package_lock.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/update_package_lock.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update_package_lock.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/update_package_lock.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update_readme_api.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/update_readme_api.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/update_readme_api.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/update_readme_api.yml/master?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/update_readme_api.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/arlac77/uti/update_readme_api.yml/master?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/update_package_lock.yml:30
- Info: 0 out of 15 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 5 third-party GitHubAction dependencies pinned
- Info: 5 out of 6 npmCommand dependencies pinned
Reason
Found 0/8 approved changesets -- score normalized to 0
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/pr_labeler.yml:6
- Warn: no topLevel permission defined: .github/workflows/auto_approve.yml:1
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yml:12
- Warn: no topLevel permission defined: .github/workflows/codeql_analysis.yml:1
- Warn: no topLevel permission defined: .github/workflows/pr_labeler.yml:1
- Warn: no topLevel permission defined: .github/workflows/update_package_lock.yml:1
- Warn: no topLevel permission defined: .github/workflows/update_readme_api.yml:1
- Info: no jobLevel write permissions found
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Score
5.7
/10
Last Scanned on 2025-06-23
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More