Gathering detailed insights and metrics for vite-plugin-vue-docgen
Gathering detailed insights and metrics for vite-plugin-vue-docgen
Installations
npm install vite-plugin-vue-docgenDeveloper
andrewcourtice
Developer Guide
BETA
Module System
ESM
Min. Node Version
Typescript Support
Yes
Node Version
18.16.0
NPM Version
9.5.1
Statistics
8 Stars
34 Commits
3 Forks
3 Watching
1 Branches
2 Contributors
Updated on 30 Mar 2024
Languages
JavaScript (49.52%)
TypeScript (40.85%)
Vue (9.63%)
Total Downloads
Cumulative downloads
Total Downloads
152,452
Last day
49.3%
1,133
Compared to previous day
Last week
37%
4,367
Compared to previous week
Last month
3.4%
15,826
Compared to previous month
Last year
164.4%
104,589
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Peer Dependencies
1
Versions
Vite Vue-Docgen Plugin
This is a very simple Vite plugin that wraps the Vue Docgen API for providing metadata about Vue single file components (SFC).
Usage
To use, simply import the plugin and register it after the Vue plugin in your Vite config:
1// vite.config.js 2 3import vuePlugin from '@vitejs/plugin-vue'; 4import vueDocgenPlugin from 'vite-plugin-vue-docgen'; 5 6export default { 7 plugins: [ 8 vuePlugin(), 9 vueDocgenPlugin() 10 ] 11}
The docgen metadata will then be accessible as a property on the component:
1import Button from './button.vue'; 2 3const { 4 displayName, 5 description, 6 props, 7 methods, 8 slots 9} = Button.__docgenInfo;
Options
1const options = { 2 3 /* Regex (optional) - The file path pattern to match */ 4 include: /\.vue$/, 5 6 /* Regex (optional) - The file path pattern to exclude */ 7 exclude: /\.story\.vue$/, 8 9 /* String (optional) - The property name to inject the docgen metadata at */ 10 injectAt: '__docgenInfo' 11 12 /* Object (optional) - Specific Docgen API options */ 13 docgenOptions: { 14 jsx: true 15 } 16};
See here for a full list of docgen API options.
No vulnerabilities found.
Reason
no binaries found in the repo
Reason
no dangerous workflow patterns detected
Reason
0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
Reason
Found 1/29 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/publish.yml:1
- Warn: no topLevel permission defined: .github/workflows/test-and-build.yml:1
- Info: no jobLevel write permissions found
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/andrewcourtice/vite-plugin-vue-docgen/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/andrewcourtice/vite-plugin-vue-docgen/publish.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/andrewcourtice/vite-plugin-vue-docgen/test-and-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/andrewcourtice/vite-plugin-vue-docgen/test-and-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/andrewcourtice/vite-plugin-vue-docgen/test-and-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/andrewcourtice/vite-plugin-vue-docgen/test-and-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build.yml:43: update your workflow using https://app.stepsecurity.io/secureworkflow/andrewcourtice/vite-plugin-vue-docgen/test-and-build.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-build.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/andrewcourtice/vite-plugin-vue-docgen/test-and-build.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/test-and-build.yml:27
- Warn: npmCommand not pinned by hash: .github/workflows/test-and-build.yml:50
- Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 3 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 2 are checked with a SAST tool
Reason
14 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
- Warn: Project is vulnerable to: GHSA-3965-hpx2-q597
- Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
- Warn: Project is vulnerable to: GHSA-353f-5xf4-qw67
- Warn: Project is vulnerable to: GHSA-c24v-8rfc-w8vw
- Warn: Project is vulnerable to: GHSA-8jhw-289h-jh2g
- Warn: Project is vulnerable to: GHSA-64vr-g452-qvp3
- Warn: Project is vulnerable to: GHSA-9cwx-2883-4wfx
- Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Score
2.4
/10
Last Scanned on 2024-11-25
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More