Gathering detailed insights and metrics for vscode-textmate-webpack
Gathering detailed insights and metrics for vscode-textmate-webpack
Installations
npm install vscode-textmate-webpackDeveloper Guide
BETA
Typescript
No
Module System
CommonJS
Score
75.9
Supply Chain
95.5
Quality
75
Maintenance
100
Vulnerability
98.9
License
Contributors
71
Languages
32
TypeScript
JavaScript
SCSS
Groovy
CSS
HTML
Python
Perl
Ruby
PowerShell
Objective-C
Go
Clojure
Handlebars
Less
C++
Visual Basic .NET
C
PHP
F#
Shell
CoffeeScript
Java
Makefile
Rust
Batchfile
Dockerfile
R
ShaderLab
Lua
Swift
Pug
TypeScript (83.52%)
JavaScript (2.33%)
SCSS (2.25%)
Groovy (1.47%)
CSS (1.22%)
HTML (0.94%)
Python (0.79%)
Perl (0.72%)
Ruby (0.64%)
PowerShell (0.53%)
Objective-C (0.52%)
Go (0.46%)
Clojure (0.45%)
Handlebars (0.4%)
Less (0.38%)
C++ (0.37%)
Visual Basic .NET (0.33%)
C (0.31%)
PHP (0.3%)
F# (0.24%)
Shell (0.24%)
CoffeeScript (0.22%)
Java (0.21%)
Makefile (0.21%)
Rust (0.2%)
Batchfile (0.18%)
Dockerfile (0.16%)
R (0.14%)
ShaderLab (0.12%)
Lua (0.09%)
Swift (0.08%)
Pug (0.01%)
Love this project? Help keep it running — sponsor us today! 🚀
Developer
Microsoft
Download Statistics
Total Downloads
1,170
Last Day
1
Last Week
4
Last Month
14
Last Year
95
GitHub Statistics
MIT License
603 Stars
472 Commits
117 Forks
55 Watchers
5 Branches
71 Contributors
Updated on Feb 18, 2025
Maintainers
1
Package Meta Information
Latest Version
3.3.3
Package Id
vscode-textmate-webpack@3.3.3
Unpacked Size
488.53 kB
Size
90.35 kB
File Count
63
Total Downloads
Cumulative downloads
Total Downloads
1,170
Last Day
0%
1
Compared to previous day
Last Week
-33.3%
4
Compared to previous week
Last Month
250%
14
Compared to previous month
Last Year
50.8%
95
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
2
Dev Dependencies
7
VSCode TextMate 
An interpreter for grammar files as defined by TextMate. Supports loading grammar files from JSON or PLIST format. Cross - grammar injections are currently not supported.
Installing
1npm install vscode-textmate
Using
1var Registry = require('vscode-textmate').Registry; 2var registry = new Registry(); 3var grammar = registry.loadGrammarFromPathSync('./javascript.tmbundle/Syntaxes/JavaScript.plist'); 4 5var lineTokens = grammar.tokenizeLine('function add(a,b) { return a+b; }'); 6for (var i = 0; i < lineTokens.tokens.length; i++) { 7 var token = lineTokens.tokens[i]; 8 console.log('Token from ' + token.startIndex + ' to ' + token.endIndex + ' with scopes ' + token.scopes); 9}
Using asynchronously
Sometimes, it is necessary to manage the list of known grammars outside of vscode-textmate. The sample below shows how this works:
1var Registry = require('vscode-textmate').Registry; 2 3var registry = new Registry({ 4 getFilePath: function (scopeName) { 5 // Return here the path to the grammar file for `scopeName` 6 if (scopeName === 'source.js') { 7 return './javascript.tmbundle/Syntaxes/JavaScript.plist'; 8 } 9 return null; 10 } 11}); 12 13// Load the JavaScript grammar and any other grammars included by it async. 14registry.loadGrammar('source.js', function(err, grammar) { 15 if (err) { 16 console.error(err); 17 return; 18 } 19 20 // at this point `grammar` is available... 21}); 22
Tokenizing multiple lines
To tokenize multiple lines, you must pass in the previous returned ruleStack.
1var ruleStack = null; 2for (var i = 0; i < lines.length; i++) { 3 var r = grammar.tokenizeLine(lines[i], ruleStack); 4 console.log('Line: #' + i + ', tokens: ' + r.tokens); 5 ruleStack = r.ruleStack; 6}
API doc
See the main.ts file
Developing
- Clone the repository
- Run
npm install - Compile in the background with
npm run watch - Run tests with
npm test - Run benchmark with
npm run benchmark - Troubleshoot a grammar with
npm run inspect -- PATH_TO_GRAMMAR PATH_TO_FILE
Code of Conduct
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.
License
No vulnerabilities found.
Reason
all changesets reviewed
Reason
security policy file detected
Details
- Info: security policy file detected: SECURITY.md:1
- Info: Found linked content: SECURITY.md:1
- Info: Found disclosure, vulnerability, and/or timelines in security policy: SECURITY.md:1
- Info: Found text in security policy: SECURITY.md:1
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE.md:0
- Info: FSF or OSI recognized license: MIT License: LICENSE.md:0
Reason
4 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
- Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Reason
3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2
Reason
dependency not pinned by hash detected -- score normalized to 2
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/vscode-textmate/ci.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/microsoft/vscode-textmate/ci.yml/main?enable=pin
- Warn: containerImage not pinned by hash: test-cases/themes/tests/Dockerfile:1: pin your Docker image by updating ubuntu to ubuntu@sha256:72297848456d5d37d1262630108ab308d3e9ec7ed1c3286a32fe09856619a782
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
- Info: 0 out of 1 containerImage dependencies pinned
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 30 are checked with a SAST tool
Score
5.4
/10
Last Scanned on 2025-02-17
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More