Gathering detailed insights and metrics for workbox-cacheable-response
Gathering detailed insights and metrics for workbox-cacheable-response
📦 Workbox: JavaScript libraries for Progressive Web Apps
Installations
npm install workbox-cacheable-responseDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Node Version
22.9.0
NPM Version
lerna/5.6.2/node@v22.9.0+arm64 (darwin)
Score
98.3
Supply Chain
67.5
Quality
83.8
Maintenance
100
Vulnerability
100
License
Releases
85
Languages
7
JavaScript
TypeScript
HTML
Handlebars
Nunjucks
CSS
Shell
JavaScript (67.01%)
TypeScript (30.36%)
HTML (1.11%)
Handlebars (0.81%)
Nunjucks (0.62%)
CSS (0.07%)
Shell (0.02%)
Developer
Download Statistics
Total Downloads
1,093,225,004
Last Day
742,531
Last Week
4,879,678
Last Month
19,052,762
Last Year
216,445,233
GitHub Statistics
MIT License
12,642 Stars
1,411 Commits
838 Forks
204 Watchers
55 Branches
112 Contributors
Updated on May 24, 2025
Bundle Size
965.00 B
Minified
460.00 B
Minified + Gzipped
Maintainers
7
Package Meta Information
Latest Version
7.3.0
Package Id
workbox-cacheable-response@7.3.0
Unpacked Size
76.28 kB
Size
19.09 kB
File Count
25
NPM Version
lerna/5.6.2/node@v22.9.0+arm64 (darwin)
Node Version
22.9.0
Published on
Oct 29, 2024
Total Downloads
Cumulative downloads
Total Downloads
1,093,225,004
Last Day
1.7%
742,531
Compared to previous day
Last Week
7.7%
4,879,678
Compared to previous week
Last Month
3.2%
19,052,762
Compared to previous month
Last Year
-3.5%
216,445,233
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Dependencies
1
This module's documentation can be found at https://developers.google.com/web/tools/workbox/modules/workbox-cacheable-response
No vulnerabilities found.
Reason
no vulnerabilities detected
Reason
no dangerous workflow patterns detected
Reason
license file detected
Details
- Info: : LICENSE:1
Reason
no binaries found in the repo
Reason
9 commit(s) out of 30 and 2 issue activity out of 30 found in the last 90 days -- score normalized to 9
Reason
dependency not pinned by hash detected -- score normalized to 9
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/pull-request.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/pull-request.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/pull-request.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/pull-request.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/pull-request.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/pull-request.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:51: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/pull-request.yml/master?enable=pin
- Info: Third-party GitHubActions are pinned
- Info: Dockerfile dependencies are pinned
- Info: no insecure (not pinned by hash) dependency downloads found in Dockerfiles
- Info: no insecure (not pinned by hash) dependency downloads found in shell scripts
Reason
GitHub code reviews found for 22 commits out of the last 30 -- score normalized to 7
Details
- Warn: no reviews found for commit: 95f97a207fd51efb3f8a653f6e3e58224183a778
- Warn: no reviews found for commit: 5e69c3f6a74ea0e6b1a0d3261a6cde11d8075859
- Warn: no reviews found for commit: d461f1294d512e82dc65fb122dca47bac58365d3
- Warn: no reviews found for commit: 85bdecd24ded38c215b4e8943ee9b3eb0e2c3ee9
- Warn: no reviews found for commit: 7c095b4f981976d11a29ac934a16c6a0fbd0c0c1
- Warn: no reviews found for commit: 9732274bf4be9857e326f399b8c09670c0f56c51
- Warn: no reviews found for commit: d796009eadcba556b2795e0fea7d71a241f535e0
- Warn: no reviews found for commit: 10859de1bd982ed9aef9e74f458d5f57dd9e9888
Reason
no badge detected
Reason
non read-only tokens detected in GitHub workflows
Details
- Warn: no topLevel permission defined: .github/workflows/pull-request.yml:1: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/pull-request.yml/master?enable=permissions
- Info: topLevel permissions set to 'read-all': .github/workflows/scorecards-analysis.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/scorecards-analysis.yml/master?enable=permissions
- Info: jobLevel 'contents' permission set to 'read': .github/workflows/scorecards-analysis.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/scorecards-analysis.yml/master?enable=permissions
- Info: jobLevel 'actions' permission set to 'read': .github/workflows/scorecards-analysis.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/bschwind/app-route/scorecards-analysis.yml/master?enable=permissions
Reason
0 out of 5 artifacts are signed or have provenance
Details
- Warn: release artifact v5.1.4 does not have provenance: https://api.github.com/repos/GoogleChrome/workbox/releases/30991093
- Warn: release artifact v5.1.4 not signed: https://api.github.com/repos/GoogleChrome/workbox/releases/30991093
- Warn: release artifact v6.0.0-alpha.2 does not have provenance: https://api.github.com/repos/GoogleChrome/workbox/releases/29714899
- Warn: release artifact v6.0.0-alpha.2 not signed: https://api.github.com/repos/GoogleChrome/workbox/releases/29714899
- Warn: release artifact v6.0.0-alpha.1 does not have provenance: https://api.github.com/repos/GoogleChrome/workbox/releases/28876505
- Warn: release artifact v6.0.0-alpha.1 not signed: https://api.github.com/repos/GoogleChrome/workbox/releases/28876505
- Warn: release artifact v5.1.3 does not have provenance: https://api.github.com/repos/GoogleChrome/workbox/releases/25855661
- Warn: release artifact v5.1.3 not signed: https://api.github.com/repos/GoogleChrome/workbox/releases/25855661
- Warn: release artifact v5.1.2 does not have provenance: https://api.github.com/repos/GoogleChrome/workbox/releases/24852570
- Warn: release artifact v5.1.2 not signed: https://api.github.com/repos/GoogleChrome/workbox/releases/24852570
Reason
no update tool detected
Details
- Warn: dependabot config file not detected in source location. We recommend setting this configuration in code so it can be easily verified by others.
- Warn: renovatebot config file not detected in source location. We recommend setting this configuration in code so it can be easily verified by others.
Reason
project is not fuzzed
Reason
branch protection not enabled on development/release branches
Details
- Warn: 'force pushes' enabled on branch 'v6'
- Info: 'allow deletion' disabled on branch 'v6'
- Warn: no status checks found to merge onto branch 'v6'
- Warn: number of required reviewers is only 1 on branch 'v6'
- Warn: branch protection not enabled for branch 'main'
Reason
security policy file not detected
Score
4.9
/10
Last Scanned on 2022-08-15
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More