Gathering detailed insights and metrics for xml-parser-xo
Gathering detailed insights and metrics for xml-parser-xo
Installations
npm install xml-parser-xoDeveloper Guide
BETA
Typescript
Yes
Module System
CommonJS
Min. Node Version
>= 16
Node Version
22.14.0
NPM Version
10.9.2
Score
99.7
Supply Chain
100
Quality
77.8
Maintenance
100
Vulnerability
100
License
Releases
Unable to fetch releases
Languages
2
TypeScript
Shell
TypeScript (95.09%)
Shell (4.91%)
Developer
chrisbottin
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
5 Stars
108 Commits
7 Forks
2 Watchers
3 Branches
1 Contributors
Updated on May 12, 2025
Maintainers
1
Package Meta Information
Latest Version
4.1.4
Package Id
xml-parser-xo@4.1.4
Unpacked Size
42.18 kB
Size
7.97 kB
File Count
10
NPM Version
10.9.2
Node Version
22.14.0
Published on
May 11, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
xml-parser-xo
An XML parser based on xml-parser.
Installation
$ npm install xml-parser-xo
Example
Usage:
1import xmlParser from 'xml-parser-xo'; 2 3var xml = `<?xml version="1.0" encoding="utf-8"?> 4<!-- Load the stylesheet --> 5<?xml-stylesheet href="foo.xsl" type="text/xsl" ?> 6<!DOCTYPE foo SYSTEM "foo.dtd"> 7<foo><![CDATA[some text]]> content</foo>`; 8 9xmlParser(xml);
Output:
1{ 2 "declaration": { 3 "type": "ProcessingInstruction", 4 "attributes": {"version": "1.0", "encoding": "utf-8"} 5 }, 6 "root": { 7 "type": "Element", 8 "name": "foo", 9 "attributes": {}, 10 "children": [ 11 {"type": "CDATA", "content": "<![CDATA[some text]]>"}, 12 {"type": "Text", "content": " content"} 13 ] 14 }, 15 "children": [ 16 {"type": "Comment", "content": "<!-- Load the stylesheet -->"}, 17 {"type": "ProcessingInstruction", "attributes": {"href": "foo.xsl", "type": "text/xsl"}}, 18 {"type": "DocumentType", "content": "<!DOCTYPE foo SYSTEM \"foo.dtd\">"}, 19 { 20 "type": "Element", 21 "name": "foo", 22 "attributes": {}, 23 "children": [ 24 {"type": "CDATA", "content": "<![CDATA[some text]]>"}, 25 {"type": "Text", "content": " content"} 26 ] 27 } 28 ] 29}
Options
filter: Function to filter out unwanted nodes by returningfalse.- type:
function(node) => boolean - default:
() => true
- type:
strictMode: True to throw an error when parsing XML document with invalid content like mismatched closing tags.- type:
boolean - default:
false
- type:
Usage:
1import xmlParser from 'xml-parser-xo'; 2 3const xml = `<?xml version="1.0" encoding="utf-8"?> 4<!-- Load the stylesheet --> 5<?xml-stylesheet href="foo.xsl" type="text/xsl" ?> 6<!DOCTYPE foo SYSTEM "foo.dtd"> 7<foo><![CDATA[some text]]> content</foo>`; 8 9xmlParser(xml, { 10 filter: (node) => { 11 return node.type === 'Element' || node.type === 'Text'; 12 } 13});
Output:
1{ 2 "declaration": { 3 "type": "ProcessingInstruction", 4 "attributes": {"version": "1.0", "encoding": "utf-8"} 5 }, 6 "root": { 7 "type": "Element", 8 "name": "foo", 9 "attributes": {}, 10 "children": [ 11 {"type": "Text", "content": " content"} 12 ] 13 }, 14 "children": [ 15 { 16 "type": "Element", 17 "name": "foo", 18 "attributes": {}, 19 "children": [ 20 {"type": "Text", "content": " content"} 21 ] 22 } 23 ] 24}
License
MIT
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
5 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
- Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
- Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
- Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
- Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Reason
4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3
Reason
dependency not pinned by hash detected -- score normalized to 3
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/chrisbottin/xml-parser/ci.yml/master?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/chrisbottin/xml-parser/ci.yml/master?enable=pin
- Info: 0 out of 2 GitHub-owned GitHubAction dependencies pinned
- Info: 1 out of 1 npmCommand dependencies pinned
Reason
Found 2/27 approved changesets -- score normalized to 0
Reason
detected GitHub workflow tokens with excessive permissions
Details
- Warn: no topLevel permission defined: .github/workflows/ci.yml:1
- Info: no jobLevel write permissions found
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 7 are checked with a SAST tool
Score
3.8
/10
Last Scanned on 2025-07-07
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More