Package Health Score

94 / 100

security
No known security issues
popularity
Influential project
maintenance
Healthy
community
Active

Explore Similar Packages

Security

No known security issues

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

Version				Vulnerabilities	License Risk
3.5.0	\|	11/2023	Popular	0 C 0 H 0 M 0 L	0 H 0 M 0 L
3.3.0	\|	07/2023		0 C 0 H 0 M 0 L	0 H 0 M 0 L
3.2.0	\|	06/2023		0 C 0 H 0 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Influential project

Weekly Downloads (275,469)

GitHub Stars: 18.74K
Forks: 678
Contributors: 150

Direct Usage Popularity

The npm package @visx/vendor receives a total of 275,469 downloads a week. As such, we scored @visx/vendor popularity level to be Influential project.

Based on project statistics from the GitHub repository for the npm package @visx/vendor, we found that it has been starred 18,743 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Active

Readme.md: Yes
Contributing.md: Yes
Code of Conduct: Yes
Contributors: 150
Funding: No

A good and healthy external contribution signal for @visx/vendor project, which invites more than one hundred open source maintainers to collaborate on the repository.

Embed Package Health Score Badge

Maintenance

Healthy

Commit Frequency

Open Issues: 121
Open PR: 11
Last Release: 6 months ago
Last Commit: 2 months ago

Further analysis of the maintenance status of @visx/vendor based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that @visx/vendor demonstrates a positive version release cadence with at least one new version released in the past 12 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: not defined

Age: 10 months
Dependencies: 19 Direct
Versions: 5
Install Size: 410 kB
Dist-tags: 2
# of Files: 266
Maintainers: 4
TS Typings: No

@visx/vendor has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Readme

@visx/vendor

This package consists of vendored packages for other visx packages. It is meant to enable dual support for export of CommonJS and ESM formats by re-exporting some visx dependencies, and even some transitive dependencies, which are ESM-only.

This package is heavily based off of victory-vendor which aims to solve the same problem.

Vendored packages

All vendored packages are listed as dependencies in the package.json of this package (note that the yarn nohoist option is set for this package to guarantee version specificity in this large monorepo where we may have mixed versions of d3 packages). For each (non-types) package ``, we generate the following:

an ESM version of the package in esm/.js
a CJS version of the package in lib/.js
- this points to the fully-transpiled version of the package in vendor-cjs/vendor-/src/index.js
- vendor-cjs/vendor-/LICENSE contains the upstream license of the vendored package
- other ESM-only packages (e.g., ) that are referenced by are updated to point to vendor-cjs/vendor-/src/index.js
TypeScript types from @types/ as root .d.ts files (when available as specified in the package.json dependencies)
a root .js file (pointing to the CJS version of the lib) for tooling that doesn't yet support package.json:exports (conditional exports)

How it works

We provide two alternate paths and behaviors -- for ESM and CommonJS

ESM

When you use a module import syntax like the following, it will resolve to a re-exported version of node_modules/d3-interpolate, the unmodified ESM library from D3.

import { interpolate } from '@visx/vendor/d3-interpolate';

CommonJS

If you use a CJS require syntax like the following, it will resolve to an alternate path that contains the transpiled version of the underlying d3-* (or other) library to be found at @visx/vendor/vendor-cjs/d3-interpolate/**/*.js.

const { interpolate } = require('@visx/vendor/d3-interpolate');

Such transpiled versions have internally consistent import references to other other @visx/vendor/vendor-cjs/ paths that need to be transpiled.

Root index files & types

For tooling that doesn't yet support package.json:exports (conditional exports), we include root index files for all vendored packages, e.g., @visx/vendor/d3-array.js.

Type declaration files are also included in the root, e.g., @types/d3-array is exported as @visx/vendor/d3-array.d.ts.

@visx/vendor dependencies

@types/d3-array @types/d3-color @types/d3-delaunay @types/d3-format @types/d3-geo @types/d3-interpolate @types/d3-scale @types/d3-time @types/d3-time-format d3-array d3-color d3-delaunay d3-format d3-geo d3-interpolate d3-scale d3-time d3-time-format internmap

@visx/vendor development dependencies

@babel/plugin-transform-modules-commonjs @types/rimraf babel-plugin-module-resolver chalk compare-versions rimraf

FAQs

What is @visx/vendor?

vendored packages for visx. Visit Snyk Advisor to see a full health score report for @visx/vendor, including popularity, security, maintenance & community analysis.

Is @visx/vendor popular?

The npm package @visx/vendor receives a total of 275,469 weekly downloads. As such, @visx/vendor popularity was classified as an influential project. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is @visx/vendor well maintained?

We found that @visx/vendor demonstrated a healthy version release cadence and project activity. It has a community of 150 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is @visx/vendor safe to use?

The npm package @visx/vendor was scanned for known vulnerabilities and missing license, and no issues were found. Thus the package was deemed as safe to use. See the full health analysis review.

Last updated on 27 April-2024, at 11:02 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

@visx/vendor

vendored packages for visx For more information about how to use this package see README

Ensure you're using the healthiest npm packages

Package Health Score

Explore Similar Packages

Security

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Popularity

Weekly Downloads (275,469)

Direct Usage Popularity

Community

Embed Package Health Score Badge

Maintenance

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Package

Readme

@visx/vendor

Vendored packages

How it works

ESM

CommonJS

Root index files & types

@visx/vendor dependencies

@visx/vendor development dependencies

FAQs

What is @visx/vendor?

Is @visx/vendor popular?

Is @visx/vendor well maintained?

Is @visx/vendor safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Fix identified vulnerabilities

Monitor for new issues

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (275,469)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Readme

@visx/vendor

Vendored packages

How it works

ESM

CommonJS

Root index files & types

@visx/vendor dependencies

@visx/vendor development dependencies

FAQs

What is @visx/vendor?

Is @visx/vendor popular?

Is @visx/vendor well maintained?

Is @visx/vendor safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues