taro-list

v1.0.8

基于 Taro 的列表刷新组件, 支持下拉刷新, 上拉加载, 虚拟列表

Unknown
Latest version published 10 months ago
    npm install taro-list
  
We couldn't find any similar packages Browse all packages

Package Health Score

50 / 100
Make sure the open source you're using is safe to use
Secure my Project

Popularity

Limited

Weekly Downloads (99)

Dependents
0
GitHub Stars
35
Forks
9
Contributors
1

The npm package taro-list receives a total of 99 downloads a week. As such, we scored taro-list popularity level to be Limited.

Based on project statistics from the GitHub repository for the npm package taro-list, we found that it has been starred 35 times, and that 0 other projects in the ecosystem are dependent on it.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Security

Security review needed
Powered by Snyk

Security and license risk for significant versions

All Versions

Direct Vulnerabilities

0.1.9
0.2.3
0.3.4
1.0.8
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L

Indirect Vulnerabilities

0.1.9
0.2.3
0.3.4
1.0.8
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L

License Risks

0.1.9
0.2.3
0.3.4
1.0.8
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
All security vulnerabilities belong to production dependencies of direct and indirect packages.

License
Unknown
Alert

Unable to detect license

We couldn’t find an appropriate license for this project. It is highly advised to make sure the project license is compatible with your business needs before including it as a dependency, to keep yourself protected from infringement suits or loss of your own code.


Security Policy
No

We found a way for you to contribute to the project! Looks like taro-list is missing a security policy.


You can connect your project's repository to Snyk to stay up to date on security alerts and receive automatic fix pull requests.

    # Install the Snyk CLI and test your project
npm i snyk -g && snyk test taro-list
Keep your project free of vulnerabilities with Snyk

Maintenance

Inactive

Commit Frequency

Open Issues
7
Open PR
3
Last Release
10 months ago
Last Commit
10 months ago

Further analysis of the maintenance status of taro-list based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

We found that taro-list demonstrates a positive version release cadence with at least one new version released in the past 12 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Community

Limited
Readme.md
Yes
Contributing.md
No
Code of Conduct
No
Contributors
1
Funding
No

This project has seen only 10 or less contributors.

We found a way for you to contribute to the project! Looks like taro-list is missing a Code of Conduct.

How about a good first contribution to this project? It seems that taro-list is missing a LICENSE file.


Embed Package Health Score Badge

package health: 50/100 package health 50/100

Package

Node.js Compatibility
not defined

Age
1 year
Dependencies
4 Direct
Versions
28
Install Size
82.4 kB
Dist-tags
1
# of Files
28
Maintainers
1
TS Typings
Yes

taro-list has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.