{"id":42215134,"url":"https://github.com/abcnews/mount-utils","last_synced_at":"2026-01-27T01:12:01.507Z","repository":{"id":57094073,"uuid":"281582352","full_name":"abcnews/mount-utils","owner":"abcnews","description":"Utilities for working with mount points","archived":false,"fork":false,"pushed_at":"2023-07-17T05:22:58.000Z","size":494,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-10-09T21:26:52.282Z","etag":null,"topics":["library"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/abcnews.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-07-22T05:21:24.000Z","updated_at":"2024-05-30T14:49:42.000Z","dependencies_parsed_at":"2024-06-21T12:56:05.515Z","dependency_job_id":"6131f8b8-7f75-4a97-89e2-e187cd5d466d","html_url":"https://github.com/abcnews/mount-utils","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/abcnews/mount-utils","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Fmount-utils","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Fmount-utils/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Fmount-utils/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Fmount-utils/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/abcnews","download_url":"https://codeload.github.com/abcnews/mount-utils/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/abcnews%2Fmount-utils/sbom","scorecard":{"id":160066,"data":{"date":"2025-08-11","repo":{"name":"github.com/abcnews/mount-utils","commit":"625a1be8b6ac59c101123b6bc1415485f38a9e79"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.9,"checks":[{"name":"Code-Review","score":1,"reason":"Found 2/13 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/main.yml:1","Warn: no topLevel permission defined: .github/workflows/size.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/abcnews/mount-utils/main.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/main.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/abcnews/mount-utils/main.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/main.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/abcnews/mount-utils/main.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/size.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/abcnews/mount-utils/size.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/size.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/abcnews/mount-utils/size.yml/master?enable=pin","Info:   0 out of   3 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 13 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"13 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-3mv9-4h5g-vhg3","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T13:08:30.602Z","repository_id":57094073,"created_at":"2025-08-16T13:08:30.602Z","updated_at":"2025-08-16T13:08:30.602Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28794959,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-27T01:07:07.743Z","status":"ssl_error","status_checked_at":"2026-01-27T01:07:06.974Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["library"],"created_at":"2026-01-27T01:12:00.833Z","updated_at":"2026-01-27T01:12:01.496Z","avatar_url":"https://github.com/abcnews.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# @abcnews/mount-utils\n\nUtilities for working with mount points.\n\n## Usage\n\n```sh\nnpm i @abcnews/mount-utils\n```\n\n```html\n\u003cbody\u003e\n  \u003cdiv id=\"abc\" data-mount /\u003e\n  \u003ca id=\"abc123\" /\u003e\n  \u003ca name=\"def\" /\u003e\n  \u003ca id=\"ghi\" href=\"https://www.abc.net.au/news/\"\u003e\n    A link that is also a #ghi deep link\n  \u003c/a\u003e\n  \u003cp\u003eNot a mount\u003c/p\u003e\n\u003c/body\u003e\n```\n\n```js\nimport {\n  isMount,\n  getMountValue,\n  selectMounts\n} from '@abcnews/mount-utils';\n\nselectMounts();\n// \u003e [\u003cdiv id=\"abc\" data-mount\u003e, \u003cdiv id=\"abc123\" data-mount\u003e, \u003cdiv id=\"def\" data-mount\u003e]\n\nselectMounts('abc', {exact: true})\n// \u003e [\u003cdiv id=\"abc\" data-mount\u003e]\n\nselectMounts('abc')\n// \u003e [\u003cdiv id=\"abc\" data-mount\u003e, \u003cdiv id=\"abc123\" data-mount\u003e]\n\n[...document.body.children].filter(isMount).map(getMountValue);\n// \u003e ['abc', 'abc123, 'def']\n```\n\n## History\n\nCore Media allows the creation of [deep links](https://en.wikipedia.org/wiki/URI_fragment) in Article documents' rich text by writing a line containing only a `#` character followed by one or more alphanumeric characters:\n\n\u003e I'm a paragraph before the deep link.\n\u003e\n\u003e #example\n\u003e\n\u003e I'm a paragraph after the deep link.\n\nIn Phase 1 / Phase 2 applications, deep links are rendered as `\u003ca\u003e` elements with their `name` attribute set to the deep link's value, e.g: `\u003ca name=\"example\" /\u003e`. Our original strategy with mount points was to select these elements with something like: `` (value) =\u003e document.querySelector(`a[name^=\"${value}\"]`) ``, replace them with block elements (usually `\u003cdiv\u003e`s), then append interactive content to them.\n\nWhen Presentation Layer was originally introduced, the News Web team had recognised that `\u003ca name=\"example\" /\u003e` is invalid HTML5, as deep links should be defined by the `id` attribute. Because of this, PL applications debuted with the HTML5-spec-pleasing form: `\u003ca id=\"example\" /\u003e`.\n\nThis made things slightly more complicated, because although we could simply extend our selectors to `` `a[name^=\"${value}\"],a[id^=\"${value}\"]` `` and cover both variants, we'd have to update many older interactives/libraries to support the new pattern if we wanted them to have a chance of running atop PL. It would also be more dangerous to replace these elements with `\u003cdiv\u003e`s to mount interactives to, because PL's React DOM tree could be re-written at any point, reverting our modifications (or worse: introducing page-crashing bugs).\n\nAn effort to support mount points as a first-class citizen in PL began in early 2020, and has resulted in changes in how PL renders deep links on the News Web application, making them safer for our use. They are now `\u003cdiv\u003e` elements that are guaranteed to not revert any DOM structure appended to them. They now look like this: `\u003cdiv id=\"example\" data-mount /\u003e`.\n\nOf course, this complicates our mount point selection further, which is the main thing this library tries to address (by hiding the implementation details behind an API), but it'll give us more power and consistency, going forward.\n\n## API\n\n### `selectMounts(selector?: string, options?: SelectMountsOptions): Mount[]`\n\nReturns an array of mount nodes that match the selector and may have been transformed as per the supplied options.\n\n```ts\ntype SelectMountsOptions{\n  exact?: boolean; // default false\n  includeOwnUsed?: boolean; // default false\n  markAsUsed?: boolean; // default true\n}\n```\n\nAny mount points that have been marked as used by another instance of this library will always be excluded from the results.\n\nThe examples below assume that they're run in isolation. In reality, unless the `markAsUsed` option is `false` and/or the `includeOwnUsed` option is `true`, the same mounts would not be returned on a subsequent call.\n\n```html\n\u003cbody\u003e\n  \u003cdiv id=\"abc\" /\u003e\n  \u003cdiv id=\"abcdef\" /\u003e\n  \u003cdiv id=\"ghi\" data-mount /\u003e\n  \u003cdiv id=\"abc123\" data-mount /\u003e\n  \u003cdiv id=\"other\" data-mount data-mount-used=\"some-uuid\" /\u003e\n\u003c/body\u003e\n```\n\n```js\nimport { selectMounts } from '@abcnews/mount-utils';\n\nselectMounts();\n// \u003e [\u003cdiv id=\"abc\"\u003e, \u003cdiv id=\"abcdef\"\u003e, \u003cdiv id=\"ghi\"\u003e, \u003cdiv id=\"abc123\"\u003e]\n\nselectMounts('abc');\n// \u003e [\u003cdiv id=\"abc\"\u003e, \u003cdiv id=\"abcdef\"\u003e, \u003cdiv id=\"abc123\"\u003e]\n\nselectMounts('abc', { exact: true });\n// \u003e [\u003cdiv id=\"abc\"\u003e]\n```\n\n### `isMount(x: unknown, selector?: string, exact?: boolean): boolean`\n\nReturns whether the argument passed in is a mount point.\n\nWill return `true` for valid mount points even if marked as used, including those marked by another instance of this library.\n\n```html\n\u003cbody\u003e\n  \u003cdiv id=\"abc\" data-mount /\u003e\n\u003c/body\u003e\n```\n\n```js\nimport { isMount } from '@abcnews/mount-utils';\n\nisMount(123);\n// \u003e false\n\nisMount(document.body);\n// \u003e false\n\nisMount(document.body.firstElementChild);\n// \u003e true\n```\n\nIt first checks that the argument is an `Element`, then checks that it has attributes matching a valid mount point.\n\n#### Use with a selector value\n\nReturns whether the first argument passed in is a mount point _and_ matches a given selector value (as a prefix by default and optionally as an exact match by passing `true` as the third argument).\n\n```html\n\u003cbody\u003e\n  \u003cp\u003eNope\u003c/p\u003e\n  \u003cdiv id=\"abc\" /\u003e\n  \u003cdiv id=\"abc123\" /\u003e\n  \u003cdiv id=\"abc456\" data-mount /\u003e\n  \u003cdiv id=\"def\" data-mount /\u003e\n\u003c/body\u003e\n```\n\n```js\n[...document.body.children].map((el) =\u003e isMount(el));\n// \u003e [false, true, true, true, true]\n\n[...document.body.children].map((el) =\u003e isMount(el, 'abc'));\n// \u003e [false, true, true, true, false]\n\n[...document.body.children].map((el) =\u003e isMount(el, 'abc', true));\n// \u003e [false, true, false, false, false]\n```\n\n### `getMountValue(el: Element, prefix?: string): string`\n\nReturns the value of the applicable attribute on a mount point and optionally trims a supplied prefix.\n\n```html\n\u003cbody\u003e\n  \u003cdiv id=\"abc\" /\u003e\n  \u003cdiv id=\"abcdef\" /\u003e\n  \u003cdiv id=\"ghi\" data-mount /\u003e\n  \u003cdiv id=\"abc123\" data-mount /\u003e\n\u003c/body\u003e\n```\n\n```js\nimport { getMountValue } from '@abcnews/mount-utils';\n\n[...document.body.children].map((el) =\u003e getMountValue(el));\n// \u003e ['abc', 'abcdef, 'ghi', 'abc123']\n\n[...document.body.children].map((el) =\u003e getMountValue(el, 'abc'));\n// \u003e ['', 'def, 'ghi', '123']\n```\n\n### `useMount(mount: Mount)`\n\nMark a mount as used. This should be used sparingly since `selectMounts` will do this automatically by default.\n\nA mount is considered used if it has a `data-mount-used=\"\u003csome uuid\u003e\"` attribute set. The UUID is unique to the instance of this library.\n\n```html\n\u003cbody\u003e\n  \u003cdiv id=\"abc\" data-mount /\u003e\n\u003c/body\u003e\n```\n\n```js\nconst els = selectMounts('abc', { markAsUsed: false });\n// \u003e [\u003cdiv id=\"abc\" data-mount\u003e]\n\nuseMount(els[0]);\n// \u003e \u003cdiv id=\"abc\" data-mount data-mount-used=\"\u003cuuid\u003e\"\u003e\n```\n\n### `isUsed(mount: Mount)`\n\nCheck if a mount point has been marked as used.\n\n```html\n\u003cbody\u003e\n  \u003cdiv id=\"abc\" data-mount /\u003e\n\u003c/body\u003e\n```\n\n```js\nselectMounts('abc').map((mnt) =\u003e isUsed(mnt));\n// \u003e [true]\n\nselectMounts('abc', { markAsUsed: false }).map((mnt) =\u003e isUsed(mnt));\n// \u003e [false]\n```\n\n## Authors\n\n- Colin Gourlay ([Gourlay.Colin@abc.net.au](mailto:Gourlay.Colin@abc.net.au))\n- Simon Elvery ([Elvery.Simon@abc.net.au](mailto:Elvery.Simon@abc.net.au))\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabcnews%2Fmount-utils","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fabcnews%2Fmount-utils","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fabcnews%2Fmount-utils/lists"}