{"id":13400150,"url":"https://github.com/adaltas/node-csv","last_synced_at":"2025-12-16T18:03:47.249Z","repository":{"id":1087353,"uuid":"938475","full_name":"adaltas/node-csv","owner":"adaltas","description":"Full featured CSV parser with simple api and tested against large datasets.","archived":false,"fork":false,"pushed_at":"2025-10-07T13:43:23.000Z","size":8782,"stargazers_count":4242,"open_issues_count":48,"forks_count":279,"subscribers_count":39,"default_branch":"master","last_synced_at":"2025-12-08T09:51:15.549Z","etag":null,"topics":["csv","nodejs","parser","streaming"],"latest_commit_sha":null,"homepage":"https://csv.js.org","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/adaltas.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2010-09-25T14:20:57.000Z","updated_at":"2025-12-08T04:07:11.000Z","dependencies_parsed_at":"2024-01-08T09:26:03.510Z","dependency_job_id":"90854d1e-505c-4b8f-9f3c-80e1e2e18cbe","html_url":"https://github.com/adaltas/node-csv","commit_stats":{"total_commits":2227,"total_committers":136,"mean_commits":16.375,"dds":0.09609339919173776,"last_synced_commit":"bec3f12072f47f2eaf7f67b25d081d292c36de26"},"previous_names":[],"tags_count":587,"template":false,"template_full_name":null,"purl":"pkg:github/adaltas/node-csv","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adaltas%2Fnode-csv","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adaltas%2Fnode-csv/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adaltas%2Fnode-csv/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adaltas%2Fnode-csv/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/adaltas","download_url":"https://codeload.github.com/adaltas/node-csv/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/adaltas%2Fnode-csv/sbom","scorecard":{"id":164592,"data":{"date":"2025-08-11","repo":{"name":"github.com/adaltas/node-csv","commit":"18bb78ae993cc940e0b9790a2199a342d26f2d1e"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.9,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/publish.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":1,"reason":"dependency not pinned by hash detected -- score normalized to 1","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:12: update your workflow using https://app.stepsecurity.io/secureworkflow/adaltas/node-csv/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/adaltas/node-csv/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/adaltas/node-csv/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/adaltas/node-csv/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:44: update your workflow using https://app.stepsecurity.io/secureworkflow/adaltas/node-csv/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:107: update your workflow using https://app.stepsecurity.io/secureworkflow/adaltas/node-csv/publish.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/publish.yml:110: update your workflow using https://app.stepsecurity.io/secureworkflow/adaltas/node-csv/publish.yml/master?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:31","Warn: npmCommand not pinned by hash: .github/workflows/publish.yml:51","Info:   0 out of   7 GitHub-owned GitHubAction dependencies pinned","Info:   1 out of   3 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/publish.yml:102"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":0,"reason":"10 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-xffm-g5w8-qvg7","Warn: Project is vulnerable to: GHSA-wrw9-m778-g6mc","Warn: Project is vulnerable to: GHSA-pp7h-53gx-mx7r","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6","Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59","Warn: Project is vulnerable to: GHSA-x6fg-f45m-jf5q","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T14:27:43.278Z","repository_id":1087353,"created_at":"2025-08-16T14:27:43.278Z","updated_at":"2025-08-16T14:27:43.278Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":27767584,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-16T02:00:10.477Z","response_time":57,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["csv","nodejs","parser","streaming"],"created_at":"2024-07-30T19:00:48.992Z","updated_at":"2025-12-16T18:03:47.220Z","avatar_url":"https://github.com/adaltas.png","language":"JavaScript","readme":"\u003cpre\u003e\n     _   _           _        _____  _______      __\n    | \\ | |         | |      / ____|/ ____\\ \\    / /\n    |  \\| | ___   __| | ___ | |    | (___  \\ \\  / /\n    | . ` |/ _ \\ / _` |/ _ \\| |     \\___ \\  \\ \\/ /\n    | |\\  | (_) | (_| |  __/| |____ ____) |  \\  /\n    |_| \\_|\\___/ \\__,_|\\___| \\_____|_____/    \\/     MIT License\n\n\u003c/pre\u003e\n\n# CSV packages for Node.js and the web\n\nThis project provides CSV generation, parsing, transformation and serialization for Node.js.\n\nIt has been tested and used by a large community over the years and should be considered reliable. It provides every option you would expect from an advanced CSV parser and stringifier.\n\n## Project structure\n\nThis repository is a monorepo managed using [Lerna](https://github.com/lerna/lerna). There are 5 projects in the codebase, published as separated NPM packages:\n\n- [`csv`](https://csv.js.org/)\n  ([GitHub](https://github.com/adaltas/node-csv/tree/master/packages/csv)),\n  an umbrella which is itself split into 4 packages.\n- [`csv-generate`](https://csv.js.org/generate/)\n  ([GitHub](https://github.com/adaltas/node-csv/tree/master/packages/csv-generate)),\n  a flexible generator of CSV string and Javascript objects.\n- [`csv-parse`](https://csv.js.org/parse/)\n  ([GitHub](https://github.com/adaltas/node-csv/tree/master/packages/csv-parse)),\n  a parser converting CSV text into arrays or objects.\n- [`csv-stringify`](https://csv.js.org/stringify/)\n  ([GitHub](https://github.com/adaltas/node-csv/tree/master/packages/csv-stringify)),\n  a stringifier converting records into a CSV text.\n- [`stream-transform`](https://csv.js.org/transform/)\n  ([GitHub](https://github.com/adaltas/node-csv/tree/master/packages/stream-transform)),\n  a transformation framework.\n\n## Documentation\n\nThe full documentation for the current version is available on the [official CSV project website](https://csv.js.org).\n\n- [Getting Started](https://csv.js.org/project/getting-started/)\n- [Examples](https://csv.js.org/project/examples/)\n- [License](https://csv.js.org/project/license/)\n- [Community](https://csv.js.org/project/contribute/)\n\n## Features\n\n- Extends the native Node.js [transform stream API](http://nodejs.org/api/stream.html#stream_class_stream_transform)\n- Simplicity with the optional callback and sync API\n- Support for ECMAScript modules and CommonJS\n- Large documentation, numerous examples and full unit test coverage\n- Few dependencies, in many cases zero dependencies\n- Node.js support from version 8 to latest\n- Mature project with more than 10 years of history\n\n## License\n\nLicensed under the [MIT License](LICENSE).\n\n## Contributors\n\nThe project is sponsored by [Adaltas](https://www.adaltas.com), a Big Data consulting firm based in Paris, France.\n\n- David Worms: \u003chttps://github.com/wdavidw\u003e\n","funding_links":[],"categories":["JavaScript","CoffeeScript","Repository"],"sub_categories":["Parsing"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadaltas%2Fnode-csv","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadaltas%2Fnode-csv","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadaltas%2Fnode-csv/lists"}