{"id":15284421,"url":"https://github.com/foxy/foxy-elements","last_synced_at":"2026-04-17T00:02:08.639Z","repository":{"id":38173167,"uuid":"275011339","full_name":"Foxy/foxy-elements","owner":"Foxy","description":"Elements and resources for use in other front-end code, like the admin and customer portal.","archived":false,"fork":false,"pushed_at":"2026-03-30T19:27:03.000Z","size":15626,"stargazers_count":7,"open_issues_count":22,"forks_count":8,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-04-07T06:36:28.648Z","etag":null,"topics":["e-commerce","foxy","foxy-elements","web-components"],"latest_commit_sha":null,"homepage":"https://elements.foxy.dev","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Foxy.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-06-25T20:43:08.000Z","updated_at":"2026-03-30T18:57:23.000Z","dependencies_parsed_at":"2023-11-29T21:25:04.064Z","dependency_job_id":"2a194338-ace9-4259-8ad3-f762ff7b5b1c","html_url":"https://github.com/Foxy/foxy-elements","commit_stats":{"total_commits":2514,"total_committers":12,"mean_commits":209.5,"dds":"0.17899761336515518","last_synced_commit":"0e98de9ca42ba315eae3c16260c58b03968cdaca"},"previous_names":[],"tags_count":335,"template":false,"template_full_name":null,"purl":"pkg:github/Foxy/foxy-elements","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Foxy%2Ffoxy-elements","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Foxy%2Ffoxy-elements/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Foxy%2Ffoxy-elements/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Foxy%2Ffoxy-elements/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Foxy","download_url":"https://codeload.github.com/Foxy/foxy-elements/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Foxy%2Ffoxy-elements/sbom","scorecard":{"id":52292,"data":{"date":"2025-08-11","repo":{"name":"github.com/Foxy/foxy-elements","commit":"7678b53053e779f7fe191637399ed9ae38be2bdb"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":6,"checks":[{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Security-Policy","score":9,"reason":"security policy file detected","details":["Info: security policy file detected: SECURITY.md:1","Info: Found linked content: SECURITY.md:1","Warn: One or no descriptive hints of disclosure, vulnerability, and/or timelines in security policy","Info: Found text in security policy: SECURITY.md:1"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/release.yml:1","Warn: no topLevel permission defined: .github/workflows/validate-pr-title.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Pinned-Dependencies","score":4,"reason":"dependency not pinned by hash detected -- score normalized to 4","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:13: update your workflow using https://app.stepsecurity.io/secureworkflow/Foxy/foxy-elements/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/Foxy/foxy-elements/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:33: update your workflow using https://app.stepsecurity.io/secureworkflow/Foxy/foxy-elements/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/Foxy/foxy-elements/release.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/Foxy/foxy-elements/release.yml/main?enable=pin","Warn: pipCommand not pinned by hash: .github/workflows/validate-pr-title.yml:12","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   0 out of   1 pipCommand dependencies pinned","Info:   2 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/release.yml:8"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"35 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-28mc-g557-92m7","Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92","Warn: Project is vulnerable to: GHSA-x4c5-c7rf-jjgv","Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q","Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38","Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-gr4j-r575-g665","Warn: Project is vulnerable to: GHSA-8j65-4pcq-xq95","Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22","Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp","Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h","Warn: Project is vulnerable to: GHSA-593f-38f6-jp5m","Warn: Project is vulnerable to: GHSA-x2rg-q646-7m2v","Warn: Project is vulnerable to: GHSA-jgmv-j7ww-jx2x","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-hcrg-fc28-fcg5","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j","Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg","Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm","Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx","Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v","Warn: Project is vulnerable to: GHSA-52f5-9888-hmc6","Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-14T23:57:14.686Z","repository_id":38173167,"created_at":"2025-08-14T23:57:14.686Z","updated_at":"2025-08-14T23:57:14.686Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31909235,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-16T18:22:33.417Z","status":"ssl_error","status_checked_at":"2026-04-16T18:21:47.142Z","response_time":69,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["e-commerce","foxy","foxy-elements","web-components"],"created_at":"2024-09-30T14:56:07.271Z","updated_at":"2026-04-17T00:02:08.597Z","avatar_url":"https://github.com/Foxy.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Foxy Elements 🦊🏗\n\nCollection of [web components](https://developer.mozilla.org/docs/Web/Web_Components) powering the new front-end functionality at Foxy with built-in i18n and theming. Works with React, Vue, Svelte and more – or just on its own. Built with [LitElement](https://github.com/polymer/lit-element), [Tailwind](https://github.com/tailwindlabs/tailwindcss) and [Vaadin](https://github.com/vaadin/vaadin).\n\nYou can view all the components in various states, with plenty of examples, at [elements.foxy.dev](https://elements.foxy.dev/).\n\n## Getting started\n\nIf you're targeting [browsers that support ES6](https://caniuse.com/#feat=es6), you can use modules to get started with no additional setup:\n\n```html\n\u003c!-- 1. Load polyfills (optional); --\u003e\n\u003cscript src=\"https://unpkg.com/@webcomponents/webcomponentsjs@^2/webcomponents-bundle.js\"\u003e\u003c/script\u003e\n\n\u003c!-- 2. Load element (replace \"foxy-donation\" with the one you need or add more script tags); --\u003e\n\u003cscript\n  type=\"module\"\n  src=\"https://cdn-js.foxy.io/elements@1/foxy-donation.js\"\n\u003e\u003c/script\u003e\n\n\u003c!-- 3. Use the element anywhere on your page. --\u003e\n\u003cfoxy-donation\u003e\u003c/foxy-donation\u003e\n```\n\nWhen using a bundler, you have an option of registering elements with a custom name whenever it works for you in your use case. All public elements are available as named exports (PascalCase, no \"Foxy\" prefix).\n\n```js\nimport { Donation } from '@foxy.io/elements';\ncustomElements.define('my-donation', Donation);\n```\n\nThis also works great with the [`ScopedElementsMixin`](https://open-wc.org/scoped-elements/) by open-wc.org:\n\n```js\nimport { ScopedElementsMixin } from '@open-wc/scoped-elements';\nimport { Donation } from '@foxy.io/elements';\n\nclass MyElement extends ScopedElementsMixin(LitElement) {\n  static get scopedElements() {\n    return {\n      'my-donation': Donation,\n    };\n  }\n}\n```\n\nPlease keep in mind that with this approach you'll also need to take care of loading polyfills and applying necessary optimizations before deploying to production.\n\nIf you use `es-dev-server`, you might run into a few issues depending on the components you import – those are most likely caused by how `xstate` is processed by the server. We've made a number of plugins ([one](./plugins/fix-xstate-chalk-imports.js), [two](./plugins/use-es-version-of-xstate.js), [three](./plugins/set-node-env.js)) to battle that. They're a bit hacky and may not work in every scenario, so we are not going to publish them on npm, but you can still use them as a starting point to bring your setup back in action.\n\n## Development\n\nTo run this project locally, you'll need Node.JS installed on your machine. If you don't have it already, we suggest getting the latest LTS release from nodejs.org. Additionally, you can update npm (comes with Node.JS) to the latest version by running the following command in your Terminal:\n\n```sh\nnpm install npm@latest -g\n```\n\nOnce that's done, [clone](https://docs.github.com/en/github/creating-cloning-and-archiving-repositories/cloning-a-repository) or download this repository, switch to the folder you placed it in and install the dependencies with npm:\n\n```sh\nnpm install\n```\n\nThere's a number of useful scripts that you might need:\n\n- `npm run storybook` runs Storybook;\n- `npm run format` fixes style errors in your code;\n- `npm run lint` shows style errors in your code;\n- `npm run test` runs all test suites with [Karma](https://github.com/karma-runner/karma);\n- `npm run test:watch -- --group foxy-attribute-card` runs tests in watch mode for a specific element;\n- `npm run wca` generates docs for element slots and attributes;\n- `npm run generate-schemas` generates JSONSchemas for element translations based on English i18n files;\n- `npm run generate-groups` generates test groups for elements;\n\nNote: depending on the hardware, some tests may start failing with a timeout error when running the entire test suite with `npm run test`. If that happens on your machine, try running tests for individual elements instead with `npm run test -- --group element-name`.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffoxy%2Ffoxy-elements","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffoxy%2Ffoxy-elements","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffoxy%2Ffoxy-elements/lists"}