{"id":23782551,"url":"https://github.com/roydejong/upload-buddy","last_synced_at":"2026-02-07T23:32:11.204Z","repository":{"id":42919988,"uuid":"246014590","full_name":"roydejong/upload-buddy","owner":"roydejong","description":"💚 Upload Buddy makes it easy to integrate smart, interactive file uploads into any application.","archived":false,"fork":false,"pushed_at":"2025-09-05T14:07:42.000Z","size":930,"stargazers_count":1,"open_issues_count":2,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-08T10:50:35.062Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/roydejong.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2020-03-09T11:12:26.000Z","updated_at":"2025-09-05T14:04:47.000Z","dependencies_parsed_at":"2025-01-01T12:16:16.459Z","dependency_job_id":"20eeb480-9a76-46fb-b2e9-805f949f3203","html_url":"https://github.com/roydejong/upload-buddy","commit_stats":{"total_commits":39,"total_committers":2,"mean_commits":19.5,"dds":"0.23076923076923073","last_synced_commit":"d5f842f805fc51935882c1608e43f3438adc4732"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/roydejong/upload-buddy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roydejong%2Fupload-buddy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roydejong%2Fupload-buddy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roydejong%2Fupload-buddy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roydejong%2Fupload-buddy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/roydejong","download_url":"https://codeload.github.com/roydejong/upload-buddy/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/roydejong%2Fupload-buddy/sbom","scorecard":{"id":785825,"data":{"date":"2025-08-11","repo":{"name":"github.com/roydejong/upload-buddy","commit":"4f538ee7df85067ee2db6fb46250df478cf66b5b"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.3,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v1.1.0 not signed: https://api.github.com/repos/roydejong/upload-buddy/releases/39581535","Warn: release artifact v1.0 not signed: https://api.github.com/repos/roydejong/upload-buddy/releases/24462046","Warn: release artifact v1.1.0 does not have provenance: https://api.github.com/repos/roydejong/upload-buddy/releases/39581535","Warn: release artifact v1.0 does not have provenance: https://api.github.com/repos/roydejong/upload-buddy/releases/24462046"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-23T06:04:29.462Z","repository_id":42919988,"created_at":"2025-08-23T06:04:29.462Z","updated_at":"2025-08-23T06:04:29.462Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29212585,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-07T23:14:30.912Z","status":"ssl_error","status_checked_at":"2026-02-07T23:14:17.253Z","response_time":63,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-01T12:16:08.610Z","updated_at":"2026-02-07T23:32:11.189Z","avatar_url":"https://github.com/roydejong.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# 💚 Upload Buddy\n\n![npm](https://img.shields.io/npm/v/upload-buddy?style=flat-square)\n\n**Upload Buddy is a lightweight JavaScript library that makes it easy to integrate smart, interactive file uploads into any form.**\n\nHere's what we have to offer:\n\n- 😊 User-friendly UI with browse and drag \u0026 drop support.\n- ☁ Lightweight: pure JavaScript, no extra dependencies.\n- 🔎 Inline image preview + crop tool integration.\n- 📄 Easy to integrate \u0026 supports showing pre-filled file values.\n\n## Preview\n\n\u003cp align=\"center\"\u003e\n\n![UbField idle, default style](docs/ss-control-blank.png)\n\n↓\n\n![UbField in action, default style](docs/ss-control-filled.png)\n\n\u003c/p\u003e\n\n## Installation\nThis library is available as a package on npm: `upload-buddy`.\n\nTo use Upload Buddy, include `upbud.min.js` on your page. We also recommend including our default stylesheet (`default.css`), unless you are planning on providing your own styles.\n\n```html\n\u003cscript src=\"upload-buddy/dist/upbud.min.js\"\u003e\u003c/script\u003e\n\u003clink rel=\"stylesheet\" href=\"upload-buddy/dist/default.css\"/\u003e\n```\n\n## Configuration\nYou must provide your own `\u003cinput type=\"file\"/\u003e` field on the page. Upload Buddy will wrap that field and replace it with a friendly interface. To do so, simply call `UbField.setup()` with a query selector and any custom options:\n\n```javascript\nUbField.setup('#the-file', {\n  // Define upload target:\n  target: \"/my_upload_endpoint\",\n\n  // Set a built-in language (en, nl):\n  lang: \"nl\",\n\n  // Individual text overrides / translations:\n  text: {\n    \"drop_file\": \"🔥 Drop it like it's hot 🔥\"\n  },\n\n  // To show pre-filled file on the UI:\n  file: {\n    name: \"prefilled-file-value.jpg\",\n    size: 79000,\n    url: \"https://live.staticflickr.com/4561/38054606355_26429c884f_b.jpg\",\n    type: \"image/png\",\n    custom: \"metadata\"\n  },\n  \n  // Optional callback functions:\n  /**\n   * Called when the user selects a file, right before the XHR request is sent.\n   * \n   * @param {File} file Raw file object\n   */\n  onUploadStart: (file) =\u003e {\n    console.log(`Upload started: ${file.name}`);\n  },\n  /**\n   * Called when the upload progress changes.\n   * \n   * @param {Number} progress Progress percentage\n   */\n  onUploadProgress: (progress) =\u003e {\n    console.log(`Upload progress: ${progress.toFixed(2)}%`);\n  },\n  /**\n   * Called when the upload is successful.\n   * \n   * @param {?Object} response JSON response object from the server, if any\n   */\n  onUploadSuccess: (response) =\u003e {\n      console.log(\"Upload successful!\", response);\n  },\n  /**\n   * Called when the upload fails for any reason.\n   *\n   * @param {?string} error Raw XHR response text, if any\n   */\n  onUploadError: (response) =\u003e {\n      console.error(\"Upload failed!\", response);\n  }\n});\n```\n\n*Note: You can set the global default configuration for `UbField` by modifying the value of `UbFieldConfig.defaults`.*\n\n## Integration\n\n### Events\n\n#### `ub-ready`\nThis event is emitted on the document when the script has loaded. This may be useful if you are loading the script with async/defer.\n\n### Upload step\n\nIf the input renders without a pre-filled `file` object in the configuration, or once \"Delete\" is clicked on a previously selected file, the field will instead appear empty:\n\n![UbField blank, default style](docs/ss-control-blank.png)\n\nThe user can either drag and drop a file onto the control, or click it anywhere to manually select a file.\n\n### Ajax upload\n\nWhen a file is selected by any means, a `POST` HTTP request will be sent to the configured `target` URL. The request will contain `FormData`, with the actual file data under the `file` key.\n\n- **Your endpoint should respond with a `200 OK` if the upload was successful.** \n    - You can include a JSON object in the response body. We'll use the `url` property from the object if you provide it, to determine the final URL of the file. Any other data is passed back to you when the form is submitted (useful for communicating things like an upload ID).  \n    \n- **Any non-200 status code is seen as an error.**\n    - You may optionally include a plain-text error message in the response body that will be shown to the user.\n    \n## Extras\n    \n### Cropper.js\n    \nIntegration with [Cropper.js](https://github.com/fengyuanchen/cropperjs) is supported. Simply include the library before activating Upload Buddy, and when an image is selected, a \"Crop\" button will appear (we will test if `window.Cropper` is defined).\n\nOnce the image has been cropped, it will be re-uploaded automatically, and the field's value will be updated accordingly.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froydejong%2Fupload-buddy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Froydejong%2Fupload-buddy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Froydejong%2Fupload-buddy/lists"}