{"id":42144069,"url":"https://github.com/vanillaes/esmtk","last_synced_at":"2026-04-17T00:05:24.113Z","repository":{"id":44790213,"uuid":"273383973","full_name":"vanillaes/esmtk","owner":"vanillaes","description":"ES Module ToolKit","archived":false,"fork":false,"pushed_at":"2026-04-14T22:53:16.000Z","size":719,"stargazers_count":11,"open_issues_count":4,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-04-15T00:31:43.138Z","etag":null,"topics":["cli","developer-tools","esm","esmodules","nodejs"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/vanillaes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-06-19T02:14:47.000Z","updated_at":"2026-04-14T22:53:20.000Z","dependencies_parsed_at":"2022-07-25T23:17:30.919Z","dependency_job_id":null,"html_url":"https://github.com/vanillaes/esmtk","commit_stats":null,"previous_names":[],"tags_count":100,"template":false,"template_full_name":null,"purl":"pkg:github/vanillaes/esmtk","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vanillaes%2Fesmtk","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vanillaes%2Fesmtk/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vanillaes%2Fesmtk/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vanillaes%2Fesmtk/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/vanillaes","download_url":"https://codeload.github.com/vanillaes/esmtk/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/vanillaes%2Fesmtk/sbom","scorecard":{"id":915967,"data":{"date":"2025-08-11","repo":{"name":"github.com/vanillaes/esmtk","commit":"4b80453c62e3f6e354951376efa98d2217883fd7"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.4,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/latest.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/vanillaes/esmtk/latest.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/latest.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/vanillaes/esmtk/latest.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/latest.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/vanillaes/esmtk/latest.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/vanillaes/esmtk/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/vanillaes/esmtk/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/vanillaes/esmtk/release.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:37: update your workflow using https://app.stepsecurity.io/secureworkflow/vanillaes/esmtk/release.yml/main?enable=pin","Warn: npmCommand not pinned by hash: .github/workflows/latest.yml:34","Warn: npmCommand not pinned by hash: .github/workflows/release.yml:30","Info:   0 out of   7 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   2 npmCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/latest.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'main'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}}]},"last_synced_at":"2025-08-24T20:59:54.153Z","repository_id":44790213,"created_at":"2025-08-24T20:59:54.153Z","updated_at":"2025-08-24T20:59:54.153Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31907720,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-16T18:22:33.417Z","status":"ssl_error","status_checked_at":"2026-04-16T18:21:47.142Z","response_time":69,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","developer-tools","esm","esmodules","nodejs"],"created_at":"2026-01-26T17:51:19.749Z","updated_at":"2026-04-17T00:05:24.104Z","avatar_url":"https://github.com/vanillaes.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003eECMAScript Module Toolkit\u003c/h1\u003e\n\n\u003cdiv align=\"center\"\u003eESMTK, essential tools for ECMAScript module development\u003c/div\u003e\n\n\u003cbr /\u003e\n\n\u003cdiv align=\"center\"\u003e\n  \u003ca href=\"https://github.com/vanillaes/esmtk/releases\"\u003e\u003cimg src=\"https://badgen.net/github/tag/vanillaes/esmtk?cache-control=no-cache\" alt=\"GitHub Release\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://npmjs.com/package/@vanillaes/esmtk\"\u003e\u003cimg src=\"https://badgen.net/npm/dm/@vanillaes/esmtk?icon=npm\" alt=\"NPM Monthly Downloads\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://jsr.io/@vanillaes/esmtk\"\u003e\u003cimg src=\"https://jsr.io/badges/@vanillaes/esmtk/weekly-downloads\" alt=\"JSR Weekly Downloads\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://jsr.io/@vanillaes/esmtk\"\u003e\u003cimg src=\"https://jsr.io/badges/@vanillaes/esmtk/score\" alt=\"JSR Score\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/vanillaes/esmtk/actions\"\u003e\u003cimg src=\"https://github.com/vanillaes/esmtk/workflows/Latest/badge.svg\" alt=\"Latest Status\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/vanillaes/esmtk/actions\"\u003e\u003cimg src=\"https://github.com/vanillaes/esmtk/workflows/Release/badge.svg\" alt=\"Release Status\"\u003e\u003c/a\u003e\n\u003c/div\u003e\n\n## Commands\n\n- [init](#init) - Create a package.json file for ECMAScript module development\n- [test](#test) - Run tests (using Tape-ES)\n- [lint](#lint) - Lint the source code (using Lint-ES)\n- [type](#type) - Type check the JSDoc typings (using Typescript)\n- [bundle](#bundle) - Bundle the source code to an ECMAScript module (using ESBuild)\n- [minify](#minify) - Bundle and Minify the source code to an ECMAScript module (using ESBuild)\n- [typings](#typings) - Generate Type Declarations (.d.ts) from JSDoc (using Typescript)\n- [clean](#clean) - Clean up build artifacts\n- [preview](#preview) - Preview the package contents included during `npm publish`\n- [version](#version) - Bump the package version and tag the release in Git\n\n\n## Init\n\nCreate a package.json file for ECMAScript module development\n\n### Arguments\n\n`esmtk init [...options]`\n\n- `--scripts` - Include ESMTK scripts?\n\n### Usage\n\n```sh\n# init package.json\nnpx @vanillaes/esmtk init\n\n# init package.json (including ESMTK scripts)\nnpx @vanillaes/esmtk init --scripts\n```\n\n\n## Test\n\nRun tests (using Tape-ES)\n\n### Arguments\n\n`esmtk test [...options] [glob]`\n\n- `[glob]` - Glob(s) used to locate test files (default: `**/*.spec.js`)\n- `--cwd \u003cdir\u003e` - The current working directory (default `process.cwd()`)\n- `--ignore \u003cpattern\u003cs\u003e\u003e` - Glob(s) to ignore (default `**/node_modules/**`)\n- `--watch` - Watch for changes to the test(s)\n\n### Usage\n\n```sh\n# run the tests\nesmtk test\n\n# run the tests (using a different naming scheme)\nesmtk test **/*.test.js\n\n# run the tests (ignore tests)\nesmtk test **/*.test.js --ignore **/node_modules/**,src/util.spec.js\n\n# run the tests (change the current working directory)\nesmtk test **/*.test.js --cwd src/\n\n# run the tests (watch for changes)\nesmtk test --watch\n```\n\n\n## Lint\n\nLint the source code (using Lint-ES)\n\n### Arguments\n\n`esmtk lint [...options]`\n\n- `--cwd \u003cdir\u003e` - Current working directory (default `process.cwd()`)\n- `--fix` - Automatically fix problems\n- `--ignore \u003cpattern(s)\u003e` - File(s) to ignore\n\n### Usage\n\n```sh\n# lint the sources\nesmtk lint\n\n# lint the sources (change the current working directory)\nesmtk lint --cwd src/\n\n# lint the sources and attempt to automatally fix the issues\nesmtk lint --fix lint\n\n# lint the sources (ignore files)\nesmtk lint --ignore src/\n```\n\n\n## Type\n\nType check the JSDoc typings (using Typescript)\n\n### Arguments\n\n`esmtk type [...options] [entry]`\n\n- `[entry]` - Entry-point for the source (default: `[entry-poiont].js`)\n- `--module \u003ctype\u003e` - Module resolution type (default `esnext`)\n- `--strict` - Enable 'strict mode' type checks\n- `--types \u003ctype(s)\u003e` - Specify type package names to include (ex `node` for `@types/node`)\n\n### Usage\n\n```sh\n# type check the sources\nesmtk type index.js\n\n# type check the sources (with 'node' module resolution)\nesmtk type --module nodenext index.js\n\n# type check the sources (with 'strict mode' enabled)\nesmtk type --strict index.js\n\n# type check the sources (with '@types/node' typings included)\nesmtk type --types node index.js\n```\n\n**Node: Due to Typescript limitations, inline JSDoc typings will be ignored if typings (ie `*.d.ts` files) exist.**\n\n\n## Bundle\n\nBundle the source code to an ECMAScript module (using ESBuild)\n\n### Arguments\n\n`esmtk bundle [...options] [input] [output]`\n\n- `[input]` - Input source file path (default: `[entry-poiont].js`)\n- `[output]` - Output bundle file path (default: `[entry-point].esm.js`)\n- `--platform \u003ctarget\u003e` - Target platform (ex `node`)\n\n### Usage\n\n```sh\n# bundle ESM source -\u003e ESM bundle\nesmtk bundle src/sample.js bundle.js\n\n# bundle ESM source -\u003e ESM bundle (includes Node-specific bindings)\nesmtk bundle --platform=node src/sample.js bundle.js\n```\n\n\n## Minify\n\nBundle and Minify the source code to an ECMAScript module (using ESBuild)\n\n### Arguments\n\n`esmtk minify [...options] [input] [output]`\n\n- `[input]` - Input source file path (default: `[entry-poiont].js`)\n- `[output]` - Output minified bundle file path (default: `[entry-poiont].min.js`)\n- `--platform \u003ctarget\u003e` - Target platform (ex `node`)\n- `--sourcemap` - Generate a source map for the minified bundle\n\n### Usage\n\n```sh\n# bundle ESM source -\u003e minified ESM bundle\nesmtk minify src/sample.js bundle.min.js\n\n# bundle ESM source -\u003e minified ESM bundle (includes Node-specific bindings)\nesmtk minify --platform=node src/sample.js bundle.min.js\n\n# bundle ESM source -\u003e minified ESM bundle (output a sourcemap)\nesmtk minify --sourcemap src/sample.js bundle.min.js\n```\n\n\n## Typings\n\nGenerate Type Declarations (.d.ts) from JSDoc (using Typescript)\n\n### Arguments\n\n`esmtk typings [options...] [entry]`\n\n- `[entry]` - Entry-point for the source (default: `[entry-poiont].js`)\n- `--module \u003ctype\u003e` - Module resolution type (default `esnext`)\n- `--types \u003ctype(s)\u003e` - Specify type package names to include (ex `node` for `@types/node`)\n\n### Usage\n\n```sh\n# generate .d.ts files for all linked source files\nesmtk typings index.js\n\n# generate .d.ts files for all linked source files (with 'node' module resolution)\nesmtk typings --module nodenext index.js\n\n# generate .d.ts files for all linked source files (with '@types/node' typings included)\nesmtk typings --types node index.js\n```\n\n\n## Clean\n\nClean up build artifacts\n\n### Arguments\n\n`esmtk clean [...options] [cwd]`\n\n- `[cwd]` - Current working directory (default: `process.cwd()`)\n- `--bundle` - Clean bundled build artifacts (default: `**/*.esm.js`)\n- `--minify` - Clean minified build artifacts (default: `**/*.min.js`)\n- `--typings` - Clean typing artifacts (default: `**/*.d.ts`)\n- `--custom [pattern]` - Clean based on a user-defined pattern\n\n### Usage\n\n```sh\n# clean all build artifacts\nesmtk clean --bundle --minify --typings\n\n# override default extension\nesmtk clean --bundle *.mjs\n\n# define your own pattern\nesmtk clean --custom *.scss.css\n```\n\n**Node: The `clean` command automatically ignores the contents of `node_modules/`**\n\n\n## Preview\n\nPreview the package contents included during `npm publish`\n\n### Arguments\n\n`esmtk preview [...options]`\n\n- `--cwd \u003cdir\u003e` - Current working directory\n\n### Usage\n\n```sh\n# preview the package contents\nesmtk preview\n\n# preview the package contents (from another directory)\nesmtk preview --cwd some/other/dir\n```\n\n## Version\n\nBump the package version and tag the release in Git\n\nSteps:\n1. (if present) Run the `preversion` script\n2. Bump the version in `package.json`\n3. (if present) Bump the version in `package-lock.json`\n4. (if present) Bump the version in `jsr.json`\n5. (if present) Run the `version` script\n6. Commit the changes and tag the commit with the version number in `git`\n7. (if present) Run the `postversion` script\n\n### Arguments\n\n`esmtk version [...options] [release]`\n\n- `[release]` - `major` | `minor` | `patch` | `premajor` | `preminor` | `prepatch` | `prerelease` | `\u003cversion\u003e`\n- `--allow-same-version` - Allow the version if it already exists (default: false)\n- `--cwd \u003cdir\u003e` - Current working directory\n- `--force` - Commit even if the working directory is not clean (default: false)\n- `--no-git-tag-version` - Tag the version in git? (default: true)\n- `--message \u003cmessage\u003e` - Git commit message (%s is replaced with the version number in the message)\n- `--preid \u003cid\u003e` - Pre-release identifier (ex \"rc\" -\u003e 1.2.0-rc.8)\n\n### Usage\n\n```sh\n# Bump the major version\nesmtk version major\n\n# Bump the minor version\nesmtk version major\n\n# Bump the patch version\nesmtk version major\n\n# Bump the patch version (with a version that already exists)\nesmtk version patch --allow-same-version\n\n# Bump the patch version (change the current working directory)\nesmtk version patch --cwd src/\n\n# Bump the patch version (even if the working directory contains uncommitted changes)\nesmtk version patch --force\n\n# Bump the patch version (don't tag the release in git)\nesmtk version patch --no-git-tag-version\n\n# Bump the patch version (with a custom commit message on the tag)\nesmtk version patch --message \"Release %s\"\n\n# Bump the patch version (add the prerelease id, ex \"rc\" -\u003e 1.2.0-rc.8)\nesmtk version patch --preid rc\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvanillaes%2Fesmtk","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fvanillaes%2Fesmtk","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fvanillaes%2Fesmtk/lists"}