{"id":13401771,"url":"https://github.com/webex/webex-js-sdk","last_synced_at":"2026-01-12T02:16:52.728Z","repository":{"id":37333945,"uuid":"62836827","full_name":"webex/webex-js-sdk","owner":"webex","description":"JavaScript SDK for Webex","archived":false,"fork":false,"pushed_at":"2025-12-19T09:16:53.000Z","size":772055,"stargazers_count":190,"open_issues_count":61,"forks_count":391,"subscribers_count":37,"default_branch":"next","last_synced_at":"2025-12-20T07:14:24.380Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://webex.github.io/webex-js-sdk/","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/webex.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":".github/SUPPORT.md","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2016-07-07T20:41:12.000Z","updated_at":"2025-12-19T08:50:29.000Z","dependencies_parsed_at":"2022-07-12T11:54:56.521Z","dependency_job_id":"7bed938e-1460-4352-bd16-a45d7984abb8","html_url":"https://github.com/webex/webex-js-sdk","commit_stats":{"total_commits":8494,"total_committers":184,"mean_commits":46.16304347826087,"dds":0.8262302801977867,"last_synced_commit":"1715035536d8d3d5851cba031154d3dd58a8123a"},"previous_names":["webex/spark-js-sdk","ciscospark/spark-js-sdk"],"tags_count":2144,"template":false,"template_full_name":null,"purl":"pkg:github/webex/webex-js-sdk","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/webex%2Fwebex-js-sdk","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/webex%2Fwebex-js-sdk/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/webex%2Fwebex-js-sdk/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/webex%2Fwebex-js-sdk/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/webex","download_url":"https://codeload.github.com/webex/webex-js-sdk/tar.gz/refs/heads/next","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/webex%2Fwebex-js-sdk/sbom","scorecard":{"id":73399,"data":{"date":"2025-07-21","repo":{"name":"github.com/webex/webex-js-sdk","commit":"77cabca4ae1c533c05797cb59ec95198f5ea2cf8"},"scorecard":{"version":"v5.2.1-24-gc29a04d4","commit":"c29a04d46d1570393e94662bc34e9906398e1bfa"},"score":3.4,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#code-review"}},{"name":"Maintained","score":10,"reason":"30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#maintained"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":0,"reason":"dangerous workflow patterns detected","details":["Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/pull-request.yml:326","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/pull-request.yml:414","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/pull-request.yml:58","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/pull-request.yml:282","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/pull-request.yml:372","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/pull-request.yml:458","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/pull-request.yml:129","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/pull-request.yml:182","Warn: untrusted code checkout '${{ github.event.pull_request.head.sha }}': .github/workflows/pull-request.yml:239"],"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#dangerous-workflow"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#cii-best-practices"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/deploy.yml:1","Warn: no topLevel permission defined: .github/workflows/pr-title-checker.yml:1","Warn: no topLevel permission defined: .github/workflows/pull-request.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#binary-artifacts"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#security-policy"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE.md:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#branch-protection"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:25: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:35: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:49: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:77: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:96: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:99: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:106: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:112: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:158: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:161: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:168: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:174: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:218: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:223: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:230: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:236: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:290: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:293: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:300: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/deploy.yml:306: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/deploy.yml/next?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/pr-title-checker.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pr-title-checker.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:130: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:135: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:142: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:148: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:166: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:183: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:188: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:195: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:201: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:207: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:373: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:378: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:385: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:391: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:397: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:64: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:80: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:117: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:240: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:245: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:252: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:258: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:264: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:283: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:288: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:295: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:301: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:307: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:327: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:332: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:339: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:345: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:351: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:415: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:420: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:427: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:433: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:439: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:459: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:464: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:471: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:477: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/pull-request.yml:483: update your workflow using https://app.stepsecurity.io/secureworkflow/webex/webex-js-sdk/pull-request.yml/next?enable=pin","Warn: containerImage not pinned by hash: docker/builder/Dockerfile:1: pin your Docker image by updating node:dubnium to node:dubnium@sha256:59531d2835edd5161c8f9512f9e095b1836f7a1fcb0ab73e005ec46047384911","Warn: npmCommand not pinned by hash: docker/builder/Dockerfile:12","Warn: npmCommand not pinned by hash: packages/calling/pipeline/setup.sh:14","Warn: downloadThenRun not pinned by hash: run.sh:42","Warn: npmCommand not pinned by hash: run.sh:51","Info:   0 out of  68 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   1 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned","Info:   0 out of   3 npmCommand dependencies pinned","Info:   0 out of   1 downloadThenRun dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#pinned-dependencies"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#sast"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":0,"reason":"63 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-28mc-g557-92m7","Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8","Warn: Project is vulnerable to: GHSA-7q7g-4xm8-89cq","Warn: Project is vulnerable to: GHSA-xffm-g5w8-qvg7","Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-8hc4-vh64-cxmj","Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-434g-2637-qmqr","Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m","Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw","Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p","Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747","Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh","Warn: Project is vulnerable to: GHSA-67mh-4wv8-2f99","Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc","Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx","Warn: Project is vulnerable to: GHSA-fjxv-7rqg-78g4","Warn: Project is vulnerable to: GHSA-75v8-2h7p-7m2m","Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97","Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j","Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27","Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh","Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42","Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22","Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp","Warn: Project is vulnerable to: GHSA-36fh-84j7-cv5h","Warn: Project is vulnerable to: GHSA-593f-38f6-jp5m","Warn: Project is vulnerable to: GHSA-x2rg-q646-7m2v","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-44fp-w29j-9vj5","Warn: Project is vulnerable to: GHSA-4pg4-qvpc-4q3h","Warn: Project is vulnerable to: GHSA-g5hg-p3ph-g8qg","Warn: Project is vulnerable to: GHSA-fjgf-rc76-4x9p","Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55","Warn: Project is vulnerable to: GHSA-76c9-3jph-rj3q","Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w","Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j","Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6","Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59","Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6","Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-44c6-4v22-4mhx","Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch","Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg","Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5","Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx","Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v","Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3","Warn: Project is vulnerable to: GHSA-qgmg-gppg-76g5","Warn: Project is vulnerable to: GHSA-g3ch-rx76-35fx","Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986","Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v","Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/c29a04d46d1570393e94662bc34e9906398e1bfa/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-15T04:19:36.455Z","repository_id":37333945,"created_at":"2025-08-15T04:19:36.455Z","updated_at":"2025-08-15T04:19:36.455Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28331882,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T00:36:25.062Z","status":"online","status_checked_at":"2026-01-12T02:00:08.677Z","response_time":98,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-30T19:01:06.927Z","updated_at":"2026-01-12T02:16:52.722Z","avatar_url":"https://github.com/webex.png","language":"TypeScript","funding_links":[],"categories":["JavaScript","Client SDKs","TypeScript"],"sub_categories":["Advanced APIs"],"readme":"# Webex JS SDK\n\n[![license: Cisco](https://img.shields.io/badge/License-Cisco-blueviolet?style=flat-square)](https://github.com/webex/webex-js-sdk/blob/master/LICENSE)\n![state: Stable](https://img.shields.io/badge/State-Stable-blue?style=flat-square)\n![scope: Public](https://img.shields.io/badge/Scope-Public-darkgreen?style=flat-square)\n[![Ask DeepWiki](https://deepwiki.com/badge.svg)](https://deepwiki.com/webex/webex-js-sdk)\n\nThis project is designed as a mono-repository for all publicly-provided JavaScript packages from Cisco's Webex Developer Experience team. These packages consist of mostly API-related modules that allow for seamless integration with the collection of services that belong to the Webex platform.\n\n- [Webex JS SDK](#webex-js-sdk)\n  - [Installation](#installation)\n    - [Unified Modules](#unified-modules)\n    - [Modular Modules](#modular-modules)\n  - [Usage](#usage)\n    - [Module Consumption](#module-consumption)\n    - [Browser Consumption](#browser-consumption)\n    - [Updating the Modules](#updating-the-modules)\n    - [Running and Viewing Samples](#running-and-viewing-samples)\n  - [Contribute](#contribute)\n  - [Issues](#issues)\n  - [Maintainers](#maintainers)\n  - [License](#license)\n\n## Installation\n\nSince this project is a mono-repository, it provides multiple ways to consume its distributables. Please see the respective sections below for information on how to install and consume this project.\n\n### Unified Modules\n\nUnified modules are the quickest way to begin development using the Webex JS SDK. These modules are meant to be consumed as **dependencies** of another project and can be installed by performing the following commands:\n\n```bash\n# using NPM\nnpm install {module}\n\n# using Yarn\nyarn add {module}\n```\n\nIn addition to the module consumption via [NPMJS](https://www.npmjs.com/), these modules can also be consumed via our CDN. See the below examples of how to consume the unified modules via our CDN:\n\n```html\n\u003chtml\u003e\n  \u003chead\u003e\n    \u003c!-- via unpkg --\u003e\n    \u003cscript crossorigin src=\"https://unpkg.com/webex@^1/umd/webex.min.js\"\u003e\u003c/script\u003e\n\n    \u003c!-- via jsdelivr --\u003e\n    \u003cscript crossorigin src=\"https://cdn.jsdelivr.net/npm/webex/umd/webex.min.js\"\u003e\u003c/script\u003e\n  \u003c/head\u003e\n  \u003c!-- ...application html... --\u003e\n\u003c/html\u003e\n```\n\nThe available unified modules within this project are listed below:\n\n- [webex](./packages/webex/) - The primary webex unified module.\n\n### Modular Modules\n\nModular modules are an alternative to using a unified module, and require a greater understanding of how the modules are architected in order to consume them appropriately. These modules are typically consumed as **dependencies** of another project and can be installed by performing the following commands:\n\n```bash\n# using NPM\nnpm install {module}\n\n# using Yarn\nyarn add {module}\n```\n\nThe available modular modules within this project are visible when inspecting the contents of the `./packages/@webex/` folder, as well as other published modules (see their `README.md` files) within the `./packages/` folder.\n\nNotable authorization-related modular packages:\n- [@webex/plugin-authorization](./packages/@webex/plugin-authorization/README.md) - Environment auto-loader that picks the correct auth implementation.\n- [@webex/plugin-authorization-browser](./packages/@webex/plugin-authorization-browser/README.md) - Browser (public client) OAuth flows (Implicit + Authorization Code).\n- [@webex/plugin-authorization-node](./packages/@webex/plugin-authorization-node/README.md) - Node.js (server/confidential client) authorization flows.\n- [@webex/plugin-authorization-browser-first-party](./packages/@webex/plugin-authorization-browser-first-party/README.md) - First-party Webex Web Client specific hardened Authorization Code + PKCE + device (QR) flow implementation (internal use).\n\n## Usage\n\nThis section will define the general usage examples for this project.\n\n### Module Consumption\n\nFor general consumption documentation, please visit our [Cisco Webex for Developers portal](https://developer.webex.com/), as this will typically what is necessary to begin development using the various packages within the Webex JS SDK. Additionally, some of the modules within this project contain independent documentation available within each of their respective folder scopes. Please review these independent documentation articles as needed.\n\nIt is recommended to visit our [Getting Started with NodeJS](https://developer.webex.com/docs/sdks/node) guide for the most up-to-date documentation on consuming the Webex JS SDK via Module.\n\n### Browser Consumption\n\nThis section outlines how to directly consume the Webex JS SDK unified `webex` bundle within your HTML document. This bundle can be consumed directly via [unpkg](https://unpkg.com/) or [jsdelivr](https://jsdelivr.com/) respectfully. See the below examples:\n\n```html\n\u003chtml\u003e\n  \u003chead\u003e\n    \u003c!-- via unpkg --\u003e\n    \u003cscript crossorigin src=\"https://unpkg.com/webex@^1/umd/webex.min.js\"\u003e\u003c/script\u003e\n\n    \u003c!-- via jsdelivr --\u003e\n    \u003cscript crossorigin src=\"https://cdn.jsdelivr.net/npm/webex/umd/webex.min.js\"\u003e\u003c/script\u003e\n  \u003c/head\u003e\n  \u003c!-- ...application html... --\u003e\n\u003c/html\u003e\n```\n\nIt is recommended to visit our [Getting Started with Browser Usage](https://developer.webex.com/docs/sdks/browser) guide for the most up-to-date documentation on consuming the Webex JS SDK via our CDN within a browser.\n\n### Updating the Modules\n\nSince this mono-repository includes a collection of packages that rely on each other to work as intended, it is best to utilize a static version of the Webex JS SDK modules consumed by your application. The best way to do this is by utilizing our helper package: `@webex/package-tools`.\n\n```bash\n# using NPM\nnpm install --dev @webex/package-tools\n\n# using Yarn\nyarn add --dev @webex/package-tools\n```\n\nAfter installation, the following `script` should be added to your `./package.json` for execution:\n\n```jsonc\n{\n  /* ... */\n  \"scripts\": {\n    /* ... */\n    \"update:sdk\": \"webex-package-tools update --tag {target-dist-tag} --packages {...packages-to-update}\"\n  }\n}\n```\n\nThe above executable accepts a **distribution tag**, which will match an available `tag` from the [current tags section](https://www.npmjs.com/package/webex?activeTab=versions) of [NPMJS](https://www.npmjs.com/) as well as a list of packages that should be updated when the command executes (this will collect the latest synced version). It is recommended to provide the `--packages` argument with the complete list of `@webex`-scoped packages your project consumes in order to promote well-synchronized versions between all packages.\n\nThe `@webex/package-tools` package contains a collection of helpful tools used to manage packages within this project from both within and outside of this project. Please review the [documentation](./packages/tools/package/) associated with the `@webex/package-tools` package for more information.\n\n### Running and Viewing Samples\n\nSample code can be found within the [samples documentation folder](./docs/samples). You can preview the contents of this folder by navigating to [https://webex.github.io/webex-js-sdk/samples/](https://webex.github.io/webex-js-sdk/samples/) or by building them locally. Please see our [contributing guide](./CONTRIBUTING.md) for more information.\n\n## Contribute\n\nFor detailed instructions on how to contribute, please refer to the [contributing guide](./CONTRIBUTING.md).\n\n## Issues\n\nPlease reach out to our developer support team in regards to any issues you may be experiencing within the Webex JS SDK.\n\n- \u003chttps://developer.webex.com/support\u003e\n- \u003cdevsupport@webex.com\u003e\n\n## Maintainers\n\nThis project is maintained by [Cisco Webex for Developers](https://developer.webex.com/).\n\n## License\n\nSee our [license](./LICENSE) for more information.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwebex%2Fwebex-js-sdk","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwebex%2Fwebex-js-sdk","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwebex%2Fwebex-js-sdk/lists"}