npx-ray 1.0.0

package/data/popular-packages.json

@@ -0,0 +1,619 @@
+[
+  "lodash",
+  "express",
+  "react",
+  "react-dom",
+  "axios",
+  "chalk",
+  "moment",
+  "debug",
+  "uuid",
+  "commander",
+  "typescript",
+  "webpack",
+  "babel-core",
+  "eslint",
+  "prettier",
+  "jest",
+  "mocha",
+  "chai",
+  "underscore",
+  "async",
+  "bluebird",
+  "request",
+  "body-parser",
+  "dotenv",
+  "cors",
+  "mongoose",
+  "sequelize",
+  "pg",
+  "mysql",
+  "redis",
+  "socket.io",
+  "fs-extra",
+  "glob",
+  "minimist",
+  "yargs",
+  "semver",
+  "rimraf",
+  "mkdirp",
+  "cross-env",
+  "path",
+  "inquirer",
+  "ora",
+  "rxjs",
+  "tslib",
+  "zone.js",
+  "core-js",
+  "regenerator-runtime",
+  "prop-types",
+  "classnames",
+  "immutable",
+  "ramda",
+  "date-fns",
+  "dayjs",
+  "luxon",
+  "next",
+  "nuxt",
+  "vue",
+  "svelte",
+  "angular",
+  "ember-cli",
+  "gatsby",
+  "vite",
+  "rollup",
+  "esbuild",
+  "parcel",
+  "turbo",
+  "lerna",
+  "nx",
+  "pnpm",
+  "yarn",
+  "npm",
+  "node-fetch",
+  "got",
+  "superagent",
+  "undici",
+  "http-proxy",
+  "express-session",
+  "passport",
+  "jsonwebtoken",
+  "bcrypt",
+  "bcryptjs",
+  "argon2",
+  "helmet",
+  "morgan",
+  "winston",
+  "pino",
+  "bunyan",
+  "log4js",
+  "colors",
+  "strip-ansi",
+  "ansi-regex",
+  "supports-color",
+  "has-flag",
+  "color-convert",
+  "color-name",
+  "escape-string-regexp",
+  "p-limit",
+  "p-map",
+  "p-queue",
+  "p-retry",
+  "execa",
+  "cross-spawn",
+  "which",
+  "find-up",
+  "locate-path",
+  "path-exists",
+  "resolve",
+  "resolve-from",
+  "import-fresh",
+  "cosmiconfig",
+  "rc",
+  "ini",
+  "toml",
+  "yaml",
+  "js-yaml",
+  "json5",
+  "hjson",
+  "ajv",
+  "joi",
+  "yup",
+  "zod",
+  "superstruct",
+  "io-ts",
+  "class-validator",
+  "typeorm",
+  "prisma",
+  "drizzle-orm",
+  "knex",
+  "bookshelf",
+  "objection",
+  "mikro-orm",
+  "graphql",
+  "apollo-server",
+  "apollo-client",
+  "urql",
+  "relay-runtime",
+  "aws-sdk",
+  "@aws-sdk/client-s3",
+  "firebase",
+  "firebase-admin",
+  "google-cloud",
+  "azure-storage",
+  "stripe",
+  "paypal-rest-sdk",
+  "twilio",
+  "sendgrid",
+  "nodemailer",
+  "mailgun-js",
+  "handlebars",
+  "ejs",
+  "pug",
+  "nunjucks",
+  "mustache",
+  "marked",
+  "markdown-it",
+  "remark",
+  "rehype",
+  "unified",
+  "highlight.js",
+  "prismjs",
+  "sharp",
+  "jimp",
+  "canvas",
+  "pdf-lib",
+  "puppeteer",
+  "playwright",
+  "selenium-webdriver",
+  "cheerio",
+  "jsdom",
+  "xmldom",
+  "xml2js",
+  "fast-xml-parser",
+  "htmlparser2",
+  "csv-parse",
+  "csv-stringify",
+  "papaparse",
+  "xlsx",
+  "exceljs",
+  "socket.io-client",
+  "ws",
+  "mqtt",
+  "amqplib",
+  "bull",
+  "bullmq",
+  "agenda",
+  "bee-queue",
+  "ioredis",
+  "memcached",
+  "lru-cache",
+  "node-cache",
+  "keyv",
+  "multer",
+  "formidable",
+  "busboy",
+  "multiparty",
+  "connect-multiparty",
+  "compression",
+  "serve-static",
+  "cookie-parser",
+  "express-validator",
+  "csurf",
+  "hpp",
+  "express-rate-limit",
+  "method-override",
+  "http-errors",
+  "statuses",
+  "content-type",
+  "content-disposition",
+  "mime",
+  "mime-types",
+  "accepts",
+  "negotiator",
+  "type-is",
+  "media-typer",
+  "on-finished",
+  "destroy",
+  "ee-first",
+  "raw-body",
+  "bytes",
+  "depd",
+  "fresh",
+  "etag",
+  "proxy-addr",
+  "forwarded",
+  "ipaddr.js",
+  "range-parser",
+  "vary",
+  "send",
+  "finalhandler",
+  "encodeurl",
+  "escape-html",
+  "parseurl",
+  "path-to-regexp",
+  "cookie",
+  "cookie-signature",
+  "safe-buffer",
+  "safer-buffer",
+  "buffer-from",
+  "string_decoder",
+  "readable-stream",
+  "through2",
+  "concat-stream",
+  "pump",
+  "pipeline",
+  "split2",
+  "from2",
+  "duplexer2",
+  "merge-stream",
+  "multistream",
+  "stream-shift",
+  "events",
+  "eventemitter3",
+  "mitt",
+  "tiny-emitter",
+  "nanoevents",
+  "inherits",
+  "util-deprecate",
+  "setprototypeof",
+  "ms",
+  "humanize-ms",
+  "pretty-ms",
+  "fecha",
+  "timeago.js",
+  "cron",
+  "node-cron",
+  "node-schedule",
+  "later",
+  "chokidar",
+  "watchpack",
+  "nsfw",
+  "fb-watchman",
+  "sane",
+  "fast-glob",
+  "globby",
+  "picomatch",
+  "micromatch",
+  "minimatch",
+  "braces",
+  "fill-range",
+  "to-regex-range",
+  "is-number",
+  "is-glob",
+  "graceful-fs",
+  "jsonfile",
+  "write-file-atomic",
+  "proper-lockfile",
+  "tmp",
+  "temp",
+  "del",
+  "trash",
+  "move-file",
+  "cpy",
+  "ncp",
+  "cpx",
+  "archiver",
+  "adm-zip",
+  "unzipper",
+  "decompress",
+  "tar",
+  "tar-stream",
+  "form-data",
+  "combined-stream",
+  "delayed-stream",
+  "asynckit",
+  "follow-redirects",
+  "http-proxy-agent",
+  "https-proxy-agent",
+  "socks-proxy-agent",
+  "proxy-agent",
+  "agent-base",
+  "agentkeepalive",
+  "tough-cookie",
+  "set-cookie-parser",
+  "cookie-jar",
+  "iconv-lite",
+  "encoding",
+  "chardet",
+  "jschardet",
+  "qs",
+  "querystring",
+  "query-string",
+  "url-parse",
+  "normalize-url",
+  "punycode",
+  "psl",
+  "tr46",
+  "whatwg-url",
+  "data-urls",
+  "nanoid",
+  "cuid",
+  "ulid",
+  "shortid",
+  "object-id",
+  "lodash.merge",
+  "lodash.get",
+  "lodash.set",
+  "lodash.clonedeep",
+  "lodash.debounce",
+  "lodash.throttle",
+  "lodash.isequal",
+  "lodash.uniq",
+  "deepmerge",
+  "deep-equal",
+  "fast-deep-equal",
+  "dequal",
+  "object-assign",
+  "object.assign",
+  "object-keys",
+  "object.entries",
+  "object.values",
+  "object.fromentries",
+  "define-properties",
+  "has",
+  "has-symbols",
+  "has-property-descriptors",
+  "get-intrinsic",
+  "call-bind",
+  "function-bind",
+  "es-abstract",
+  "es-to-primitive",
+  "is-callable",
+  "is-regex",
+  "is-date-object",
+  "is-symbol",
+  "is-string",
+  "is-boolean-object",
+  "is-number-object",
+  "is-bigint",
+  "is-typed-array",
+  "is-array-buffer",
+  "is-shared-array-buffer",
+  "is-weakref",
+  "is-map",
+  "is-set",
+  "is-weakmap",
+  "is-weakset",
+  "is-generator-function",
+  "is-async-function",
+  "is-core-module",
+  "side-channel",
+  "internal-slot",
+  "unbox-primitive",
+  "string.prototype.trimstart",
+  "string.prototype.trimend",
+  "string.prototype.matchall",
+  "string.prototype.replaceall",
+  "array-includes",
+  "array.prototype.flat",
+  "array.prototype.flatmap",
+  "array.prototype.find",
+  "array.prototype.findlast",
+  "regexp.prototype.flags",
+  "es-shim-unscopables",
+  "globalthis",
+  "available-typed-arrays",
+  "which-typed-array",
+  "typed-array-length",
+  "typed-array-byte-offset",
+  "env-cmd",
+  "dotenv-expand",
+  "config",
+  "convict",
+  "nconf",
+  "node-config",
+  "diagnostics-channel",
+  "trace-events",
+  "source-map",
+  "source-map-support",
+  "source-map-js",
+  "stack-utils",
+  "stacktrace-parser",
+  "error-stack-parser",
+  "serialize-error",
+  "clean-stack",
+  "extract-stack",
+  "@babel/core",
+  "@babel/parser",
+  "@babel/traverse",
+  "@babel/generator",
+  "@babel/types",
+  "@babel/template",
+  "@babel/helpers",
+  "@babel/runtime",
+  "@babel/preset-env",
+  "@babel/preset-react",
+  "@babel/preset-typescript",
+  "@babel/plugin-transform-runtime",
+  "babel-loader",
+  "babel-jest",
+  "@typescript-eslint/parser",
+  "@typescript-eslint/eslint-plugin",
+  "eslint-config-prettier",
+  "eslint-plugin-import",
+  "eslint-plugin-react",
+  "eslint-plugin-react-hooks",
+  "eslint-plugin-jsx-a11y",
+  "stylelint",
+  "postcss",
+  "autoprefixer",
+  "tailwindcss",
+  "sass",
+  "less",
+  "stylus",
+  "css-loader",
+  "style-loader",
+  "postcss-loader",
+  "mini-css-extract-plugin",
+  "css-minimizer-webpack-plugin",
+  "terser",
+  "terser-webpack-plugin",
+  "uglify-js",
+  "cssnano",
+  "html-webpack-plugin",
+  "copy-webpack-plugin",
+  "webpack-merge",
+  "webpack-dev-server",
+  "webpack-bundle-analyzer",
+  "speed-measure-webpack-plugin",
+  "ts-loader",
+  "ts-node",
+  "tsx",
+  "swc",
+  "@swc/core",
+  "@swc/cli",
+  "nodemon",
+  "pm2",
+  "forever",
+  "concurrently",
+  "npm-run-all",
+  "husky",
+  "lint-staged",
+  "commitlint",
+  "semantic-release",
+  "conventional-changelog",
+  "standard-version",
+  "release-it",
+  "@testing-library/react",
+  "@testing-library/jest-dom",
+  "@testing-library/user-event",
+  "@testing-library/dom",
+  "enzyme",
+  "react-test-renderer",
+  "cypress",
+  "nightwatch",
+  "supertest",
+  "nock",
+  "msw",
+  "sinon",
+  "proxyquire",
+  "rewire",
+  "nyc",
+  "istanbul",
+  "c8",
+  "jest-coverage",
+  "coveralls",
+  "codecov",
+  "benchmark",
+  "autocannon",
+  "clinic",
+  "0x",
+  "artillery",
+  "faker",
+  "@faker-js/faker",
+  "chance",
+  "casual",
+  "lorem-ipsum",
+  "assert",
+  "power-assert",
+  "unexpected",
+  "should",
+  "expect",
+  "tap",
+  "ava",
+  "vitest",
+  "uvu",
+  "tape",
+  "qunit",
+  "jasmine",
+  "storybook",
+  "@storybook/react",
+  "chromatic",
+  "percy",
+  "backstopjs",
+  "react-router",
+  "react-router-dom",
+  "@reach/router",
+  "wouter",
+  "redux",
+  "react-redux",
+  "@reduxjs/toolkit",
+  "recoil",
+  "zustand",
+  "jotai",
+  "valtio",
+  "mobx",
+  "mobx-react",
+  "mobx-state-tree",
+  "formik",
+  "react-hook-form",
+  "final-form",
+  "react-final-form",
+  "swr",
+  "react-query",
+  "@tanstack/react-query",
+  "styled-components",
+  "emotion",
+  "@emotion/react",
+  "@emotion/styled",
+  "@mui/material",
+  "@chakra-ui/react",
+  "antd",
+  "semantic-ui-react",
+  "bootstrap",
+  "react-bootstrap",
+  "reactstrap",
+  "framer-motion",
+  "react-spring",
+  "react-transition-group",
+  "react-dnd",
+  "react-beautiful-dnd",
+  "@dnd-kit/core",
+  "react-select",
+  "downshift",
+  "react-autosuggest",
+  "react-table",
+  "@tanstack/react-table",
+  "ag-grid-react",
+  "react-virtualized",
+  "react-window",
+  "react-virtuoso",
+  "react-datepicker",
+  "react-day-picker",
+  "flatpickr",
+  "chart.js",
+  "recharts",
+  "victory",
+  "nivo",
+  "visx",
+  "d3",
+  "three",
+  "@react-three/fiber",
+  "babylon.js",
+  "pixi.js",
+  "leaflet",
+  "react-leaflet",
+  "mapbox-gl",
+  "google-maps",
+  "i18next",
+  "react-i18next",
+  "intl-messageformat",
+  "formatjs",
+  "react-helmet",
+  "react-meta-tags",
+  "next-seo",
+  "react-icons",
+  "heroicons",
+  "lucide-react",
+  "phosphor-react",
+  "@headlessui/react",
+  "@radix-ui/react-dialog",
+  "cmdk",
+  "clsx",
+  "cva",
+  "tailwind-merge",
+  "class-variance-authority",
+  "openai",
+  "anthropic",
+  "@google/generative-ai",
+  "cohere-ai",
+  "langchain",
+  "llamaindex",
+  "chromadb",
+  "pinecone",
+  "weaviate",
+  "@modelcontextprotocol/sdk",
+  "ai",
+  "vercel"
+]

package/dist/cli.d.ts

@@ -0,0 +1,9 @@
+#!/usr/bin/env node
+/**
+ * npx-ray CLI — Main entry point.
+ *
+ * Orchestrates the full scan pipeline: fetch metadata, download tarball,
+ * run all security scanners, calculate score, and output the report.
+ */
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;GAKG"}