Adds the tailwind prose plugin, so that we can render our markdown in a way that's easily tweakable with tailwind. Adds the MarkdownRender component, which takes the source to render, wraps it in the prose declaration, and passes it off to VueMarkdown.
Future additions would customize the prose styling from within the markdownrender component itself - for now, it's left as-is.
Dependency Review
✅ No vulnerabilities or OpenSSF Scorecard issues found.
OpenSSF Scorecard
| Package | Version | Score | Details |
|---|
| npm/@tailwindcss/typography | ^0.5.16 |
:green_circle: 3.5 | Details| Check | Score | Reason |
|---|
| Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Code-Review | :green_circle: 4 | Found 14/29 approved changesets -- score normalized to 4 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | :warning: 2 | 0 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 2 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Security-Policy | :warning: 0 | security policy file not detected | | License | :green_circle: 10 | license file detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | Packaging | :green_circle: 10 | packaging workflow detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :warning: 0 | 15 existing vulnerabilities detected |
|
| npm/@tailwindcss/typography | 0.5.16 |
:green_circle: 3.5 | Details| Check | Score | Reason |
|---|
| Dangerous-Workflow | :green_circle: 10 | no dangerous workflow patterns detected | | Code-Review | :green_circle: 4 | Found 14/29 approved changesets -- score normalized to 4 | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Maintained | :warning: 2 | 0 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 2 | | Token-Permissions | :warning: 0 | detected GitHub workflow tokens with excessive permissions | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | Pinned-Dependencies | :warning: 0 | dependency not pinned by hash detected -- score normalized to 0 | | Security-Policy | :warning: 0 | security policy file not detected | | License | :green_circle: 10 | license file detected | | Fuzzing | :warning: 0 | project is not fuzzed | | Signed-Releases | :warning: -1 | no releases found | | Branch-Protection | :warning: 0 | branch protection not enabled on development/release branches | | Packaging | :green_circle: 10 | packaging workflow detected | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Vulnerabilities | :warning: 0 | 15 existing vulnerabilities detected |
|
| npm/lodash.castarray | 4.4.0 |
:green_circle: 4.2 | Details| Check | Score | Reason |
|---|
| Token-Permissions | :warning: -1 | No tokens found | | Dangerous-Workflow | :warning: -1 | no workflows found | | Maintained | :warning: 0 | 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 | | Code-Review | :warning: 2 | Found 8/30 approved changesets -- score normalized to 2 | | Security-Policy | :green_circle: 10 | security policy file detected | | Packaging | :warning: -1 | packaging workflow not detected | | CII-Best-Practices | :warning: 0 | no effort to earn an OpenSSF best practices badge detected | | Binary-Artifacts | :green_circle: 10 | no binaries found in the repo | | License | :green_circle: 9 | license file detected | | Branch-Protection | :warning: -1 | internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration | | Signed-Releases | :warning: -1 | no releases found | | Pinned-Dependencies | :warning: -1 | no dependencies found | | SAST | :warning: 0 | SAST tool is not run on all commits -- score normalized to 0 | | Fuzzing | :green_circle: 10 | project is fuzzed | | Vulnerabilities | :warning: 0 | 91 existing vulnerabilities detected |
|
Scanned Files
- lib/vue-lib/package.json
- pnpm-lock.yaml
systeminit
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}