keystone

v4.2.1

Web Application Framework and Admin GUI / Content Management System built on Express.js and Mongoose For more information about how to use this package see README

Latest version published 5 years ago

License: MIT

NPM

GitHub

Package Health Score

43 / 100

security
Security issues found
popularity
Small
maintenance
Inactive
community
Active

Explore Similar Packages

Security

Security issues found

All security vulnerabilities belong to production dependencies of direct and indirect packages.

Security and license risk for significant versions

All Versions

Version			Vulnerabilities	License Risk
4.2.1	\|	07/2019	1 C 0 H 0 M 0 L	0 H 0 M 0 L
4.1.1	\|	06/2019	1 C 0 H 0 M 0 L	0 H 0 M 0 L
0.3.22	\|	07/2016	1 C 3 H 5 M 0 L	0 H 0 M 0 L
0.2.42	\|	01/2015	1 C 3 H 8 M 0 L	0 H 0 M 0 L
0.1.55	\|	12/2013	1 C 3 H 8 M 0 L	0 H 0 M 0 L

License

MIT

Security Policy

Yes

Is your project affected by vulnerabilities?

Scan your projects for vulnerabilities. Fix quickly with automated fixes. Get started with Snyk for free.

Get started free

Popularity

Small

Weekly Downloads (360)

GitHub Stars: 8.85K
Forks: 1.12K
Contributors: -

Direct Usage Popularity

The npm package keystone receives a total of 360 downloads a week. As such, we scored keystone popularity level to be Small.

Based on project statistics from the GitHub repository for the npm package keystone, we found that it has been starred 8,848 times.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Community

Active

Readme.md: Yes
Contributing.md: Yes
Code of Conduct: Yes
Contributors: 0
Funding: No

This project has seen only 10 or less contributors.

Embed Package Health Score Badge

Maintenance

Inactive

Commit Frequency

Open Issues: 77
Open PR: 36
Last Release: 5 years ago
Last Commit: 5 days ago

Further analysis of the maintenance status of keystone based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Inactive.

An important project maintenance signal to consider for keystone is that it hasn't seen any new versions released to npm in the past 12 months, and could be considered as a discontinued project, or that which receives low attention from its maintainers.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Keep your project healthy

Check your package.json

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Node.js Compatibility: not defined

Age: 11 years
Dependencies: 96 Direct
Versions: 172
Install Size: 32 MB
Dist-tags: 1
# of Files: 862
Maintainers: 4
TS Typings: Yes

keystone has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.

Readme

About Keystone

KeystoneJS is a powerful Node.js content management system and web app framework built on the Express web framework and Mongoose ODM. Keystone makes it easy to create sophisticated web sites and apps, and comes with a beautiful auto-generated Admin UI.

Check out our demo site to see it in action.

Documentation

For Keystone v4 documentation and guides, see keystonejs.com.

For Keystone v0.3 documentation, see v3.keystonejs.com.

Getting Started

This section provides a short intro to Keystone. Check out the Getting Started Guide in the Keystone documentation for a more comprehensive introduction.

Installation

The easiest way to get started with Keystone is to use the Yeoman generator:

$ npm install -g generator-keystone
$ yo keystone

Answer the questions, and the generator will create a new project based on the options you select, and install the required packages from npm.

Alternatively, to include Keystone in an existing project or start from scratch (without Yeoman), specify keystone: "4.0.0" in the dependencies array of your package.json file, and run npm install from your terminal.

Then read through the Documentation and the Example Projects to understand how to use it.

Configuration

Config variables can be passed in an object to the keystone.init method, or can be set any time before keystone.start is called using keystone.set(key, value). This allows for a more flexible order of execution. For example, if you refer to Lists in your routes you can set the routes after configuring your Lists.

See the KeystoneJS configuration documentation for details and examples of the available options.

Database field types

Keystone builds on the basic data types provided by MongoDB and allows you to easily add rich, functional fields to your application's models.

You get helper methods on your models for dealing with each field type easily (such as formatting a date or number, resizing an image, getting an array of the available options for a select field, or using Google's Places API to improve addresses) as well as a beautiful, responsive admin UI to edit your data with.

See the KeystoneJS database documentation for details and examples of the various field types, as well as how to set up and use database models in your application.

Running KeystoneJS in Production

When you deploy your KeystoneJS app to production, be sure to set your ENV environment variable to production.

You can do this by setting NODE_ENV=production in your .env file, which gets handled by dotenv.

Setting your environment enables certain features (including template caching, simpler error reporting, and HTML minification) that are important in production but annoying in development.

Community

We have a friendly, growing community and welcome everyone to get involved:

Follow @KeystoneJS on twitter for news and announcements.
Ask technical questions on Stack Overflow and tag them keystonejs.
Report bugs and feature suggestions on our GitHub issue tracker.
Join the KeystoneJS Slack for general discussion with the Keystone community and contributors.

We love to hear feedback about Keystone and the projects you're using it for. Ping us at @KeystoneJS on Twitter.

Contributing

If you can, please contribute by reporting issues, discussing ideas, helping answer questions from other developers, or submitting pull requests with patches and new features. We do our best to respond to all issues and pull requests, and make patch releases to npm regularly.

If you're going to contribute code, please follow our coding standards and read our Contributing Guide.

Related Projects

If you are using KeystoneJS in any projects we encourage you to add to our Related Projects Page. This is also the place to find generators and other projects that bundle KeystoneJS.

Thanks

KeystoneJS is a free and open source community-driven project. Thanks to our many contributors and users for making it great.

Keystone's development has been led by key contributors including Jed Watson, Joss Mackison, and Max Stoiber and is proudly supported by Thinkmill in Sydney, Australia.

License

(The MIT License)

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the 'Software'), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

keystone dependencies

@babel/core @babel/plugin-proposal-class-properties @babel/plugin-proposal-decorators @babel/plugin-proposal-export-namespace-from @babel/plugin-proposal-function-sent @babel/plugin-proposal-json-strings @babel/plugin-proposal-numeric-separator @babel/plugin-proposal-throw-expressions @babel/plugin-syntax-dynamic-import @babel/plugin-syntax-import-meta @babel/plugin-transform-object-assign @babel/polyfill @babel/preset-env @babel/preset-react async asyncdi babelify babyparse bcrypt-nodejs blacklist body-parser brfs browserify browserify-shim caller-id chalk classnames cloudinary cloudinary-microurl compression connect-flash cookie-parser debug display-name dumb-passwords ejs elemental embedly errorhandler es6-promise express express-request-language express-session expression-match fs-extra glamor grappling-hook greenlock-express i keystone-storage-namefunctions keystone-tinymce keystone-utils knox-s3 less-middleware list-to-array lodash marked method-override mime-types moment mongoose morgan multer numeral object-assign qs queryfilter range_check react react-addons-css-transition-group react-alt-text react-color react-day-picker react-dnd react-dnd-html5-backend react-dom react-domify react-images react-markdown react-redux react-router react-router-redux redux redux-saga redux-thunk react-select sanitize-filename tinymce sanitize-html scmp semver serve-favicon string-to-stream vkey watchify xhr

FAQs

What is keystone?

Web Application Framework and Admin GUI / Content Management System built on Express.js and Mongoose. Visit Snyk Advisor to see a full health score report for keystone, including popularity, security, maintenance & community analysis.

Is keystone popular?

The npm package keystone receives a total of 360 weekly downloads. As such, keystone popularity was classified as small. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is keystone well maintained?

We found indications that keystone is an Inactive project. See the full package health analysis to learn more about the package maintenance status.

Is keystone safe to use?

Security issues were found while scanning the latest version of keystone, and a total of 1 vulnerabilities were detected. It is highly advised to conduct a security review before using this package. View the full security scan results.

Last updated on 25 April-2024, at 22:28 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

Package Health Score

Explore Similar Packages

Security and license risk for significant versions

Is your project affected by vulnerabilities?

Weekly Downloads (360)

Direct Usage Popularity

Embed Package Health Score Badge

Commit Frequency

Keep your project healthy

Check your package.json

Snyk Vulnerability Scanner

Readme

About Keystone

Documentation

Getting Started

Installation

Configuration

Database field types

Running KeystoneJS in Production

Community

Contributing

Related Projects

Thanks

License

keystone dependencies

keystone development dependencies

FAQs

What is keystone?

Is keystone popular?

Is keystone well maintained?

Is keystone safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues