List of NPM packages that are used on 36kr.com - GradeJS

About Community

36kr.com 45 packages

Last scanned on Oct 27 at 06:23 PM

url-parse 1.4.5 - 1.4.7VulnerableOutdated

Small footprint URL parser that works seamlessly across Node.js and browser environments

Script

https://static.36krcdn.com/36kr-web/static/app.72cd9d69.js

License

MIT

Footprint

3 KB

Vulnerabilities

ModerateGHSA-jf5r-8hm2-f872

url-parse incorrectly parses hostname / protocol due to unstripped leading control characters.

Affected versions >=0 <1.5.9

ModerateGHSA-rqff-837h-mm52

Authorization bypass in url-parse

Affected versions >=0 <1.5.6

ModerateGHSA-9m6j-fcg5-2442

Path traversal in url-parse

Affected versions >=0 <1.5.0

ModerateGHSA-hh27-ffr2-f2jc

Open redirect in url-parse

Affected versions >=0 <1.5.2

CriticalGHSA-hgjh-723h-mx2j

Authorization Bypass Through User-Controlled Key in url-parse

Affected versions >=0 <1.5.8

ModerateGHSA-8v38-pw62-9cw2

url-parse Incorrectly parses URLs that include an '@'

Affected versions >=0 <1.5.7

Matched Modules

Version distribution in production

206

1.5.10

167

1.5.9

50

1.5.3

47

1.4.6

47

1.4.7

24

1.5.4

Also used on 395 websites

Repository Homepage

URL parser uri url parse+4

+1

crypto-js 4.1.0 - 4.1.1VulnerableOutdated

JavaScript library of crypto standards.

security crypto Hash MD5 SHA1+15

evanvosberg

es5-ext 0.10.24 - 0.10.49VulnerableOutdated

ECMAScript extensions and shims

ecmascript ecmascript5 ecmascript6 es5 es6+11

medikoo

tslib 1.2.0 - 2.4.0Outdated

Runtime library for TypeScript helper functions

TypeScript Microsoft compiler language javascript+2

+5

isarray 0.0.0 - 2.0.5

Array#isArray for older browsers

browser isarray array

juliangruber

react-is 16.3.0 - 16.13.1Outdated

Brand checking of React Elements.

+1

form-data 1.0.0 - 4.0.0

A library to create readable "multipart/form-data" streams. Can be used to submit forms and file uploads to other web applications.

+2

buffer 4.6.0 - 4.9.2Outdated

Node.js Buffer API, for the browser

arraybuffer browser browserify buffer compatible+2

feross

entities 2.0.3 - 2.1.0Outdated

Encode & decode XML and HTML entities with ease & speed

entity decoding encoding html xml+1

feedic

path-to-regexp 1.7.0 - 1.8.0Outdated

Express style path to RegExp utility

express regexp route routing

+2

domutils 2.8.0Outdated

Utilities for working with htmlparser2's dom

dom htmlparser2

feedic

parse5 6.0.0 - 6.0.1Outdated

HTML parser and serializer.

html parser html5 WHATWG specification+10

+1

base64-js 1.3.0 - 1.5.1

Base64 encoding/decoding in pure JS

dom-serializer 1.0.0 - 1.4.1Outdated

render domhandler DOM nodes to a string

html xml render

feedic

domhandler 4.2.2 - 4.3.1Outdated

Handler for htmlparser2 that turns pages into a dom

dom htmlparser2

feedic

domelementtype 2.0.0 - 2.1.0Outdated

all the types of nodes in htmlparser2's dom

dom element types htmlparser2

feedic

core-js 2.6.11Outdated

Standard library

ES3 ES5 ES6 ES7 ES2015+39

zloirock

css-select 4.2.0 - 4.2.1Outdated

a CSS selector compiler/engine

css selector sizzle

feedic

htmlparser2 6.1.0Outdated

Fast & forgiving HTML/XML parser

html parser streams xml dom+3

feedic

css-what 5.0.0 - 5.1.0Outdated

a CSS selector parser

feedic

nth-check 2.0.1Outdated

Parses and compiles CSS nth-checks to highly optimized functions.

nth-child nth css

feedic

requires-port 1.0.0

Check if a protocol requires a certain port number to be added to an URL.

port require http https ws+11

scheduler 0.15.0 - 0.23.0Outdated

Cooperative scheduler for the browser environment.

+1

prop-types 15.7.0 - 15.7.2Outdated

Runtime type checking for React props and similar objects.

react 16.13.0 - 17.0.2Outdated

React is a JavaScript library for building user interfaces.

+1

react-dom 16.13.0 - 16.14.0Outdated

React package for working with the DOM.

+2

querystringify 2.2.0

Querystringify - Small, simple but powerful query string parser.

query string query-string querystring qs+4

+1

boolbase 1.0.0

two functions: One that returns true, one that returns false

feedic

hoist-non-react-statics 2.5.1 - 3.3.2

Copies non-react specific statics from a child component to a parent component

mridgway

whatwg-fetch 3.0.0 - 3.1.1Outdated

A window.fetch polyfill.

object.getownpropertydescriptors 2.0.0 - 2.1.4Outdated

ES2017 spec-compliant shim for `Object.getOwnPropertyDescriptors` that works in ES5.

Object.getOwnPropertyDescriptors descriptor property descriptor ES8 ES2017+4

ljharb

react-router 4.3.0 - 4.3.1Outdated

Declarative routing for React

react router route routing history+1

redux 4.0.5Outdated

Predictable state container for JavaScript apps

redux reducer state predictable functional+6

+3

react-fast-compare 2.0.4Outdated

Fastest deep equal comparison for React. Great for React.memo & shouldComponentUpdate. Also really fast general-purpose deep comparison.

fast equal react compare shouldComponentUpdate+1

+12

parse5-htmlparser2-tree-adapter 5.0.0 - 6.0.1Outdated

htmlparser2 tree adapter for parse5.

parse5 parser tree adapter htmlparser2

+1

cheerio 0.22.0Outdated

Tiny, fast, and elegant implementation of core jQuery designed specifically for the server

htmlparser jquery selector scraper parser+1

react-redux 5.1.0 - 5.1.2Outdated

Official React bindings for Redux

react reactjs redux

+2

shallowequal 1.0.1 - 1.1.0

Like lodash isEqualWith but for shallow equal.

shallowequal shallow equal isequal compare+1

dashed

history 4.6.3 - 4.10.1Outdated

Manage session history with JavaScript

history location

mjackson

fp-ts 0.2.1 - 0.2.9Outdated

Functional programming in TypeScript

typescript algebraic-data-types functional-programming

gcanti

react-side-effect 1.2.0Outdated

Create components whose prop changes map to a global side effect

react component side effect

react-helmet 5.2.0 - 5.2.1Outdated

A document head manager for React

react-helmet nfl react document head+7

+2

antd 3.26.14 - 4.4.1Outdated

An enterprise-class UI design language and React components implementation

ant component components design framework+4

+4

wretch 1.5.0 - 1.7.10Outdated

A tiny wrapper built around fetch with an intuitive syntax.

wretch fetch ajax request

elbywan

lottie-api 1.0.0 - 1.0.2Outdated

A library to edit lottie-web animations dynamically

airnan

Popular search queries

urlreact-scriptsreactlottie-apireact-helmet-async+7 packages

color-convert@headlessui/reacthoist-non-react-staticsreactstraplit-html+60 packages

lodashrelay-runtimereact-relayreact-uselodash-es+51 packages

Popular packages

React is a JavaScript library for building user interfaces.

+6 634 websites

Standard library

+10 238 websites

ECMAScript extensions and shims

+10 229 websites

babel's modular runtime helpers

+8 352 websites

Lodash modular utilities.

+4 826 websites

Promise based HTTP client for the browser and node.js

+4 742 websites