About
Community
canalplus.com
116 packages
Last scanned on Oct 27 at 07:04 PM
Update
Name
Size
Popularity
Severity
lodash
4.17.9 - 4.17.19
Vulnerable
Outdated
Lodash modular utilities.
Script
https://canalplus.com/assets/main.40ee271c196265615225.js
License
MIT
Footprint
18 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
55 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
axios
0.19.2
Vulnerable
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
sweetalert2
9.3.5 - 11.4.18
Vulnerable
Outdated
A beautiful, responsive, customizable and accessible (WAI-ARIA) replacement for JavaScript's popup boxes, supported fork of sweetalert
sweetalert
sweetalert2
alert
modal
popup
+4
tslib
1.10.0 - 2.4.0
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
uuid
3.3.0 - 3.3.3
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
isarray
0.0.0 - 0.0.1
Outdated
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
17.0.2
Outdated
Brand checking of React Elements.
react
+1
@babel/runtime
7.18.2 - 7.18.3
Outdated
babel's modular runtime helpers
+1
get-intrinsic
1.1.3
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
path-to-regexp
1.8.0
Outdated
Express style path to RegExp utility
express
regexp
route
routing
+2
call-bind
1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
has-symbols
1.0.2 - 1.0.3
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
rxjs
5.4.0 - 7.5.7
Outdated
Reactive Extensions for modern JavaScript
Rx
RxJS
ReactiveX
ReactiveExtensions
Streams
+5
has-property-descriptors
1.0.0
Outdated
Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD.
property
descriptors
has
environment
env
+2
ljharb
object-assign
4.1.1
ES2015 `Object.assign()` ponyfill
object
assign
extend
properties
es2015
+7
es-abstract
1.18.0 - 1.20.1
Outdated
ECMAScript spec abstract operations.
ECMAScript
ES
abstract
operation
abstract operation
+4
ljharb
define-properties
1.1.4
Outdated
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
Object.defineProperty
Object.defineProperties
object
property descriptor
descriptor
+2
ljharb
is-callable
1.2.7
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.
Function
function
callable
generator
generator function
+5
ljharb
has-tostringtag
1.0.0
Outdated
Determine if the JS environment has `Symbol.toStringTag` support. Supports spec, or shams.
javascript
ecmascript
symbol
symbols
tostringtag
+1
ljharb
object-keys
1.1.1
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim
Object.keys
keys
ES5
shim
ljharb
regexp.prototype.flags
1.4.3
Outdated
ES6 spec-compliant RegExp.prototype.flags shim.
RegExp.prototype.flags
regex
regular expression
ES6
shim
+6
ljharb
is-regex
1.1.4
Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag
regex
regexp
is
regular expression
regular
+1
ljharb
is-date-object
1.0.5
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
Date
ES6
toStringTag
@@toStringTag
Date object
ljharb
for-each
0.3.3
A better forEach
functions-have-names
1.2.3
Does this JS environment support the `name` property on functions?
function
name
es5
names
functions
+1
ljharb
has
1.0.2 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
scheduler
0.20.2
Outdated
Cooperative scheduler for the browser environment.
react
+1
prop-types
15.8.0 - 15.8.1
Runtime type checking for React props and similar objects.
react
is-arguments
1.1.1
Is this an arguments object? It's a harder question than you think.
arguments
js
javascript
is-arguments
is
+1
ljharb
string.prototype.trim
1.2.6
Outdated
ES5 spec-compliant shim for String.prototype.trim
String.prototype.trim
string
ES5
shim
trim
+2
ljharb
react
17.0.2
Outdated
React is a JavaScript library for building user interfaces.
react
+1
react-dom
17.0.2
Outdated
React package for working with the DOM.
react
+2
deep-equal
1.1.0 - 1.1.1
Outdated
node's assert.deepEqual algorithm
equality
equal
compare
ljharb
date-fns
0.10.0 - 0.15.0
Outdated
Modern JavaScript date utility library
kossnocorp
object-is
1.1.4 - 1.1.5
Outdated
ES2015-compliant shim for Object.is - differentiates between -0 and +0
is
Object.is
equality
sameValueZero
ES6
+4
ljharb
hoist-non-react-statics
3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
invariant
2.2.3 - 2.2.4
invariant
test
invariant
classnames
2.3.0 - 2.3.1
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
react-transition-group
2.2.1
Outdated
A react component toolset for managing animations
react
transition
addons
transition-group
animation
+2
query-string
4.3.2
Outdated
Parse and stringify URL query strings
browser
querystring
query
string
qs
+9
sindresorhus
ua-parser-js
0.7.28
Outdated
Detect Browser, Engine, OS, CPU, and Device type/model from User-Agent & Client Hints data. Supports browser & node.js environment
user-agent
client-hints
parser
browser
engine
+9
faisalman
symbol-observable
1.1.0 - 1.2.0
Outdated
Symbol.observable ponyfill
symbol
observable
observables
ponyfill
polyfill
+1
whatwg-fetch
3.6.2
Outdated
A window.fetch polyfill.
bowser
2.11.0
Lightweight browser detector
browser
useragent
user-agent
parser
ua
+3
lancedikson
tiny-invariant
1.2.0
Outdated
A tiny invariant function
invariant
error
assert
asserts
alexreardon
strict-uri-encode
1.1.0
Outdated
A stricter URI encode adhering to RFC 3986
component
encode
RFC3986
uri
kevva
react-router
5.1.1
Outdated
Declarative routing for React
react
router
route
routing
history
+1
react-router-dom
5.1.1
Outdated
Declarative routing for React web applications
react
router
route
routing
history
+1
redux
4.0.4
Outdated
Predictable state container for JavaScript apps
redux
reducer
state
predictable
functional
+6
+3
warning
4.0.3
A mirror of Facebook's Warning
warning
facebook
react
invariant
berkeleytrue
es6-promise
3.2.1
Outdated
A lightweight library that provides tools for organizing asynchronous code
futures
polyfill
promise
promises
crypto-browserify
1.0.9 - 2.0.0
Outdated
implementation of crypto for the browser
+2
js-cookie
2.2.0
Outdated
A simple, lightweight JavaScript API for handling cookies
cookie
cookies
browser
amd
commonjs
+3
reselect
4.0.0
Outdated
Selectors for Redux.
react
redux
+3
shallowequal
1.1.0
Like lodash isEqualWith but for shallow equal.
shallowequal
shallow
equal
isequal
compare
+1
dashed
history
4.10.1
Outdated
Manage session history with JavaScript
history
location
mjackson
react-redux
7.1.0
Outdated
Official React bindings for Redux
react
reactjs
redux
+2
graphql-tag
2.12.0 - 2.12.6
A JavaScript template literal tag that parses GraphQL queries
debounce
0.0.2 - 0.0.3
Outdated
Delay function calls until a set time elapses after the last invocation
debounce
debouncing
function
throttle
invoke
+6
sindresorhus
react-select
3.0.2 - 3.0.8
Outdated
A Select control built with and for ReactJS
combobox
form
input
multiselect
react
+3
+2
isomorphic-fetch
2.1.1 - 3.0.0
Isomorphic WHATWG Fetch API, for Node & Browserify
redux-thunk
1.0.1 - 2.0.1
Outdated
Thunk middleware for Redux.
redux
thunk
middleware
redux-middleware
flux
+2
throttle-debounce
2.1.0
Outdated
Throttle and debounce functions.
debounce
throttle
niksy
libphonenumber-js
1.9.1 - 1.10.14
Outdated
A simpler (and smaller) rewrite of Google Android's libphonenumber library in javascript
telephone
phone
number
input
mobile
+1
catamphetamine
compute-scroll-into-view
1.0.17
Outdated
The engine that powers scroll-into-view-if-needed
if-needed
scroll
scroll-into-view
scroll-into-view-if-needed
scrollIntoView
+3
stipsan
resolve-pathname
2.2.0
Outdated
Resolve URL pathnames using JavaScript
mjackson
value-equal
0.2.1 - 0.3.0
Outdated
Are these two JavaScript values equal?
mjackson
react-scripts
0.4.2
Outdated
Configuration and scripts for Create React App.
+1
scroll-into-view-if-needed
2.2.25 - 2.2.28
Outdated
Ponyfill for upcoming Element.scrollIntoView() APIs like scrollMode: if-needed, behavior: smooth and block: center
behavior-smooth
if-needed
polyfill
ponyfill
scroll
+7
stipsan
@angular/forms
0.1.0 - 2.4.10
Outdated
Angular - directives and services for creating forms
vue-loader
9.0.0 - 9.0.1
Outdated
> webpack loader for Vue Single-File Components
mini-create-react-context
0.3.3 - 0.4.1
Smaller Polyfill for the proposed React context API
react
context
contextTypes
polyfill
ponyfill
stringepsilon
react-side-effect
1.2.0
Outdated
Create components whose prop changes map to a global side effect
react
component
side
effect
screenfull
5.0.2
Outdated
Simple wrapper for cross-browser usage of the JavaScript Fullscreen API, which lets you bring the page or any element into fullscreen.
browser
fullscreen
sindresorhus
react-helmet
5.0.3
Outdated
A document head manager for React
react-helmet
nfl
react
document
head
+7
+2
@firebase/firestore
0.1.0 - 0.3.7
Outdated
The Cloud Firestore component of the Firebase JS SDK.
+1
@react-spring/shared
9.0.0 - 9.5.5
Outdated
Globals and shared modules
animated
animation
hooks
motion
react
+4
tdfka_rick
react-query
3.16.0 - 3.16.1
Outdated
Hooks for managing, caching and syncing asynchronous and remote data in React
popmotion
9.3.0 - 11.0.5
The animator's toolbox
animation
ux
ui
popmotion
canvas animation
+11
popmotion
consolidated-events
2.0.2
Manage multiple event handlers using few event listeners
events
performance
lencioni
redux-saga
1.0.0 - 1.1.3
Outdated
Saga middleware for Redux to handle Side Effects
javascript
redux
middleware
saga
effects
+1
mapbox-gl
0.23.0 - 0.26.0
Outdated
A WebGL interactive maps library
+25
react-waypoint
10.1.0
Outdated
A React component to execute a function whenever you scroll to an element.
react
component
react-component
scroll
onscroll
+1
+2
react-device-detect
1.8.6 - 1.17.0
Outdated
Detect device type and render your component according to it
useragent
mobile
phone
tablet
detect
+7
duskload
@reach/utils
0.10.4 - 0.11.2
Outdated
Internal, shared utilities for Reach UI.
+1
redux-devtools-extension
2.13.0 - 2.13.8
Outdated
Wrappers for Redux DevTools Extension.
+1
@redux-saga/core
1.1.0 - 1.2.1
Outdated
Saga middleware for Redux to handle Side Effects
javascript
redux
middleware
saga
effects
+1
@redux-saga/symbols
1.1.0 - 1.1.2
Outdated
Redux-saga internal symbol "registry".
redux
saga
redux-saga
@redux-saga/is
1.1.0 - 1.1.2
Outdated
Runtime type checking helpers
@redux-saga/deferred
1.0.0 - 1.1.2
Outdated
Helper for creating "exposed" promise object (with resolve & reject methods).
promise
resolve
reject
defer
react-spring
5.3.0
Outdated
<p align="center"> <img src="https://i.imgur.com/QZownhg.png" width="240" /> </p>
animated
animation
hooks
motion
react
+4
@chakra-ui/theme
2.1.0 - 2.1.3
Outdated
The default theme for chakra components
theme
theming
ui mode
ui
@chakra-ui/media-query
1.2.0
Outdated
A React hook for changing properties or visibility of a component based on css media query
chakra ui
breakpoint
matchMedia
react
responsive
+1
react-dates
1.0.0 - 21.8.0
A responsive and accessible date range picker component built with React
+4
@loadable/component
5.14.1
Outdated
React code splitting made easy.
react
ssr
webpack
code-splitting
react-router
+4
connected-react-router
6.6.1
Outdated
A Redux binding for React Router v4 and v5
supasate
normalizr
3.4.1
Outdated
Normalizes and denormalizes JSON according to schema for Redux and Flux applications
flux
redux
normalize
denormalize
api
+1
@splitsoftware/splitio
5.0.0 - 10.17.3
Outdated
Split SDK
splitio
sdk
javascript
+5
@optimizely/js-sdk-datafile-manager
0.1.0 - 0.9.5
Optimizely Full Stack Datafile Manager
optimizely-fullstack
store
1.2.3 - 2.0.12
A localStorage wrapper for all browsers without using cookies or flash. Uses localStorage, globalStorage, and userData behavior under the hood
marcuswestin
react-instantsearch-dom
5.2.0 - 6.38.0
Outdated
⚡ Lightning-fast search for React DOM, by Algolia
algolia
components
fast
instantsearch
react
+2
+2
node-polyglot
2.3.0
Outdated
Give your JavaScript the ability to speak many languages.
i18n
internationalization
internationalisation
translation
interpolation
+2
+2
@analytics/storage-utils
0.2.5 - 0.2.14
Outdated
Storage utility with fallbacks
analytics
analytics-project
analytics-util
storage
cookies
+3
davidwells
react-schemaorg
0.1.0 - 2.0.0
Typed Schema.org JSON-LD in React
react
jsonld
JSON-LD
typescript
schema.org
+8
google-wombot
react-query-devtools
1.0.4 - 2.6.3
Devtools for React Query
tannerlinsley
most
0.6.0 - 0.9.1
Outdated
Monadic streams
reactive
reactive programming
reactive streams
stream
streams
+11
+2
lottie-api
1.0.0 - 1.0.2
Outdated
A library to edit lottie-web animations dynamically
airnan
prebid.js
1.38.0 - 7.22.0
Outdated
Header Bidding Management Library
advertising
auction
header bidding
prebid
+1
tg-core-redux
0.0.5 - 4.2.1
Outdated
tg-core-redux
+4
@canalplus/oneplayer-constants
x.x.x
@canalplus/oneplayer-utils
x.x.x
@canalplus/oneplayer-webservices
x.x.x
redux-batched-actions
x.x.x
serviceworker-webpack5-plugin
x.x.x
snarkdown
x.x.x
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
libphonenumber-js
react-relay
jss
@babel/runtime
redux-form
+50 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites