About
Community
cityoflondon.gov.uk
85 packages
Last scanned on Jan 19 at 07:56 AM
Update
Name
Size
Popularity
Severity
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
Script
https://cityoflondon.gov.uk/static/modern/js/vendor.584a59a43011a30239ff.mjs
License
MIT
Footprint
1 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
56 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
tslib
1.2.0 - 2.4.1
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
uuid
7.0.0 - 8.0.0
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
16.3.0 - 17.0.2
Outdated
Brand checking of React Elements.
react
+1
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
@babel/runtime
7.0.0 - 7.12.18
Outdated
babel's modular runtime helpers
+1
get-intrinsic
1.1.3
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.0 - 1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
path-to-regexp
1.7.0 - 1.8.0
Outdated
Express style path to RegExp utility
express
regexp
route
routing
+2
axios
0.26.1
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
cookie
0.2.4 - 0.4.1
Outdated
HTTP server cookie parsing and serialization
cookie
cookies
dougwilson
call-bind
1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
object-inspect
1.11.0 - 1.11.1
Outdated
string representations of objects in node and the browser
inspect
util.inspect
object
stringify
pretty
has-symbols
1.0.2 - 1.0.3
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
side-channel
1.0.4
Outdated
Store information about any JS value in a side channel. Uses WeakMap if available.
weakmap
map
side
channel
metadata
ljharb
has-property-descriptors
1.0.0
Outdated
Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD.
property
descriptors
has
environment
env
+2
ljharb
es-abstract
1.18.7 - 1.20.4
Outdated
ECMAScript spec abstract operations.
ECMAScript
ES
abstract
operation
abstract operation
+4
ljharb
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
define-properties
1.1.4
Outdated
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
Object.defineProperty
Object.defineProperties
object
property descriptor
descriptor
+2
ljharb
is-callable
1.2.0 - 1.2.2
Outdated
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.
Function
function
callable
generator
generator function
+5
ljharb
object.assign
4.1.3 - 4.1.4
Outdated
ES6 spec-compliant Object.assign shim. From https://github.com/es-shims/es6-shim
Object.assign
assign
ES6
extend
$.extend
+6
ljharb
has-tostringtag
1.0.0
Outdated
Determine if the JS environment has `Symbol.toStringTag` support. Supports spec, or shams.
javascript
ecmascript
symbol
symbols
tostringtag
+1
ljharb
which-typed-array
1.1.6 - 1.1.9
Outdated
Which kind of Typed Array is this JavaScript value? Works cross-realm, without `instanceof`, and despite Symbol.toStringTag.
array
TypedArray
typed array
which
typed
+13
ljharb
object-keys
1.1.0 - 1.1.1
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim
Object.keys
keys
ES5
shim
ljharb
regexp.prototype.flags
1.2.0 - 1.3.2
Outdated
ES6 spec-compliant RegExp.prototype.flags shim.
RegExp.prototype.flags
regex
regular expression
ES6
shim
+6
ljharb
deepmerge
4.2.2
Outdated
A library for deep (recursive) merging of Javascript objects
merge
deep
extend
copy
clone
+1
tehshrike
core-js
3.19.2 - 3.22.3
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
is-typed-array
1.1.7 - 1.1.10
Outdated
Is this value a JS Typed Array? This module works cross-realm/iframe, does not depend on `instanceof` or mutable properties, and despite ES6 Symbol.toStringTag.
array
TypedArray
typed array
is
typed
+13
is-regex
1.1.1
Outdated
Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag
regex
regexp
is
regular expression
regular
+1
ljharb
available-typed-arrays
1.0.5
Outdated
Returns an array of Typed Array names that are available in the current environment
typed
arrays
Float32Array
Float64Array
Int8Array
+8
ljharb
is-date-object
1.0.1 - 1.0.3
Outdated
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
Date
ES6
toStringTag
@@toStringTag
Date object
ljharb
lodash.merge
4.6.1 - 4.6.2
The Lodash method `_.merge` exported as a module.
lodash-modularized
merge
is-string
1.0.4 - 1.0.5
Outdated
Is this value a JS String object or primitive? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
String
string
ES6
toStringTag
@@toStringTag
+1
ljharb
has-bigints
1.0.0 - 1.0.1
Outdated
Determine if the JS environment has BigInt support.
BigInt
bigints
typeof
ES2020
ljharb
for-each
0.3.3
A better forEach
is-number-object
1.0.6 - 1.0.7
Is this value a JS Number object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
Number
ES6
toStringTag
@@toStringTag
Number object
ljharb
is-boolean-object
1.1.2
Is this value a JS Boolean? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
Boolean
ES6
toStringTag
@@toStringTag
Boolean object
+3
ljharb
which-boxed-primitive
1.0.0 - 1.0.2
Which kind of boxed JS primitive is this?
boxed
primitive
object
ecmascript
javascript
+1
ljharb
scheduler
0.15.0 - 0.23.0
Outdated
Cooperative scheduler for the browser environment.
react
+1
has
1.0.1 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
prop-types
15.7.0 - 15.7.2
Outdated
Runtime type checking for React props and similar objects.
react
is-arguments
1.0.4 - 1.1.1
Is this an arguments object? It's a harder question than you think.
arguments
js
javascript
is-arguments
is
+1
ljharb
react
16.13.0 - 18.2.0
Outdated
React is a JavaScript library for building user interfaces.
react
+1
deep-equal
2.0.2 - 2.0.5
Outdated
node's assert.deepEqual algorithm
equality
equal
compare
ljharb
immutable
4.0.0 - 4.2.2
Outdated
Immutable Data Collections
immutable
persistent
lazy
data
datastructure
+5
leebyron
object-is
1.1.0 - 1.1.5
Outdated
ES2015-compliant shim for Object.is - differentiates between -0 and +0
is
Object.is
equality
sameValueZero
ES6
+4
ljharb
is-set
2.0.1 - 2.0.2
Outdated
Is this value a JS Set? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
map
set
collection
is
robust
ljharb
is-map
2.0.1 - 2.0.2
Outdated
Is this value a JS Map? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
map
set
collection
is
robust
ljharb
rfdc
1.3.0
Outdated
Really Fast Deep Clone
object
obj
properties
clone
copy
+19
hoist-non-react-statics
3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
@emotion/unitless
0.7.2 - 0.8.0
Outdated
An object of css properties that don't accept values with units
+1
classnames
2.2.6
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
query-string
5.0.1 - 5.1.1
Outdated
Parse and stringify URL query strings
browser
querystring
query
string
qs
+9
sindresorhus
es-get-iterator
1.1.2 - 1.1.3
Get an iterator for any JS language value. Works robustly across all environments, all versions.
iterator
Symbol.iterator
iterable
collection
next
+1
ljharb
whatwg-fetch
3.4.0 - 3.6.2
Outdated
A window.fetch polyfill.
immer
1.9.0 - 9.0.18
Outdated
Create your next immutable state by mutating the current one
immutable
mutable
copy-on-write
tiny-invariant
0.0.2 - 1.3.1
Outdated
A tiny invariant function
invariant
error
assert
asserts
alexreardon
redux
4.1.0 - 4.2.0
Outdated
Predictable state container for JavaScript apps
redux
reducer
state
predictable
functional
+6
+3
react-router-dom
5.1.0 - 5.3.4
Outdated
Declarative routing for React web applications
react
router
route
routing
history
+1
react-fast-compare
3.1.0 - 3.2.0
Outdated
Fastest deep equal comparison for React. Great for React.memo & shouldComponentUpdate. Also really fast general-purpose deep comparison.
fast
equal
react
compare
shouldComponentUpdate
+1
+12
crypto-browserify
1.0.9 - 2.0.0
Outdated
implementation of crypto for the browser
+2
js-cookie
3.0.1
Outdated
A simple, lightweight JavaScript API for handling cookies
cookie
cookies
browser
amd
commonjs
+3
reselect
4.1.1 - 4.1.7
Outdated
Selectors for Redux.
react
redux
+3
shallowequal
1.0.1 - 1.1.0
Like lodash isEqualWith but for shallow equal.
shallowequal
shallow
equal
isequal
compare
+1
dashed
history
4.0.0 - 4.10.1
Outdated
Manage session history with JavaScript
history
location
mjackson
redux-thunk
2.1.0 - 2.4.2
Outdated
Thunk middleware for Redux.
redux
thunk
middleware
redux-middleware
flux
+2
@emotion/stylis
0.8.1 - 0.8.5
A custom build of Stylis
+1
web-vitals
3.0.0 - 3.0.4
Outdated
Easily measure performance metrics in JavaScript
crux
performance
metrics
Core Web Vitals
CLS
+5
react-side-effect
2.1.0 - 2.1.2
Create components whose prop changes map to a global side effect
react
component
side
effect
react-helmet
6.0.0 - 6.1.0
A document head manager for React
react-helmet
nfl
react
document
head
+7
+2
@firebase/firestore
3.4.14 - 3.4.15
Outdated
The Cloud Firestore component of the Firebase JS SDK.
+1
universal-cookie
4.0.1 - 4.0.4
Outdated
Universal cookies for JavaScript
universal
isomophic
cookie
exon
@redux-saga/symbols
1.0.0 - 1.1.3
Redux-saga internal symbol "registry".
redux
saga
redux-saga
@redux-saga/is
1.0.0 - 1.1.3
Runtime type checking helpers
react-hot-loader
4.11.0 - 4.13.1
Tweak React components in real time.
react
javascript
webpack
hmr
livereload
+5
+3
react-cookie
3.1.0 - 4.1.1
Outdated
Universal cookies for React
universal
isomophic
cookie
react
exon
scriptjs
2.5.6 - 2.5.9
Asyncronous JavaScript loader and dependency manager
ender
script
dependency
ajax
jsonp
+1
@loadable/component
5.15.0 - 5.15.2
Outdated
React code splitting made easy.
react
ssr
webpack
code-splitting
react-router
+4
react-router-config
5.0.0 - 5.1.1
Static route config matching for React Router
react
router
route
routing
static routes
+2
react-loadable
5.2.0 - 5.5.0
A higher order component for loading components with promises
@tannin/plural-forms
1.0.0 - 1.1.0
Compiles a function to compute the plural forms index for a given value
aduth
lottie-api
1.0.0 - 1.0.2
Outdated
A library to edit lottie-web animations dynamically
airnan
web-speech-cognitive-services
4.0.0
Outdated
Polyfill Web Speech API with Cognitive Services Speech-to-Text service
cognitive services
dictation
microphone
polyfill
react
+14
compulim
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites