About
Community
cnet.com
103 packages
Last scanned on Oct 27 at 07:02 PM
Update
Name
Size
Popularity
Severity
markdown-it
2.0.0 - 2.2.1
Vulnerable
Outdated
Markdown-it - modern pluggable markdown parser.
License
MIT
Vulnerabilities
High
GHSA-j5p7-jf4q-742q
markdown-it vulnerable to Inefficient Regular Expression Complexity
Affected versions >=0 <3.0.0
Moderate
GHSA-6vfc-qv3f-vr6c
Uncontrolled Resource Consumption in markdown-it
Affected versions >=0 <12.3.2
Version distribution in production
188
2.0.0
188
2.1.0
180
2.1.1
180
2.1.2
180
2.1.3
180
2.2.0
Also used on 277 websites
rapid7.com
13 packages
adjust.com
45 packages
wayfair.com
17 packages
paypal.com
26 packages
Repository
Homepage
More
markdown
parser
commonmark
markdown-it
markdown-it-plugin
vitaly
dset
2.0.1
Vulnerable
Outdated
A tiny (194B) utility for safely writing deep Object values~!
deepset
values
object
write
deep
+2
lukeed
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
supports-color
5.0.1 - 7.2.0
Outdated
Detect whether a terminal supports color
color
colour
colors
terminal
console
+15
chalk
2.3.1 - 2.4.2
Outdated
Terminal string styling done right
color
colour
colors
terminal
console
+15
tslib
1.9.2 - 2.4.0
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
color-convert
1.8.2 - 2.0.1
Plain color conversion functions
color
colour
convert
converter
conversion
+7
qix
readable-stream
3.6.0
Outdated
Node.js Streams, a user-land copy of the stream library from Node.js
readable
stream
pipe
escape-string-regexp
1.0.0 - 1.0.5
Outdated
Escape RegExp special characters
escape
regex
regexp
regular
expression
+3
sindresorhus
kind-of
6.0.3
Get the native type of a value.
arguments
array
boolean
check
date
+16
uuid
7.0.0 - 8.0.0
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
inherits
2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritance
class
klass
oop
object-oriented
+3
isaacs
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
regenerator-runtime
0.13.9
Outdated
Runtime for Regenerator-compiled generator and async functions.
regenerator
runtime
generator
async
benjamn
entities
2.2.0
Outdated
Encode & decode XML and HTML entities with ease & speed
entity
decoding
encoding
html
xml
+1
feedic
@babel/runtime
7.9.0 - 7.9.2
Outdated
babel's modular runtime helpers
+1
lodash
4.17.21
Lodash modular utilities.
modules
stdlib
util
axios
0.21.2 - 0.21.4
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
cookie
0.4.1 - 0.4.2
Outdated
HTTP server cookie parsing and serialization
cookie
cookies
dougwilson
core-util-is
1.0.2 - 1.0.3
The `util.is*` functions introduced in Node v0.12.
util
isBuffer
isArray
isNumber
isString
+4
isaacs
isobject
3.0.0 - 4.0.0
Returns true if the value is an object and not an array or null.
check
is
is-object
isobject
kind
+7
is-plain-object
2.0.0 - 3.0.0
Outdated
Returns true if an object was created by the `Object` constructor, or Object.create(null).
check
is
is-object
isobject
javascript
+7
parse5
6.0.0 - 6.0.1
Outdated
HTML parser and serializer.
html
parser
html5
WHATWG
specification
+10
+1
domutils
2.8.0
Outdated
Utilities for working with htmlparser2's dom
dom
htmlparser2
feedic
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
dom-serializer
1.0.0 - 1.4.1
Outdated
render domhandler DOM nodes to a string
html
xml
render
feedic
domhandler
4.2.2 - 4.3.1
Outdated
Handler for htmlparser2 that turns pages into a dom
dom
htmlparser2
feedic
deepmerge
4.2.2
Outdated
A library for deep (recursive) merging of Javascript objects
merge
deep
extend
copy
clone
+1
tehshrike
domelementtype
2.2.0 - 2.3.0
all the types of nodes in htmlparser2's dom
dom
element
types
htmlparser2
feedic
core-js
3.23.3 - 3.26.0
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
css-select
4.0.0 - 4.1.3
Outdated
a CSS selector compiler/engine
css
selector
sizzle
feedic
htmlparser2
6.1.0
Outdated
Fast & forgiving HTML/XML parser
html
parser
streams
xml
dom
+3
feedic
css-what
5.0.1
Outdated
a CSS selector parser
feedic
nth-check
2.0.1
Outdated
Parses and compiles CSS nth-checks to highly optimized functions.
nth-child
nth
css
feedic
process
0.11.10
process information for node.js and browsers
process
boolbase
1.0.0
two functions: One that returns true, one that returns false
feedic
url
0.11.0
Outdated
The core `url` packaged standalone for use with Browserify.
parsing
url
analyze
minimalistic-assert
1.0.0 - 1.0.1
minimalistic-assert ===
clone-deep
4.0.1
Recursively (deep) clone JavaScript native types, like Object, Array, RegExp, Date as well as primitives.
array
assign
buffer
clamped
clone
+22
shallow-clone
3.0.1
Creates a shallow clone of any JavaScript value.
array
clone
copy
extend
mixin
+3
sha.js
2.4.9 - 2.4.11
Streamable SHA hashes in pure javascript
asn1.js
5.2.0 - 5.4.1
ASN.1 encoder and decoder
asn.1
der
hash-base
3.0.4 - 3.1.0
abstract base class for hash-streams
hash
stream
+1
elliptic
6.5.4
Outdated
EC cryptography
EC
Elliptic
curve
Cryptography
indutny
hash.js
1.1.2 - 1.1.7
Various hash functions that could be run by both browser and node
hash
sha256
sha224
hmac
indutny
dateformat
3.0.3
Outdated
A node.js package for Steven Levithan's excellent dateFormat() function.
+3
hmac-drbg
1.0.1
Deterministic random bit generator (hmac)
hmac
drbg
prng
indutny
lodash-es
4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
parse5-htmlparser2-tree-adapter
5.0.0 - 6.0.1
Outdated
htmlparser2 tree adapter for parse5.
parse5
parser
tree adapter
htmlparser2
+1
des.js
1.0.1
Outdated
DES implementation
DES
3DES
EDE
CBC
indutny
md5.js
1.1.0 - 1.3.5
node style md5 on pure JavaScript
crypto
md5
+2
parse-asn1
5.1.6
Outdated
utility library for parsing asn1 files for use with browserify-sign.
+2
cipher-base
1.0.4
abstract base class for crypto-streams
cipher
stream
browserify-sign
2.4.0 - 2.8.0
Outdated
adds node crypto signing for browsers
+2
dlv
1.1.3
Safely get a dot-notated property within an object.
delve
dot notation
dot
developit
browserify-aes
0.4.0 - 0.8.1
Outdated
aes, for browserify
aes
crypto
browserify
+2
stream-http
2.8.2 - 2.8.3
Outdated
Streaming http in the browser
http
stream
streaming
xhr
http-browserify
evp_bytestokey
1.0.3
The insecure key derivation algorithm from OpenSSL
crypto
openssl
browserify-rsa
4.1.0
RSA for browserify
+2
crypto-browserify
1.0.9 - 2.0.0
Outdated
implementation of crypto for the browser
+2
create-ecdh
3.0.0 - 4.0.4
createECDH but browserifiable
diffie
hellman
diffiehellman
ECDH
+2
public-encrypt
4.0.3
browserify version of publicEncrypt & privateDecrypt
+2
js-cookie
3.0.1
Outdated
A simple, lightweight JavaScript API for handling cookies
cookie
cookies
browser
amd
commonjs
+3
diffie-hellman
1.1.2
Outdated
pure js diffie-hellman
diffie
hellman
diffiehellman
dh
+2
browserify-des
1.0.2
browserify-des ===
miller-rabin
1.1.0 - 4.0.1
Miller Rabin algorithm for primality test
prime
miller-rabin
bignumber
randomfill
1.0.0 - 1.0.4
random fill from browserify stand alone
crypto
random
querystring-es3
0.2.1
Node's querystring module for all engines. (ES3 compat fork)
commonjs
query
querystring
spaintrain
cheerio
0.22.0
Outdated
Tiny, fast, and elegant implementation of core jQuery designed specifically for the server
htmlparser
jquery
selector
scraper
parser
+1
ufo
0.5.2 - 0.8.6
Outdated
URL utils for humans
pi0
workerpool
0.1.0 - 6.0.2
Outdated
Offload tasks to a pool of workers on node.js and in the browser
worker
web worker
cluster
pool
isomorphic
to-arraybuffer
1.0.1
Get an ArrayBuffer from a Buffer as fast as possible
buffer
to
arraybuffer
fast
read
+1
jhiesey
unfetch
4.2.0
Outdated
Bare minimum fetch polyfill in 500 bytes
fetch
polyfill
xhr
ajax
developit
@firebase/component
0.4.0 - 0.5.7
Outdated
Firebase Component Platform
+1
@hookform/resolvers
1.1.0
Outdated
React Hook Form validation resolvers: Yup, Joi, Superstruct, Zod, Vest, Class Validator, io-ts, Nope, computed-types, TypeBox, arktype and Typanion
scheme
validation
scheme-validation
hookform
react-hook-form
+14
fp-ts
0.2.1 - 2.9.5
Outdated
Functional programming in TypeScript
typescript
algebraic-data-types
functional-programming
gcanti
lit-element
3.0.0
Outdated
A simple base class for creating fast, lightweight web components
+11
react-query
0.0.11 - 0.0.15
Outdated
Hooks for managing, caching and syncing asynchronous and remote data in React
rc-select
6.9.6 - 8.6.6
Outdated
React Select
react
react-component
react-select
select
+6
@aws-amplify/core
1.2.0 - 4.7.10
Outdated
Core category of aws-amplify
+6
@auth0/auth0-spa-js
2.0.0
Outdated
Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE
auth0
login
Authorization Code Grant Flow
PKCE
Single Page Application authentication
+1
+41
striptags
3.2.0
PHP strip_tags in Node.js
striptags
strip_tags
html
strip
tags
ericnorris
apollo-client
0.3.14 - 0.4.22
Outdated
A simple yet functional GraphQL client.
ecmascript
es2015
jsnext
javascript
relay
+2
+5
vue-class-component
6.0.0 - 7.2.6
ES201X/TypeScript class decorator for Vue components
vue
class
babel
typescript
canvas-confetti
0.2.0 - 1.6.0
Outdated
performant confetti animation in the browser
canvas
confetti
animation
burst
fireworks
+2
kirilv
vue-property-decorator
7.3.0 - 9.1.2
property decorators for Vue Component
vue
typescript
decorator
kaorun343
vue-no-ssr
1.1.1
Vue component to wrap non SSR friendly components
@vue/composition-api
1.1.0 - 1.7.1
Outdated
Provide logic composition capabilities for Vue.
vue
composition-api
+2
just-clone
4.1.1 - 6.0.0
Outdated
deep copies objects and arrays
object
clone
copy
deep-copy
extend
+2
angus-c
cookie-universal
2.2.1 - 2.2.2
Universal cookie plugin, perfect for SSR
universal cookie
SSR cookie
node cookie
browser cookie
cookies
+1
microcipcip
vuex-class
0.1.3 - 0.2.0
Outdated
Binding helpers for Vuex and vue-class-component
vue
vuex
bindings
ktsn
just-unique
3.4.1 - 4.1.1
Outdated
dedupes an array
array
unique
dedupe
no-dependencies
just
angus-c
just-safe-get
3.1.1 - 4.1.1
Outdated
get value at property, don't throw if parent is undefined
object
safe
get
no-dependencies
just
angus-c
just-safe-set
4.0.2 - 4.1.1
Outdated
set value at property, create intermediate properties if necessary
object
safe
set
no-dependencies
just
angus-c
just-omit
1.4.1 - 2.1.2
Outdated
copy an object but omit the specified keys
object
omit
keys
no-dependencies
just
angus-c
@fastly/performance-observer-polyfill
2.0.0
<h1 align="center" style="border-bottom: none;">🔎 PerformanceObserver Polyfill</h1> <p align="center"> <a href="https://travis-ci.org/fastly/performance-observer-polyfill"> <img alt="Travis" src="https://img.shields.io/travis/fastly/performance-obs
performance
performanceobserver
polyfill
+17
fun-hooks
1.0.2
Outdated
A generalized and simple hooking API for adding extensibility to applications
hooks
middleware
before
after
pre
+3
snapwich
just-pick
3.1.1 - 4.1.1
Outdated
copy an object but with only the specified keys
object
pick
keys
no-dependencies
just
angus-c
prebid.js
6.17.0 - 6.18.0
Outdated
Header Bidding Management Library
advertising
auction
header bidding
prebid
+1
just-intersect
3.4.1 - 4.1.0
Outdated
return the intersect of two arrays
array
intersect
no-dependencies
just
angus-c
live-connect-js
x.x.x
criteo-direct-rsa-validate
x.x.x
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites