About
Community
dochub.com
55 packages
Last scanned on Jan 19 at 09:32 AM
Update
Name
Size
Popularity
Severity
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
Script
https://cdn.production.dochub.com/assets/chunk.20230118T201148883Z.142ac9c2bb54e73e6f58.js
License
MIT
Footprint
3 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
56 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
uuid
7.0.0 - 8.0.0
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
emoji-regex
9.2.1 - 9.2.2
Outdated
A regular expression to match all Emoji-only symbols as per the Unicode Standard.
unicode
regex
regexp
regular expressions
code points
+3
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
get-intrinsic
1.1.0 - 1.1.1
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.0 - 1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
call-bind
1.0.1 - 1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
object-inspect
1.11.1
Outdated
string representations of objects in node and the browser
inspect
util.inspect
object
stringify
pretty
fast-deep-equal
2.0.1
Outdated
Fast deep equal
fast
equal
deep-equal
esp
has-symbols
1.0.2 - 1.0.3
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
es-abstract
1.19.0 - 1.19.1
Outdated
ECMAScript spec abstract operations.
ECMAScript
ES
abstract
operation
abstract operation
+4
ljharb
define-properties
1.1.3 - 1.1.4
Outdated
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
Object.defineProperty
Object.defineProperties
object
property descriptor
descriptor
+2
ljharb
is-callable
1.2.0 - 1.2.4
Outdated
Is this JS value callable? Works with Functions and GeneratorFunctions, despite ES6 @@toStringTag.
Function
function
callable
generator
generator function
+5
ljharb
has-tostringtag
1.0.0
Outdated
Determine if the JS environment has `Symbol.toStringTag` support. Supports spec, or shams.
javascript
ecmascript
symbol
symbols
tostringtag
+1
ljharb
object-keys
1.1.0 - 1.1.1
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim
Object.keys
keys
ES5
shim
ljharb
is-regex
1.1.4
Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag
regex
regexp
is
regular expression
regular
+1
ljharb
is-date-object
1.0.1 - 1.0.3
Outdated
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
Date
ES6
toStringTag
@@toStringTag
Date object
ljharb
is-string
1.0.4 - 1.0.7
Is this value a JS String object or primitive? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
String
string
ES6
toStringTag
@@toStringTag
+1
ljharb
eventemitter3
2.0.0 - 5.0.0
Outdated
EventEmitter3 focuses on performance while maintaining a Node.js AND browser compatible interface.
EventEmitter
EventEmitter2
EventEmitter3
Events
addEventListener
+10
es-to-primitive
1.2.0 - 1.2.1
ECMAScript “ToPrimitive” algorithm. Provides ES5 and ES2015 versions.
primitive
abstract
ecmascript
es5
es6
+11
ljharb
has
1.0.1 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
is-arguments
1.1.1
Is this an arguments object? It's a harder question than you think.
arguments
js
javascript
is-arguments
is
+1
ljharb
is-set
2.0.1 - 2.0.2
Outdated
Is this value a JS Set? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
map
set
collection
is
robust
ljharb
is-map
2.0.1 - 2.0.2
Outdated
Is this value a JS Map? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
map
set
collection
is
robust
ljharb
pretty-bytes
5.4.1
Outdated
Convert bytes to a human readable string: 1337 → 1.34 kB
pretty
bytes
byte
filesize
size
+9
sindresorhus
es-get-iterator
1.1.2 - 1.1.3
Get an iterator for any JS language value. Works robustly across all environments, all versions.
iterator
Symbol.iterator
iterable
collection
next
+1
ljharb
@floating-ui/core
0.7.0 - 1.1.0
Outdated
Positioning library for floating elements: tooltips, popovers, dropdowns, and more
tooltip
popover
dropdown
menu
popup
+1
@sentry/utils
7.1.0 - 7.2.0
Outdated
Utilities for all Sentry JavaScript SDKs
+8
@sentry/core
7.0.0 - 7.31.1
Outdated
Base implementation for all Sentry JavaScript SDKs
+8
es-array-method-boxes-properly
1.0.0
Utility package to determine if an `Array.prototype` method properly boxes the callback's receiver and third argument.
ljharb
moment-timezone
0.5.37
Outdated
Parse and display moments in any timezone.
moment
date
time
timezone
olson
+3
+4
crypto-browserify
0.0.0 - 2.0.0
Outdated
implementation of crypto for the browser
+2
@sentry/browser
7.0.0 - 7.15.0
Outdated
Official Sentry SDK for browsers
+8
intl-messageformat
9.10.0 - 9.12.0
Outdated
Formats ICU Message strings with number, date, plural, and select placeholders to create localized messages.
i18n
intl
internationalization
localization
globalization
+4
+9
web-vitals
3.0.0 - 3.0.4
Outdated
Easily measure performance metrics in JavaScript
crux
performance
metrics
Core Web Vitals
CLS
+5
@sentry/hub
7.0.0 - 7.14.2
Outdated
Sentry hub which handles global state managment.
+8
@sentry/integrations
7.0.0 - 7.31.1
Outdated
Pluggable integrations that can be used to enhance JS SDKs
+8
d3
3.5.17
Outdated
Data-Driven Documents
d3
dom
visualization
svg
animation
+1
@formatjs/fast-memoize
1.1.0 - 1.2.7
Outdated
fork of fast-memoize and support esm
intl
fast-memoize
memoize
i18n
array.prototype.map
1.0.1 - 1.0.5
Outdated
An ES5 spec-compliant `Array.prototype.map` shim/polyfill/replacement that works as far down as ES3.
Array.prototype.map
map
array
ES5
shim
+2
ljharb
iterate-iterator
1.0.0 - 1.0.2
Iterate any JS iterator. Works robustly in all environments, all versions.
iterate
iterator
iterable
es2015
es6
+3
ljharb
promise.allsettled
1.0.4 - 1.0.6
Outdated
ES Proposal spec-compliant shim for Promise.allSettled
Promise
promises
allsettled
settled
fulfilled
+7
ljharb
fuse.js
6.5.0 - 6.6.2
Outdated
Lightweight fuzzy-search
fuzzy
search
bitap
krisk
dijkstrajs
1.0.1 - 1.0.2
Outdated
A simple JavaScript implementation of Dijkstra's single-source shortest-paths algorithm.
dijkstra
shortest
path
search
graph
tcort
qrcode
1.5.0
Outdated
QRCode / 2d Barcode api with both server side and client side support using canvas
qr
code
canvas
qrcode
tippy.js
6.0.0 - 6.3.7
The complete tooltip, popover, dropdown, and menu solution for the web
tooltip
popover
popper
dropdown
popup
+2
atomiks
xstate
4.7.0 - 4.35.2
Outdated
Finite State Machines and Statecharts for the Modern Web.
statechart
state machine
finite state machine
finite automata
scxml
+2
@ctrl/tinycolor
2.0.0 - 3.5.0
Outdated
Fast, small color manipulation and conversion for JavaScript
typescript
color
manipulation
tinycolor
hsa
+1
scttcper
focus-trap
6.8.0 - 6.8.1
Outdated
Trap focus within a DOM node.
focus
accessibility
trap
capture
keyboard
+1
intl-messageformat-parser
6.0.8 - 6.4.4
Parses ICU Message strings into an AST via JavaScript.
i18n
intl
internationalization
localization
globalization
+4
+3
@formatjs/intl
1.15.0 - 2.2.1
Outdated
Internationalize JS apps. This library provides an API to format dates, numbers, and strings, including pluralization and handling translations.
intl
i18n
internationalization
locale
localization
+6
humps
0.5.1 - 2.0.1
Underscore-to-camelCase converter (and vice versa) for strings and object keys in JavaScript.
utils
camel
case
underscore
converter
+2
domchristie
intl-tel-input
17.0.5 - 17.0.19
Outdated
A JavaScript plugin for entering and validating international telephone numbers
international
country
dial code
telephone
phone
+12
jackocnr
accounting
0.4.1
number, money and currency formatting library
accounting
number
money
currency
format
+3
openexchangerates
postscribe
2.0.8
Asynchronously write javascript, even with document.write.
document.write
tag writer
asynchronous
javascript
after load
+2
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites