About
Community
nextdoor.com
134 packages
Last scanned on Oct 27 at 06:16 PM
Update
Name
Size
Popularity
Severity
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
Script
https://d19rpgkrjeba2z.cloudfront.net/static/gen/vendor_2c6ddf82ad79c26d12da.js
License
MIT
Footprint
22 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
56 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
axios
0.18.1
Vulnerable
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
ms
0.7.2 - 1.0.0
Vulnerable
Outdated
Tiny millisecond conversion utility
+5
es5-ext
0.10.1 - 0.10.62
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
debug
2.3.1 - 3.1.0
Outdated
Lightweight debugging utility for Node.js and the browser
debug
log
debugger
+1
tslib
1.6.0 - 2.4.0
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
isarray
0.0.0 - 0.0.1
Outdated
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
16.3.0 - 16.13.1
Outdated
Brand checking of React Elements.
react
+1
qs
6.5.3
Outdated
A querystring parser that supports nesting and arrays, with a depth limit
querystring
qs
query
url
parse
+1
bytes
2.0.2
Outdated
Utility to parse a string bytes to bytes and vice-versa
byte
bytes
utility
parse
parser
+2
@babel/runtime
7.18.2 - 7.20.0
Outdated
babel's modular runtime helpers
+1
get-intrinsic
1.1.3
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.0 - 1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
path-to-regexp
1.7.0 - 1.8.0
Outdated
Express style path to RegExp utility
express
regexp
route
routing
+2
call-bind
1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
has-symbols
1.0.2 - 1.0.3
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
has-property-descriptors
1.0.0
Outdated
Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD.
property
descriptors
has
environment
env
+2
ljharb
define-properties
1.1.4
Outdated
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
Object.defineProperty
Object.defineProperties
object
property descriptor
descriptor
+2
ljharb
has-tostringtag
1.0.0
Outdated
Determine if the JS environment has `Symbol.toStringTag` support. Supports spec, or shams.
javascript
ecmascript
symbol
symbols
tostringtag
+1
ljharb
is-buffer
2.0.0 - 2.0.5
Determine if an object is a Buffer
arraybuffer
browser
browser buffer
browserify
buffer
+10
feross
object-keys
1.1.0 - 1.1.1
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim
Object.keys
keys
ES5
shim
ljharb
deepmerge
4.2.2
Outdated
A library for deep (recursive) merging of Javascript objects
merge
deep
extend
copy
clone
+1
tehshrike
regexp.prototype.flags
1.4.2 - 1.4.3
Outdated
ES6 spec-compliant RegExp.prototype.flags shim.
RegExp.prototype.flags
regex
regular expression
ES6
shim
+6
ljharb
core-js
2.6.12
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
is-regex
1.1.4
Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag
regex
regexp
is
regular expression
regular
+1
ljharb
is-date-object
1.0.5
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
Date
ES6
toStringTag
@@toStringTag
Date object
ljharb
functions-have-names
1.1.1 - 1.2.3
Does this JS environment support the `name` property on functions?
function
name
es5
names
functions
+1
ljharb
has
1.0.1 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
scheduler
0.15.0 - 0.23.0
Cooperative scheduler for the browser environment.
react
+1
prop-types
15.8.0 - 15.8.1
Runtime type checking for React props and similar objects.
react
is-arguments
1.1.1
Is this an arguments object? It's a harder question than you think.
arguments
js
javascript
is-arguments
is
+1
ljharb
react
17.0.0 - 17.0.2
Outdated
React is a JavaScript library for building user interfaces.
react
+1
deep-equal
1.1.0 - 1.1.1
Outdated
node's assert.deepEqual algorithm
equality
equal
compare
ljharb
object-is
1.1.0 - 1.1.5
Outdated
ES2015-compliant shim for Object.is - differentiates between -0 and +0
is
Object.is
equality
sameValueZero
ES6
+4
ljharb
hoist-non-react-statics
3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
querystring
0.2.1
Node's querystring module for all engines.
commonjs
query
querystring
classnames
2.3.2
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
stylis
4.0.0 - 4.0.5
Outdated
A Light–weight CSS Preprocessor
query-string
5.0.1 - 5.1.1
Outdated
Parse and stringify URL query strings
browser
querystring
query
string
qs
+9
sindresorhus
react-transition-group
1.0.0 - 2.5.2
Outdated
A react component toolset for managing animations
react
transition
addons
transition-group
animation
+2
graphql
15.5.0 - 15.8.0
Outdated
A Query Language and Runtime which can target any service.
graphql
graphql-js
+5
dom-helpers
3.4.0
Outdated
tiny modular DOM lib for ie9+
dom-helpers
react-component
dom
api
cross-browser
+8
underscore
1.11.0 - 1.13.6
JavaScript's functional programming helper library.
util
functional
server
client
browser
@emotion/serialize
0.11.12 - 0.11.16
Outdated
serialization utils for emotion
+1
@emotion/utils
0.0.4 - 1.2.0
Outdated
internal utils for emotion
+1
tiny-invariant
0.0.2 - 1.3.1
Outdated
A tiny invariant function
invariant
error
assert
asserts
alexreardon
@sentry/utils
6.19.5 - 6.19.7
Outdated
Utilities for all Sentry JavaScript SDKs
+8
memoize-one
5.1.0 - 5.1.1
Outdated
A memoization library which only remembers the latest invocation
memoize
memoization
cache
performance
alexreardon
@emotion/sheet
0.9.1 - 0.9.4
Outdated
emotion's stylesheet
+1
react-router
1.0.1 - 1.0.3
Outdated
Declarative routing for React
react
router
route
routing
history
+1
@sentry/core
6.19.7
Outdated
Base implementation for all Sentry JavaScript SDKs
+8
react-router-dom
5.1.0 - 5.3.4
Outdated
Declarative routing for React web applications
react
router
route
routing
history
+1
lodash-es
4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
redux
4.1.0 - 4.2.0
Outdated
Predictable state container for JavaScript apps
redux
reducer
state
predictable
functional
+6
+3
tailwindcss
1.4.2 - 1.7.1
Outdated
A utility-first CSS framework for rapidly building custom user interfaces.
babel-runtime
6.18.0 - 6.26.0
babel selfContained runtime
socket.io-parser
2.1.0 - 2.3.1
Outdated
socket.io protocol parser
linkify-it
2.2.0
Outdated
Links recognition library with FULL unicode support
linkify
linkifier
autolink
autolinker
vitaly
history
4.0.0 - 4.10.1
Outdated
Manage session history with JavaScript
history
location
mjackson
engine.io-parser
0.1.0 - 2.2.1
Outdated
Parser for the client for the realtime Engine
uc.micro
1.0.6
Outdated
Micro subset of unicode data files for markdown-it projects.
vitaly
react-lifecycles-compat
3.0.4
Backwards compatibility polyfill for React class components
@sentry/browser
6.19.0 - 6.19.7
Outdated
Official Sentry SDK for browsers
+8
libphonenumber-js
1.10.13
Outdated
A simpler (and smaller) rewrite of Google Android's libphonenumber library in javascript
telephone
phone
number
input
mobile
+1
catamphetamine
react-select
1.2.0 - 1.3.0
Outdated
A Select control built with and for ReactJS
combobox
form
input
multiselect
react
+3
+2
zen-observable-ts
1.1.0 - 1.2.3
Thin wrapper around zen-observable and @types/zen-observable, to support ESM exports as well as CommonJS exports
@wry/trie
0.2.1 - 0.3.2
Outdated
https://en.wikipedia.org/wiki/Trie
trie
prefix
weak
dictionary
lexicon
benjamn
socket.io-client
1.5.0 - 1.7.4
Outdated
Realtime application framework client
realtime
framework
websocket
tcp
events
+1
base64-arraybuffer
0.1.5 - 1.0.2
Encode/decode base64 data into ArrayBuffers
niklasvh
engine.io-client
3.1.3 - 3.2.1
Outdated
Client for the realtime Engine
@wry/equality
0.5.3
Outdated
Structural equality checking for JavaScript values
benjamn
framer-motion
4.1.12 - 4.1.17
Outdated
A simple and powerful JavaScript animation library
react animation
react
three
3d
pose
+8
+36
tabbable
3.1.1 - 3.1.2
Outdated
Returns an array of all tabbable DOM nodes within a containing node.
@wry/context
0.4.0 - 0.6.1
Outdated
Manage contextual information needed by (a)synchronous tasks without explicitly passing objects around
benjamn
optimism
0.16.1
Outdated
Composable reactive caching with efficient invalidation.
caching
cache
invalidation
reactive
reactivity
+4
benjamn
@sentry/hub
7.0.0 - 7.14.2
Outdated
Sentry hub which handles global state managment.
+8
@apollo/client
3.4.11 - 3.4.13
Outdated
A fully-featured caching GraphQL client.
apollo
graphql
react
hooks
client
+1
+1
react-scripts
0.4.2
Outdated
Configuration and scripts for Create React App.
+1
react-textarea-autosize
8.0.0 - 8.3.4
Outdated
textarea component for React which grows with content
autosize
grow
react
react-component
textarea
@sentry/tracing
6.19.5 - 6.19.7
Outdated
Sentry Performance Monitoring Package
+8
uncontrollable
3.0.0 - 7.2.1
Outdated
Wrap a controlled react component, to allow specific prop/handler pairs to be uncontrolled
uncontrolled-component
react-component
input
controlled
uncontrolled
+1
monastic.panic
@emotion/core
0.13.0 - 10.3.1
Outdated
+1
framesync
4.1.0 - 6.1.2
A frame-synced render loop for JavaScript
animation
raf
popmotion
react-input-autosize
2.2.2
Outdated
Auto-resizing Input Component for React
react
react-component
input
autosize
+1
parseuri
0.0.4 - 0.0.5
Outdated
Method that parses a URI and returns an array of its components
gal
mini-create-react-context
0.3.3 - 0.4.1
Smaller Polyfill for the proposed React context API
react
context
contextTypes
polyfill
ponyfill
stringepsilon
create-react-class
15.7.0
Legacy API for creating React components.
react
lit-element
3.0.0
Outdated
A simple base class for creating fast, lightweight web components
+11
react-use
8.1.2 - 13.24.1
Outdated
Collection of React Hooks
streamich
yeast
0.1.2
Tiny but linear growing unique id generator
yeast
id
generator
unique
recharts
1.0.0 - 1.8.5
Outdated
React charts
react
reactjs
chart
react-component
blob
0.0.1 - 0.0.4
Outdated
Abstracts out Blob and uses BlobBuilder in cases where it is supported with any vendor prefix.
xstate
4.7.0 - 4.19.1
Outdated
Finite State Machines and Statecharts for the Modern Web.
statechart
state machine
finite state machine
finite automata
scxml
+2
focus-trap
4.0.0 - 4.0.2
Outdated
Trap focus within a DOM node.
focus
accessibility
trap
capture
keyboard
+1
rc-motion
1.0.0 - 2.6.2
Outdated
React lifecycle controlled motion library
react
react-component
react-motion
motion
antd
+1
+1
after
0.8.1 - 0.8.2
after - tiny flow control
flowcontrol
after
flow
control
arch
component-bind
1.0.0
function binding utility
bind
utility
+24
arraybuffer.slice
0.0.6 - 0.0.7
Exports a function for slicing ArrayBuffers (no polyfilling)
rase-
component-inherit
0.0.3
Prototype inheritance utility
coreh
to-array
0.1.3 - 0.1.4
Turn an array like into an array
raynos
popmotion
9.0.0 - 11.0.5
The animator's toolbox
animation
ux
ui
popmotion
canvas animation
+11
popmotion
style-value-types
4.1.0 - 4.1.5
Outdated
Parsers, transformers and tests for special value types, eg: %, hex codes etc.
css
svg
hex
rgba
hsla
popmotion
react-overlays
0.5.0 - 5.2.1
Utilities for creating robust overlay components
react-overlays
react-component
react
overlay
react-component
+4
mobx
2.6.0 - 6.6.2
Outdated
Simple, scalable state management.
mobx
mobservable
observable
react-component
react
+7
+3
react-bootstrap
0.32.0 - 0.32.1
Outdated
Bootstrap 5 components built with React
bootstrap
react
component
components
ecosystem-react
+1
keycode
2.1.2 - 2.2.1
Convert between keyboard keycodes and keynames and vice versa.
keyboard
keycode
keyboardevent
ascii
keydown
+4
timoxley
react-player
1.12.0 - 1.15.3
Outdated
A React component for playing a variety of URLs, including file paths, YouTube, Facebook, Twitch, SoundCloud, Streamable, Vimeo, Wistia and DailyMotion
react
media
player
video
audio
+11
cookpete
immutability-helper
2.7.1 - 2.9.1
Outdated
mutate a copy of data without changing the original source
immutability
@chakra-ui/theme
2.1.0 - 2.1.3
Outdated
The default theme for chakra components
theme
theming
ui mode
ui
focus-trap-react
5.0.0 - 6.0.0
Outdated
A React component that traps focus.
react
reactjs
react-component
aria
accessibility
+4
+1
@chakra-ui/hooks
2.0.0 - 2.1.0
Outdated
React hooks for Chakra components
hooks
react
chakra ui
utilities
scriptjs
2.5.6 - 2.5.9
Asyncronous JavaScript loader and dependency manager
ender
script
dependency
ajax
jsonp
+1
chain-function
1.0.0 - 1.0.1
chain a bunch of functions together into a single call
chain
compose
function
monastic.panic
react-ga
1.4.1 - 2.7.0
Outdated
React Google Analytics Module
React
GA
Google Analytics
Universal Analytics
amplitude-js
5.2.0
Outdated
Javascript library for Amplitude Analytics
analytics
amplitude
+5
react-prop-types
0.4.0
Additional PropTypes for React
react
proptypes
+1
@fingerprintjs/fingerprintjs
3.3.1 - 3.3.6
Outdated
Browser fingerprinting library with the highest accuracy and stability
fraud
fraud detection
fraud prevention
browser
identification
+5
react-visibility-sensor
3.10.1 - 3.11.1
Outdated
Sensor component for React that notifies you when it goes in or out of the window viewport.
react
react-component
visibility
+1
store
2.0.12
A localStorage wrapper for all browsers without using cookies or flash. Uses localStorage, globalStorage, and userData behavior under the hood
marcuswestin
analytics-utils
0.4.2 - 1.0.10
Outdated
Analytics utility functions used by 'analytics' module
analytics
analytics-project
analytics-utilities
davidwells
react-multi-carousel
1.0.0 - 1.0.18
Outdated
Production-ready, lightweight fully customizable React carousel component that rocks supports multiple items and SSR(Server-side rendering) with typescript.
react
typescript
carousel
react-component
server-side rendering
+14
yizhuang
crypto-hash
0.1.0 - 2.0.1
Outdated
Tiny hashing module that uses the native crypto API in Node.js and the browser
crypto
hash
isomorphic
hashing
hasher
+6
sindresorhus
reakit-utils
0.9.0
Outdated
Reakit utils
reakit
react
utils
diegohaz
reakit-system
0.8.0 - 0.9.0
Outdated
Reakit System utils
reakit
react
system
diegohaz
reakit
1.0.0 - 1.0.2
Outdated
Toolkit for building accessible rich web apps with React
reakit
a11y
react
ui
toolkit
+1
diegohaz
@apollo/react-components
3.0.0 - 3.1.5
Outdated
React Apollo Query, Mutation and Subscription components.
apollo
graphql
react
components
+1
no-scroll
2.1.0 - 2.1.1
Disable the document's scrolling
scroll
scrolling
disable
modal
dialog
davidtheclark
@theme-ui/core
0.3.0 - 0.3.5
Outdated
[![Minified Size on Bundlephobia](https://badgen.net/bundlephobia/minzip/@theme-ui/core)](https://bundlephobia.com/package/@theme-ui/core)
+1
@tannin/plural-forms
1.0.0 - 1.1.0
Compiles a function to compute the plural forms index for a given value
aduth
@theme-ui/theme-provider
0.3.0 - 0.8.4
Outdated
**Note:** This package is a hack to fix export order produced by microbundle. Use the main `theme-ui` package or `@theme-ui/core` instead.
+1
most
0.6.0 - 0.9.1
Outdated
Monadic streams
reactive
reactive programming
reactive streams
stream
streams
+11
+2
lottie-api
1.0.0 - 1.0.2
Outdated
A library to edit lottie-web animations dynamically
airnan
botframework-webchat-component
4.4.1 - 4.11.0
Outdated
React component of botframework-webchat
+2
@team-griffin/react-heading-section
1.0.0 - 3.1.1
```sh npm i --save @team-griffin/react-heading-section
+1
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites