About
Community
safety.com
102 packages
Last scanned on Jan 19 at 12:34 PM
Update
Name
Size
Popularity
Severity
markdown-it
2.0.0 - 2.2.1
Vulnerable
Outdated
Markdown-it - modern pluggable markdown parser.
License
MIT
Vulnerabilities
High
GHSA-j5p7-jf4q-742q
markdown-it vulnerable to Inefficient Regular Expression Complexity
Affected versions >=0 <3.0.0
Moderate
GHSA-6vfc-qv3f-vr6c
Uncontrolled Resource Consumption in markdown-it
Affected versions >=0 <12.3.2
Version distribution in production
188
2.0.0
188
2.1.0
180
2.1.1
180
2.1.2
180
2.1.3
180
2.2.0
Also used on 277 websites
rapid7.com
13 packages
adjust.com
45 packages
wayfair.com
17 packages
paypal.com
26 packages
Repository
Homepage
More
markdown
parser
commonmark
markdown-it
markdown-it-plugin
vitaly
dset
2.0.1
Vulnerable
Outdated
A tiny (194B) utility for safely writing deep Object values~!
deepset
values
object
write
deep
+2
lukeed
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
tslib
1.9.2 - 2.4.0
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
readable-stream
3.6.0
Outdated
Node.js Streams, a user-land copy of the stream library from Node.js
readable
stream
pipe
kind-of
6.0.3
Get the native type of a value.
arguments
array
boolean
check
date
+16
uuid
7.0.0 - 8.0.0
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
string_decoder
1.1.0 - 1.3.0
The string_decoder module from Node core
string
decoder
browser
browserify
+1
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
inherits
2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritance
class
klass
oop
object-oriented
+3
isaacs
regenerator-runtime
0.13.9
Outdated
Runtime for Regenerator-compiled generator and async functions.
regenerator
runtime
generator
async
benjamn
entities
2.2.0
Outdated
Encode & decode XML and HTML entities with ease & speed
entity
decoding
encoding
html
xml
+1
feedic
@babel/runtime
7.9.0 - 7.9.2
Outdated
babel's modular runtime helpers
+1
lodash
4.17.21
Lodash modular utilities.
modules
stdlib
util
axios
0.21.4
Outdated
Promise based HTTP client for the browser and node.js
xhr
http
ajax
promise
node
+1
cookie
0.4.1 - 0.4.2
Outdated
HTTP server cookie parsing and serialization
cookie
cookies
dougwilson
core-util-is
1.0.2 - 1.0.3
The `util.is*` functions introduced in Node v0.12.
util
isBuffer
isArray
isNumber
isString
+4
isaacs
isobject
3.0.0 - 4.0.0
Returns true if the value is an object and not an array or null.
check
is
is-object
isobject
kind
+7
is-plain-object
2.0.0 - 3.0.0
Outdated
Returns true if an object was created by the `Object` constructor, or Object.create(null).
check
is
is-object
isobject
javascript
+7
domutils
2.8.0
Outdated
Utilities for working with htmlparser2's dom
dom
htmlparser2
feedic
parse5
6.0.0 - 6.0.1
Outdated
HTML parser and serializer.
html
parser
html5
WHATWG
specification
+10
+1
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
dom-serializer
1.0.0 - 1.4.1
Outdated
render domhandler DOM nodes to a string
html
xml
render
feedic
domhandler
4.2.0 - 5.0.3
Handler for htmlparser2 that turns pages into a dom
dom
htmlparser2
feedic
events
3.0.0 - 3.3.0
Node's event emitter for all engines.
events
eventEmitter
eventDispatcher
listeners
domelementtype
2.2.0 - 2.3.0
all the types of nodes in htmlparser2's dom
dom
element
types
htmlparser2
feedic
core-js
3.23.3 - 3.26.1
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
css-select
4.0.0 - 4.1.3
Outdated
a CSS selector compiler/engine
css
selector
sizzle
feedic
htmlparser2
6.1.0
Outdated
Fast & forgiving HTML/XML parser
html
parser
streams
xml
dom
+3
feedic
css-what
5.0.1
Outdated
a CSS selector parser
feedic
nth-check
2.0.1
Outdated
Parses and compiles CSS nth-checks to highly optimized functions.
nth-child
nth
css
feedic
process
0.11.10
process information for node.js and browsers
process
boolbase
1.0.0
two functions: One that returns true, one that returns false
feedic
url
0.11.0
Outdated
The core `url` packaged standalone for use with Browserify.
parsing
url
analyze
clone-deep
4.0.1
Recursively (deep) clone JavaScript native types, like Object, Array, RegExp, Date as well as primitives.
array
assign
buffer
clamped
clone
+22
shallow-clone
3.0.1
Creates a shallow clone of any JavaScript value.
array
clone
copy
extend
mixin
+3
sha.js
2.4.9 - 2.4.11
Streamable SHA hashes in pure javascript
asn1.js
5.2.0 - 5.4.1
ASN.1 encoder and decoder
asn.1
der
hash-base
3.0.4 - 3.1.0
abstract base class for hash-streams
hash
stream
+1
elliptic
6.5.4
Outdated
EC cryptography
EC
Elliptic
curve
Cryptography
indutny
hash.js
1.1.0 - 1.1.7
Various hash functions that could be run by both browser and node
hash
sha256
sha224
hmac
indutny
dateformat
3.0.3
Outdated
A node.js package for Steven Levithan's excellent dateFormat() function.
+3
hmac-drbg
1.0.1
Deterministic random bit generator (hmac)
hmac
drbg
prng
indutny
lodash-es
4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
parse5-htmlparser2-tree-adapter
5.0.0 - 6.0.1
Outdated
htmlparser2 tree adapter for parse5.
parse5
parser
tree adapter
htmlparser2
+1
des.js
1.0.1
Outdated
DES implementation
DES
3DES
EDE
CBC
indutny
md5.js
1.1.0 - 1.3.5
node style md5 on pure JavaScript
crypto
md5
+2
pbkdf2
3.1.0 - 3.1.2
This library provides the functionality of PBKDF2 with the ability to use any supported hashing algorithm returned from crypto.getHashes()
pbkdf2
kdf
salt
hash
+3
cipher-base
1.0.4
abstract base class for crypto-streams
cipher
stream
parse-asn1
5.1.6
Outdated
utility library for parsing asn1 files for use with browserify-sign.
+2
dlv
1.1.3
Safely get a dot-notated property within an object.
delve
dot notation
dot
developit
browserify-sign
2.4.0 - 2.8.0
Outdated
adds node crypto signing for browsers
+2
browserify-aes
0.4.0 - 0.8.1
Outdated
aes, for browserify
aes
crypto
browserify
+2
evp_bytestokey
1.0.3
The insecure key derivation algorithm from OpenSSL
crypto
openssl
browserify-rsa
4.1.0
RSA for browserify
+2
crypto-browserify
1.0.9 - 2.0.0
Outdated
implementation of crypto for the browser
+2
create-ecdh
3.0.0 - 4.0.4
createECDH but browserifiable
diffie
hellman
diffiehellman
ECDH
+2
js-cookie
3.0.1
Outdated
A simple, lightweight JavaScript API for handling cookies
cookie
cookies
browser
amd
commonjs
+3
public-encrypt
4.0.3
browserify version of publicEncrypt & privateDecrypt
+2
diffie-hellman
1.1.2
Outdated
pure js diffie-hellman
diffie
hellman
diffiehellman
dh
+2
browserify-des
1.0.2
browserify-des ===
miller-rabin
1.1.0 - 4.0.1
Miller Rabin algorithm for primality test
prime
miller-rabin
bignumber
randomfill
1.0.0 - 1.0.4
random fill from browserify stand alone
crypto
random
querystring-es3
0.2.1
Node's querystring module for all engines. (ES3 compat fork)
commonjs
query
querystring
spaintrain
cheerio
0.22.0
Outdated
Tiny, fast, and elegant implementation of core jQuery designed specifically for the server
htmlparser
jquery
selector
scraper
parser
+1
ufo
0.5.2 - 1.0.1
Outdated
URL utils for humans
pi0
workerpool
0.1.0 - 6.0.2
Outdated
Offload tasks to a pool of workers on node.js and in the browser
worker
web worker
cluster
pool
isomorphic
unfetch
4.2.0
Outdated
Bare minimum fetch polyfill in 500 bytes
fetch
polyfill
xhr
ajax
developit
vue
1.0.9 - 2.7.14
Outdated
The progressive JavaScript framework for building modern web UI.
vue
@firebase/component
0.4.0 - 0.5.7
Outdated
Firebase Component Platform
+1
@firebase/logger
0.2.5 - 0.2.6
Outdated
A logger package for use in the Firebase JS SDK
+1
@hookform/resolvers
1.1.0
Outdated
React Hook Form validation resolvers: Yup, Joi, Superstruct, Zod, Vest, Class Validator, io-ts, Nope, computed-types, TypeBox, arktype and Typanion
scheme
validation
scheme-validation
hookform
react-hook-form
+14
fp-ts
0.2.1 - 2.9.5
Outdated
Functional programming in TypeScript
typescript
algebraic-data-types
functional-programming
gcanti
lit-element
3.0.0
Outdated
A simple base class for creating fast, lightweight web components
+11
xstate
4.7.0 - 4.35.2
Outdated
Finite State Machines and Statecharts for the Modern Web.
statechart
state machine
finite state machine
finite automata
scxml
+2
react-query
0.0.11 - 0.0.15
Outdated
Hooks for managing, caching and syncing asynchronous and remote data in React
rc-select
6.9.6 - 8.6.6
Outdated
React Select
react
react-component
react-select
select
+6
@aws-amplify/core
1.2.0 - 5.0.10
Outdated
Core category of aws-amplify
+6
@auth0/auth0-spa-js
2.0.0 - 2.0.2
Outdated
Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE
auth0
login
Authorization Code Grant Flow
PKCE
Single Page Application authentication
+1
+41
striptags
3.2.0
PHP strip_tags in Node.js
striptags
strip_tags
html
strip
tags
ericnorris
apollo-client
0.3.14 - 0.4.22
Outdated
A simple yet functional GraphQL client.
ecmascript
es2015
jsnext
javascript
relay
+2
+5
canvas-confetti
0.2.0 - 1.6.0
Outdated
performant confetti animation in the browser
canvas
confetti
animation
burst
fireworks
+2
kirilv
vue-property-decorator
7.3.0 - 9.1.2
property decorators for Vue Component
vue
typescript
decorator
kaorun343
timeago.js
4.0.0 - 4.0.2
timeago.js is a simple library (only 1kb) to used to format datetime with `*** time ago` statement. eg: '3 hours ago'. localization supported.
timeago
datetime
*** time ago
date
javascript timeago
vue-no-ssr
1.1.1
Vue component to wrap non SSR friendly components
vue-client-only
2.0.0 - 2.1.0
Vue component to wrap non SSR friendly components
egoist
@vue/composition-api
1.1.0 - 1.7.1
Outdated
Provide logic composition capabilities for Vue.
vue
composition-api
+2
just-clone
4.1.1 - 6.0.0
Outdated
deep copies objects and arrays
object
clone
copy
deep-copy
extend
+2
angus-c
cookie-universal
2.2.1 - 2.2.2
Universal cookie plugin, perfect for SSR
universal cookie
SSR cookie
node cookie
browser cookie
cookies
+1
microcipcip
vuex-class
0.1.3 - 0.2.0
Outdated
Binding helpers for Vuex and vue-class-component
vue
vuex
bindings
ktsn
just-unique
3.4.1 - 4.1.1
Outdated
dedupes an array
array
unique
dedupe
no-dependencies
just
angus-c
fluture
12.0.0 - 14.0.0
FantasyLand compliant (monadic) alternative to Promises
algebraic
async
asynchronous
browser
control-flow
+12
just-safe-get
3.1.1 - 4.1.1
Outdated
get value at property, don't throw if parent is undefined
object
safe
get
no-dependencies
just
angus-c
just-safe-set
4.0.2 - 4.1.1
Outdated
set value at property, create intermediate properties if necessary
object
safe
set
no-dependencies
just
angus-c
just-omit
1.4.1 - 2.1.2
Outdated
copy an object but omit the specified keys
object
omit
keys
no-dependencies
just
angus-c
@fastly/performance-observer-polyfill
2.0.0
<h1 align="center" style="border-bottom: none;">🔎 PerformanceObserver Polyfill</h1> <p align="center"> <a href="https://travis-ci.org/fastly/performance-observer-polyfill"> <img alt="Travis" src="https://img.shields.io/travis/fastly/performance-obs
performance
performanceobserver
polyfill
+17
fun-hooks
1.0.2
Outdated
A generalized and simple hooking API for adding extensibility to applications
hooks
middleware
before
after
pre
+3
snapwich
just-pick
3.1.1 - 4.1.1
Outdated
copy an object but with only the specified keys
object
pick
keys
no-dependencies
just
angus-c
prebid.js
6.17.0 - 6.18.0
Outdated
Header Bidding Management Library
advertising
auction
header bidding
prebid
+1
just-intersect
3.4.1 - 4.1.0
Outdated
return the intersect of two arrays
array
intersect
no-dependencies
just
angus-c
live-connect-js
x.x.x
criteo-direct-rsa-validate
x.x.x
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites