About
Community
segmentfault.com
61 packages
Last scanned on Oct 27 at 06:32 PM
Update
Name
Size
Popularity
Severity
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
Script
https://static.segmentfault.com/main_site/496c90a0/umi.js
License
MIT
Footprint
4 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
56 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
isarray
0.0.0 - 0.0.1
Outdated
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
16.3.0 - 17.0.2
Outdated
Brand checking of React Elements.
react
+1
qs
6.10.0 - 6.11.0
Outdated
A querystring parser that supports nesting and arrays, with a depth limit
querystring
qs
query
url
parse
+1
@babel/runtime
7.12.13 - 7.13.10
Outdated
babel's modular runtime helpers
+1
get-intrinsic
1.1.0 - 1.1.1
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.0 - 1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
path-to-regexp
1.7.0 - 1.8.0
Outdated
Express style path to RegExp utility
express
regexp
route
routing
+2
call-bind
1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
object-inspect
1.12.0 - 1.12.1
Outdated
string representations of objects in node and the browser
inspect
util.inspect
object
stringify
pretty
has-symbols
1.0.2 - 1.0.3
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
isobject
3.0.0 - 4.0.0
Returns true if the value is an object and not an array or null.
check
is
is-object
isobject
kind
+7
side-channel
1.0.4
Outdated
Store information about any JS value in a side channel. Uses WeakMap if available.
weakmap
map
side
channel
metadata
ljharb
is-plain-object
2.0.0 - 3.0.0
Outdated
Returns true if an object was created by the `Object` constructor, or Object.create(null).
check
is
is-object
isobject
javascript
+7
core-js
3.6.3 - 3.6.5
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
scheduler
0.15.0 - 0.23.0
Outdated
Cooperative scheduler for the browser environment.
react
+1
has
1.0.1 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
prop-types
15.8.0 - 15.8.1
Runtime type checking for React props and similar objects.
react
react
17.0.0 - 18.2.0
Outdated
React is a JavaScript library for building user interfaces.
react
+1
dayjs
1.10.6 - 1.10.8
Outdated
2KB immutable date time library alternative to Moment.js with the same modern API
dayjs
date
time
immutable
moment
iamkun
hoist-non-react-statics
3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
path-browserify
0.0.0 - 0.0.1
Outdated
the path module from node core for browsers
browser
browserify
path
+36
dequal
2.0.0 - 2.0.3
A tiny (304B to 489B) utility for check for deep equality
deep
deep-equal
equality
lukeed
classnames
2.3.0 - 2.3.1
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
query-string
6.5.0 - 7.1.1
Outdated
Parse and stringify URL query strings
browser
querystring
query
string
qs
+9
sindresorhus
react-transition-group
2.0.0 - 4.4.5
A react component toolset for managing animations
react
transition
addons
transition-group
animation
+2
whatwg-fetch
3.4.0 - 3.6.2
Outdated
A window.fetch polyfill.
dom-helpers
5.1.4
Outdated
tiny modular DOM lib for ie9+
dom-helpers
react-component
dom
api
cross-browser
+8
@popperjs/core
2.11.1 - 2.11.2
Outdated
Tooltip and Popover Positioning Engine
tooltip
popover
dropdown
popup
popper
+1
immer
7.0.7 - 9.0.16
Outdated
Create your next immutable state by mutating the current one
immutable
mutable
copy-on-write
tiny-invariant
0.0.2 - 1.3.1
Outdated
A tiny invariant function
invariant
error
assert
asserts
alexreardon
@sentry/utils
6.19.5 - 7.0.0
Outdated
Utilities for all Sentry JavaScript SDKs
+8
@sentry/core
6.17.0 - 6.19.7
Outdated
Base implementation for all Sentry JavaScript SDKs
+8
lodash-es
4.17.20 - 4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
react-router-dom
5.1.0 - 5.3.4
Outdated
Declarative routing for React web applications
react
router
route
routing
history
+1
js-cookie
3.0.1
Outdated
A simple, lightweight JavaScript API for handling cookies
cookie
cookies
browser
amd
commonjs
+3
filter-obj
1.1.0
Outdated
Filter object keys and values into a new object
filter
object
key
keys
value
+7
sindresorhus
history
4.0.0 - 4.10.1
Outdated
Manage session history with JavaScript
history
location
mjackson
split-on-first
1.0.0 - 2.0.0
Outdated
Split a string on the first occurance of a given separator
split
string
first
once
occurrence
+3
sindresorhus
@aws-sdk/util-uri-escape
3.55.0 - 3.186.0
Outdated
[![NPM version](https://img.shields.io/npm/v/@aws-sdk/util-uri-escape/latest.svg)](https://www.npmjs.com/package/@aws-sdk/util-uri-escape) [![NPM downloads](https://img.shields.io/npm/dm/@aws-sdk/util-uri-escape.svg)](https://www.npmjs.com/package/@aws-sd
+2
@sentry/hub
6.19.5 - 6.19.7
Outdated
Sentry hub which handles global state managment.
+8
flatten
1.0.1 - 1.0.3
Flatten arbitrarily nested arrays into a non-nested list of non-array items. Maintained for legacy compatibility.
array
flatten
vue-router
0.4.0 - 0.7.5
Outdated
> - This is the repository for Vue Router 4 (for Vue 3) > - For Vue Router 3 (for Vue 2) see [vuejs/vue-router](https://github.com/vuejs/vue-router).
@sentry/minimal
4.0.0 - 6.19.7
Sentry minimal library that can be used in other packages
+8
@sentry/tracing
6.19.5 - 6.19.7
Outdated
Sentry Performance Monitoring Package
+8
uncontrollable
7.1.0 - 7.2.1
Outdated
Wrap a controlled react component, to allow specific prop/handler pairs to be uncontrolled
uncontrolled-component
react-component
input
controlled
uncontrolled
+1
monastic.panic
react-side-effect
1.2.0 - 2.1.2
Create components whose prop changes map to a global side effect
react
component
side
effect
xstate
4.7.0 - 4.19.1
Outdated
Finite State Machines and Statecharts for the Modern Web.
statechart
state machine
finite state machine
finite automata
scxml
+2
@restart/hooks
0.3.3 - 0.4.7
Outdated
A set of utility and general-purpose React hooks.
rc-trigger
4.3.0 - 4.3.4
Outdated
base abstract trigger component for react
react
react-component
react-trigger
trigger
+2
mobx
4.13.1 - 6.0.5
Outdated
Simple, scalable state management.
mobx
mobservable
observable
react-component
react
+7
+3
react-bootstrap
2.0.0 - 2.1.2
Outdated
Bootstrap 5 components built with React
bootstrap
react
component
components
ecosystem-react
+1
react-device-detect
1.17.0 - 2.2.2
Outdated
Detect device type and render your component according to it
useragent
mobile
phone
tablet
detect
+7
duskload
@redux-saga/core
1.0.0 - 1.2.1
Outdated
Saga middleware for Redux to handle Side Effects
javascript
redux
middleware
saga
effects
+1
use-subscription
1.3.0 - 1.5.1
Outdated
Reusable hooks
+1
@restart/ui
0.2.2 - 1.0.0
Outdated
Utilities for creating robust overlay components
react-overlays
react-component
react
overlay
react-component
+4
use-deep-compare-effect
1.8.0 - 1.8.1
It's react's useEffect hook, except using deep comparison on the inputs, not reference equality
kentcdodds
amplitude-js
5.2.0
Outdated
Javascript library for Amplitude Analytics
analytics
amplitude
+5
deepcopy
2.0.0 - 2.1.0
deep copy data
sasaplus1
lottie-api
1.0.0 - 1.0.2
Outdated
A library to edit lottie-web animations dynamically
airnan
react-amphtml
3.0.0 - 4.0.2
Use amphtml components inside your React apps easily!
react
amphtml
dfrankland
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites