About
Community
shadow.tech
93 packages
Last scanned on Jan 19 at 12:40 PM
Update
Name
Size
Popularity
Severity
crypto-js
4.1.0 - 4.1.1
Vulnerable
Outdated
JavaScript library of crypto standards.
Script
https://shadow.tech/app-e95ad0f495c6fa5d1660.js
License
MIT
Footprint
6 KB
Vulnerabilities
Critical
GHSA-xwcq-pm8m-c4vf
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
Affected versions >=0 <4.2.0
Matched Modules
Version distribution in production
457
4.1.0
457
4.1.1
185
3.3.0
162
3.1.8
143
3.2.1
143
4.0.0
Also used on 738 websites
pubmatic.com
4 packages
tiktok.com
91 packages
redd.it
180 packages
www.reddit.com
183 packages
Repository
Homepage
More
security
crypto
Hash
MD5
SHA1
+15
evanvosberg
nth-check
1.0.1 - 1.0.2
Vulnerable
Outdated
Parses and compiles CSS nth-checks to highly optimized functions.
nth-child
nth
css
feedic
cookiejar
1.2.0 - 2.0.6
Vulnerable
Outdated
simple persistent cookiejar system
html-parse-stringify2
2.0.1
Vulnerable
Parses well-formed HTML (meaning all tags closed) into an AST and back. quickly.
html
parse
stringify
ast
rayd
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
readable-stream
2.3.4 - 2.3.7
Outdated
Node.js Streams, a user-land copy of the stream library from Node.js
readable
stream
pipe
safe-buffer
5.1.0 - 5.2.1
Safer Node.js Buffer API
buffer
buffer allocate
node security
safe
safe-buffer
+2
uuid
7.0.0 - 8.0.0
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
string_decoder
1.1.0 - 1.3.0
The string_decoder module from Node core
string
decoder
browser
browserify
+1
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
16.3.0 - 16.13.1
Outdated
Brand checking of React Elements.
react
+1
inherits
2.0.3
Outdated
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritance
class
klass
oop
object-oriented
+3
isaacs
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
regenerator-runtime
x.x.x
Runtime for Regenerator-compiled generator and async functions.
regenerator
runtime
generator
async
benjamn
entities
2.0.3 - 2.1.0
Outdated
Encode & decode XML and HTML entities with ease & speed
entity
decoding
encoding
html
xml
+1
feedic
@babel/runtime
7.9.6 - 7.11.2
Outdated
babel's modular runtime helpers
+1
lodash
x.x.x
Lodash modular utilities.
modules
stdlib
util
core-util-is
1.0.2 - 1.0.3
The `util.is*` functions introduced in Node v0.12.
util
isBuffer
isArray
isNumber
isString
+4
isaacs
ieee754
1.1.0 - 1.2.1
Read/write IEEE754 floating point numbers from/to a Buffer or array-like object
IEEE 754
buffer
convert
floating point
ieee754
feross
util-deprecate
x.x.x
The Node.js `util.deprecate()` function with browser support
util
deprecate
browserify
browser
node
tootallnate
object-assign
4.1.0 - 4.1.1
ES2015 `Object.assign()` ponyfill
object
assign
extend
properties
es2015
+7
domutils
1.7.0
Outdated
Utilities for working with htmlparser2's dom
dom
htmlparser2
feedic
parse5
3.0.3
Outdated
HTML parser and serializer.
html
parser
html5
WHATWG
specification
+10
+1
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
dom-serializer
0.2.0 - 0.2.2
Outdated
render domhandler DOM nodes to a string
html
xml
render
feedic
domhandler
2.4.0 - 2.4.2
Outdated
Handler for htmlparser2 that turns pages into a dom
dom
htmlparser2
feedic
events
3.0.0 - 3.3.0
Node's event emitter for all engines.
events
eventEmitter
eventDispatcher
listeners
is-buffer
1.1.4 - 1.1.6
Outdated
Determine if an object is a Buffer
arraybuffer
browser
browser buffer
browserify
buffer
+10
feross
domelementtype
2.0.0 - 2.1.0
Outdated
all the types of nodes in htmlparser2's dom
dom
element
types
htmlparser2
feedic
process-nextick-args
2.0.0 - 2.0.1
process.nextTick but always with args
cwmma
core-js
2.6.11
Outdated
Standard library
ES3
ES5
ES6
ES7
ES2015
+39
zloirock
css-select
1.2.0
Outdated
a CSS selector compiler/engine
css
selector
sizzle
feedic
util
0.10.0 - 0.12.5
Node.js's util module for all engines
util
+3
htmlparser2
3.10.0 - 3.10.1
Outdated
Fast & forgiving HTML/XML parser
html
parser
streams
xml
dom
+3
feedic
css-what
2.1.3
Outdated
a CSS selector parser
feedic
scheduler
0.19.1
Outdated
Cooperative scheduler for the browser environment.
react
+1
prop-types
15.7.0 - 15.7.2
Outdated
Runtime type checking for React props and similar objects.
react
react
16.13.1
Outdated
React is a JavaScript library for building user interfaces.
react
+1
process
x.x.x
process information for node.js and browsers
process
react-dom
16.13.1
Outdated
React package for working with the DOM.
react
+2
boolbase
1.0.0
two functions: One that returns true, one that returns false
feedic
date-fns
2.16.1
Outdated
Modern JavaScript date utility library
kossnocorp
setimmediate
x.x.x
A shim for the setImmediate efficient script yielding API
domenic
@emotion/memoize
0.6.1 - 0.7.4
Outdated
emotion's memoize utility
+1
hoist-non-react-statics
3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
invariant
2.2.0 - 2.2.4
invariant
test
invariant
@emotion/unitless
0.7.2 - 0.8.0
Outdated
An object of css properties that don't accept values with units
+1
@emotion/is-prop-valid
0.8.8
Outdated
A function to check whether a prop is valid for HTML and SVG elements
+1
dom-helpers
2.1.0 - 3.4.0
Outdated
tiny modular DOM lib for ie9+
dom-helpers
react-component
dom
api
cross-browser
+8
stream-browserify
0.0.0 - 3.0.0
the stream module from node core for browsers
stream
browser
browserify
+36
react-router
6.4.0 - 6.7.0
Outdated
Declarative routing for React
react
router
route
routing
history
+1
react-fast-compare
3.1.0 - 3.2.0
Outdated
Fastest deep equal comparison for React. Great for React.memo & shouldComponentUpdate. Also really fast general-purpose deep comparison.
fast
equal
react
compare
shouldComponentUpdate
+1
+12
warning
1.0.0 - 4.0.3
A mirror of Facebook's Warning
warning
facebook
react
invariant
berkeleytrue
timers-browserify
2.0.6 - 2.0.12
timers module for browserify
timers
browserify
browser
+36
crypto-browserify
1.0.9 - 2.0.0
Outdated
implementation of crypto for the browser
+2
js-cookie
2.2.1
Outdated
A simple, lightweight JavaScript API for handling cookies
cookie
cookies
browser
amd
commonjs
+3
cheerio
0.22.0
Outdated
Tiny, fast, and elegant implementation of core jQuery designed specifically for the server
htmlparser
jquery
selector
scraper
parser
+1
shallowequal
1.0.1 - 1.1.0
Like lodash isEqualWith but for shallow equal.
shallowequal
shallow
equal
isequal
compare
+1
dashed
void-elements
2.0.1
Outdated
Array of "void elements" defined by the HTML specification.
html
void
elements
+4
history
4.6.0 - 4.7.2
Outdated
Manage session history with JavaScript
history
location
mjackson
md5
2.2.1 - 2.3.0
js function for hashing messages with MD5
polished
1.0.0 - 4.2.2
Outdated
A lightweight toolset for writing styles in Javascript.
styled-components
polished
emotion
glamor
css-in-js
+9
crypt
0.0.0 - 0.0.2
utilities for encryption and hashing
pvorb
charenc
0.0.0 - 0.0.2
character encoding utilities
pvorb
jwt-decode
3.0.0 - 3.1.2
Outdated
Decode JWT tokens, mostly useful for browser applications.
jwt
browser
+42
mitt
1.1.3 - 1.2.0
Outdated
Tiny 200b functional Event Emitter / pubsub.
events
eventemitter
emitter
pubsub
developit
p-is-promise
3.0.0 - 4.0.0
Check if something is a promise
promise
is
detect
check
kind
+7
sindresorhus
styled-components
4.0.0 - 5.3.6
Outdated
CSS for the <Component> Age. Style components your way with speed, strong typing, and flexibility.
react
css
css-in-js
styled-components
styling
+1
i18next
19.8.3 - 19.8.4
Outdated
i18next internationalization framework
i18next
internationalization
i18n
translation
localization
+3
@emotion/stylis
0.8.2 - 0.8.5
A custom build of Stylis
+1
web-vitals
3.0.0 - 3.0.4
Outdated
Easily measure performance metrics in JavaScript
crux
performance
metrics
Core Web Vitals
CLS
+5
react-i18next
11.7.3 - 11.8.6
Outdated
Internationalization for react done right. Using the i18next i18n ecosystem.
i18next
internationalization
i18n
translation
localization
+4
lodash.omit
4.5.0
The lodash method `_.omit` exported as a module.
lodash-modularized
omit
react-side-effect
2.1.0 - 2.1.2
Create components whose prop changes map to a global side effect
react
component
side
effect
react-helmet
6.0.0 - 6.1.0
A document head manager for React
react-helmet
nfl
react
document
head
+7
+2
@reach/router
1.3.3 - 1.3.4
Next generation Routing for React.
react
react router
+1
gatsby
2.22.17 - 2.24.2
Outdated
Blazing fast modern site generator for React
blog
generator
jekyll
markdown
react
+2
+10
@hotwired/turbo
7.0.0 - 7.2.4
Outdated
The speed of a single-page web application without having to write any JavaScript
hotwire
turbo
browser
pushstate
+1
gatsby-link
2.4.5 - 2.4.12
Outdated
An enhanced Link component for Gatsby sites with support for resource prefetching
gatsby
+3
gatsby-react-router-scroll
3.0.3
Outdated
React Router scroll management forked from https://github.com/ytase/react-router-scroll for Gatsby
gatsby
+10
shallow-compare
1.2.1 - 1.2.2
Stand alone shallowCompare for use in libraries that support shouldComponentUpdate
react-component
tkh44
gatsby-plugin-manifest
2.2.37 - 2.4.30
Outdated
Gatsby plugin which adds a manifest.webmanifest to make sites progressive web apps
gatsby
gatsby-plugin
favicon
icons
manifest.webmanifest
+2
+3
blurhash
2.0.1
Outdated
Encoder and decoder for the Wolt BlurHash algorithm.
blurhash
blur
hash
image
+2
scroll-behavior
0.9.11 - 0.10.0
Outdated
Pluggable browser scroll management
scroll
taion
react-tracking
4.1.0 - 5.4.0
Outdated
Declarative tracking for React apps.
declarative
layer
metrics
nyt
react
+1
tizmagik
@mikaelkristiansson/domready
1.0.10 - 1.0.11
modern domready
ender
domready
dom
mikaelkristiansson87
prismic-reactjs
1.3.2 - 1.3.4
render prismic rich text as React Element
+3
gatsby-plugin-layout
1.3.0 - 3.24.0
Outdated
Reimplements the behavior of layout components in gatsby@1, which was removed in version 2.
gatsby
gatsby-plugin
+9
lottie-api
1.0.0 - 1.0.2
Outdated
A library to edit lottie-web animations dynamically
airnan
gatsby-source-prismic
3.0.0 - 3.4.0
Outdated
Gatsby source plugin for building websites using Prismic as a data source
gatsby
gatsby-plugin
gatsby-source-plugin
prismic
botframework-webchat-component
4.9.2 - 4.15.6
Outdated
React component of botframework-webchat
+2
react-oidc-context
x.x.x
react-livechat
x.x.x
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites