About
Community
substack.com
47 packages
Last scanned on Oct 27 at 05:55 PM
Update
Name
Size
Popularity
Severity
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
Script
https://substackcdn.com/min/substack.bundle.js?v=1ca20e-1841a87e340
License
MIT
Footprint
5 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
56 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
sweetalert2
9.3.5 - 11.4.18
Vulnerable
Outdated
A beautiful, responsive, customizable and accessible (WAI-ARIA) replacement for JavaScript's popup boxes, supported fork of sweetalert
sweetalert
sweetalert2
alert
modal
popup
+4
ms
2.1.2 - 2.1.3
Tiny millisecond conversion utility
+5
isarray
1.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
qs
6.10.0 - 6.10.1
Outdated
A querystring parser that supports nesting and arrays, with a depth limit
querystring
qs
query
url
parse
+1
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
@babel/runtime
7.13.17 - 7.16.3
Outdated
babel's modular runtime helpers
+1
get-intrinsic
1.0.0 - 1.1.1
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.0 - 1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
call-bind
1.0.0 - 1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
object-inspect
1.9.0
Outdated
string representations of objects in node and the browser
inspect
util.inspect
object
stringify
pretty
has-symbols
1.0.0 - 1.0.1
Outdated
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
side-channel
1.0.4
Outdated
Store information about any JS value in a side channel. Uses WeakMap if available.
weakmap
map
side
channel
metadata
ljharb
base64-js
1.2.0 - 1.2.3
Outdated
Base64 encoding/decoding in pure JS
base64
has
1.0.1 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
prop-types
15.7.0 - 15.7.2
Outdated
Runtime type checking for React props and similar objects.
react
dayjs
1.10.2 - 1.10.4
Outdated
2KB immutable date time library alternative to Moment.js with the same modern API
dayjs
date
time
immutable
moment
iamkun
abort-controller
3.0.0
An implementation of WHATWG AbortController interface.
w3c
whatwg
event
events
abort
+6
mysticatea
classnames
2.3.0 - 2.3.1
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
fast-safe-stringify
2.0.7
Outdated
Safely and quickly serialize JavaScript objects
stable
stringify
JSON
JSON.stringify
safe
+1
@emotion/serialize
0.11.12 - 0.11.16
Outdated
serialization utils for emotion
+1
memoize-one
5.1.0 - 5.1.1
Outdated
A memoization library which only remembers the latest invocation
memoize
memoization
cache
performance
alexreardon
@emotion/sheet
0.9.1 - 0.9.4
Outdated
emotion's stylesheet
+1
lodash-es
4.17.20 - 4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
superagent
3.8.0 - 8.0.3
Outdated
elegant & feature rich browser / node HTTP with a fluent API
agent
ajax
ajax
api
async
+25
+4
react-select
3.2.0
Outdated
A Select control built with and for ReactJS
combobox
form
input
multiselect
react
+3
+2
intl-messageformat
3.0.0
Outdated
Formats ICU Message strings with number, date, plural, and select placeholders to create localized messages.
i18n
intl
internationalization
localization
globalization
+4
+9
preact
10.4.8 - 10.11.2
Outdated
Fast 3kb React-compatible Virtual DOM library.
preact
react
ui
user interface
virtual dom
+5
+6
@emotion/core
0.13.0 - 10.3.1
Outdated
+1
dijkstrajs
1.0.1 - 1.0.2
Outdated
A simple JavaScript implementation of Dijkstra's single-source shortest-paths algorithm.
dijkstra
shortest
path
search
graph
tcort
qrcode
1.5.1
Outdated
QRCode / 2d Barcode api with both server side and client side support using canvas
qr
code
canvas
qrcode
react-focus-lock
2.3.0 - 2.9.1
Outdated
It is a trap! (for a focus)
react
focus
lock
trap
tabbable
kashey
react-input-autosize
3.0.0
Auto-resizing Input Component for React
react
react-component
input
autosize
+1
react-helmet
3.2.0 - 4.0.0
Outdated
A document head manager for React
react-helmet
nfl
react
document
head
+7
+2
@headlessui/react
1.5.0
Outdated
A set of completely unstyled, fully accessible UI components for React, designed to integrate beautifully with Tailwind CSS.
+1
@firebase/firestore
3.5.0
Outdated
The Cloud Firestore component of the Firebase JS SDK.
+1
linkifyjs
2.1.4 - 2.1.9
Outdated
Find URLs, email addresses, #hashtags and @mentions in plain-text strings, then convert them into HTML <a> links.
autolink
email
hashtag
html
jquery
+5
nfrasser
@auth0/auth0-spa-js
2.0.0
Outdated
Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE
auth0
login
Authorization Code Grant Flow
PKCE
Single Page Application authentication
+1
+41
react-responsive
8.0.0 - 8.2.0
Outdated
Media queries in react for responsive design
css
react-component
viewport
react
mobile
+6
react-native-web
0.6.0 - 0.6.1
Outdated
React Native for Web
react
react-component
react-native
web
necolas
store
2.0.12
A localStorage wrapper for all browsers without using cookies or flash. Uses localStorage, globalStorage, and userData behavior under the hood
marcuswestin
nuka-carousel
4.7.0 - 4.7.3
Outdated
Pure React Carousel
react
carousel
nuka
+14
@tannin/plural-forms
1.0.0 - 1.1.0
Compiles a function to compute the plural forms index for a given value
aduth
picturefill
2.3.0 - 2.3.1
Outdated
A responsive image polyfill.
picturefill
srcset
picture
responsive
responsive images
@sitecore-jss/sitecore-jss-react
20.1.0 - 21.0.0
Outdated
This module is provided as a part of Sitecore JavaScript Rendering SDK (JSS). It contains React components and integration for JSS.
+7
react-amphtml
3.1.0 - 4.0.2
Use amphtml components inside your React apps easily!
react
amphtml
dfrankland
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites