About
Community
theweek.co.uk
100 packages
Last scanned on Oct 27 at 06:27 PM
Update
Name
Size
Popularity
Severity
lodash-es
3.6.0 - 3.10.1
Vulnerable
Outdated
Lodash exported as ES modules.
Script
https://theweek.co.uk/assets/scripts-112c8377.1561788eb2c9be5f7fb0.bundle.js
License
MIT
Footprint
1 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-x5rq-j2xg-h7qm
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.11
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=0 <4.17.20
Critical
GHSA-jf85-cpcp-j695
Prototype Pollution in lodash
Affected versions >=0 <4.17.14
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
Matched Modules
Version distribution in production
3 519
4.17.21
1 221
4.17.20
526
4.10.0
420
4.17.11
419
4.17.15
181
3.10.1
Also used on 4452 websites
skype.com
20 packages
cloudflare.com
116 packages
snapchat.com
69 packages
sentry.io
157 packages
Repository
Homepage
More
es6
modules
stdlib
util
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
modules
stdlib
util
tslib
1.10.0 - 2.4.0
Outdated
Runtime library for TypeScript helper functions
TypeScript
Microsoft
compiler
language
javascript
+2
+5
string_decoder
1.1.0 - 1.3.0
The string_decoder module from Node core
string
decoder
browser
browserify
+1
uuid
7.0.0 - 8.0.0
Outdated
RFC4122 (v1, v4, and v5) UUIDs
uuid
guid
rfc4122
isarray
0.0.0 - 2.0.5
Array#isArray for older browsers
browser
isarray
array
juliangruber
react-is
16.3.0 - 16.13.1
Outdated
Brand checking of React Elements.
react
+1
inherits
2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
inheritance
class
klass
oop
object-oriented
+3
isaacs
buffer
4.6.0 - 4.9.2
Outdated
Node.js Buffer API, for the browser
arraybuffer
browser
browserify
buffer
compatible
+2
feross
@babel/runtime
7.9.6 - 7.12.18
Outdated
babel's modular runtime helpers
+1
entities
2.1.0
Outdated
Encode & decode XML and HTML entities with ease & speed
entity
decoding
encoding
html
xml
+1
feedic
path-to-regexp
1.7.0 - 1.8.0
Outdated
Express style path to RegExp utility
express
regexp
route
routing
+2
get-intrinsic
1.0.0 - 1.0.1
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
has-symbols
1.0.0 - 1.0.1
Outdated
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
has
1.0.1 - 1.0.3
Object.prototype.hasOwnProperty.call shortcut
function-bind
1.1.0 - 1.1.1
Implementation of Function.prototype.bind
function
bind
shim
es5
domutils
1.7.0
Outdated
Utilities for working with htmlparser2's dom
dom
htmlparser2
feedic
define-properties
1.1.3 - 1.1.4
Outdated
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
Object.defineProperty
Object.defineProperties
object
property descriptor
descriptor
+2
ljharb
base64-js
1.3.0 - 1.5.1
Base64 encoding/decoding in pure JS
base64
dom-serializer
0.2.0 - 0.2.2
Outdated
render domhandler DOM nodes to a string
html
xml
render
feedic
es-abstract
1.17.7
Outdated
ECMAScript spec abstract operations.
ECMAScript
ES
abstract
operation
abstract operation
+4
ljharb
fast-json-stable-stringify
2.0.0 - 2.1.0
deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify
json
stringify
deterministic
hash
stable
esp
domhandler
2.4.0 - 2.4.2
Outdated
Handler for htmlparser2 that turns pages into a dom
dom
htmlparser2
feedic
domelementtype
1.2.0 - 2.1.0
Outdated
all the types of nodes in htmlparser2's dom
dom
element
types
htmlparser2
feedic
events
3.0.0 - 3.3.0
Node's event emitter for all engines.
events
eventEmitter
eventDispatcher
listeners
object-keys
1.1.0 - 1.1.1
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim
Object.keys
keys
ES5
shim
ljharb
deepmerge
3.0.0 - 3.3.0
Outdated
A library for deep (recursive) merging of Javascript objects
merge
deep
extend
copy
clone
+1
tehshrike
is-regex
1.1.1
Outdated
Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag
regex
regexp
is
regular expression
regular
+1
ljharb
regexp.prototype.flags
1.2.0 - 1.3.2
Outdated
ES6 spec-compliant RegExp.prototype.flags shim.
RegExp.prototype.flags
regex
regular expression
ES6
shim
+6
ljharb
is-date-object
1.0.1 - 1.0.3
Outdated
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
Date
ES6
toStringTag
@@toStringTag
Date object
ljharb
htmlparser2
3.10.0 - 3.10.1
Outdated
Fast & forgiving HTML/XML parser
html
parser
streams
xml
dom
+3
feedic
eventemitter3
2.0.0 - 4.0.7
Outdated
EventEmitter3 focuses on performance while maintaining a Node.js AND browser compatible interface.
EventEmitter
EventEmitter2
EventEmitter3
Events
addEventListener
+10
is-arguments
1.0.4
Outdated
Is this an arguments object? It's a harder question than you think.
arguments
js
javascript
is-arguments
is
+1
ljharb
prop-types
15.7.0 - 15.7.2
Outdated
Runtime type checking for React props and similar objects.
react
scheduler
0.15.0 - 0.23.0
Cooperative scheduler for the browser environment.
react
+1
performance-now
0.1.3 - 2.1.0
Implements performance.now (based on process.hrtime).
meryn
url
0.11.0
Outdated
The core `url` packaged standalone for use with Browserify.
parsing
url
analyze
deep-equal
1.1.0 - 1.1.1
Outdated
node's assert.deepEqual algorithm
equality
equal
compare
ljharb
p-finally
1.0.0
Outdated
`Promise#finally()` ponyfill - Invoked when the promise is settled regardless of outcome
promise
finally
handler
function
async
+7
sindresorhus
dayjs
1.9.5 - 1.9.6
Outdated
2KB immutable date time library alternative to Moment.js with the same modern API
dayjs
date
time
immutable
moment
iamkun
object-is
1.1.0 - 1.1.5
ES2015-compliant shim for Object.is - differentiates between -0 and +0
is
Object.is
equality
sameValueZero
ES6
+4
hoist-non-react-statics
1.2.0 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
event-target-shim
1.0.2 - 1.1.1
Outdated
An implementation of WHATWG EventTarget interface.
w3c
whatwg
eventtarget
event
events
+1
mysticatea
classnames
2.2.6
Outdated
A simple utility for conditionally joining classNames together
react
css
classes
classname
classnames
+2
symbol-observable
2.0.0 - 3.0.0
Outdated
Symbol.observable ponyfill
symbol
observable
observables
ponyfill
polyfill
+1
@emotion/serialize
0.11.12 - 0.11.16
Outdated
serialization utils for emotion
+1
@emotion/sheet
0.9.1 - 0.9.4
Outdated
emotion's stylesheet
+1
graphql
14.5.5 - 14.7.0
Outdated
A Query Language and Runtime which can target any service.
graphql
graphql-js
+4
memoize-one
5.1.0 - 5.2.1
Outdated
A memoization library which only remembers the latest invocation
memoize
memoization
cache
performance
alexreardon
es5-ext
0.6.0 - 0.9.2
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
react-fast-compare
2.0.4 - 3.2.0
Outdated
Fastest deep equal comparison for React. Great for React.memo & shouldComponentUpdate. Also really fast general-purpose deep comparison.
fast
equal
react
compare
shouldComponentUpdate
+1
+15
crypto-browserify
1.0.9 - 2.0.0
Outdated
implementation of crypto for the browser
+2
tiny-invariant
0.0.2 - 1.3.1
A tiny invariant function
invariant
error
assert
asserts
alexreardon
querystring-es3
0.2.1
Node's querystring module for all engines. (ES3 compat fork)
commonjs
query
querystring
spaintrain
history
4.0.0 - 4.10.1
Outdated
Manage session history with JavaScript
history
location
mjackson
shallowequal
1.0.1 - 1.1.0
Like lodash isEqualWith but for shallow equal.
shallowequal
shallow
equal
isequal
compare
+1
dashed
react-lifecycles-compat
3.0.4
Backwards compatibility polyfill for React class components
raf
3.0.0 - 3.1.0
Outdated
requestAnimationFrame polyfill for node and the browser
requestAnimationFrame
polyfill
graphql-tag
2.9.1 - 2.12.6
A JavaScript template literal tag that parses GraphQL queries
style-to-object
0.2.3 - 0.3.0
Outdated
Converts inline style to object.
style-to-object
inline
style
parser
css
+2
remarkablemark
resolve-pathname
3.0.0
Resolve URL pathnames using JavaScript
mjackson
value-equal
1.0.1
Are these two JavaScript values equal?
mjackson
inline-style-parser
0.1.0 - 0.1.1
An inline style parser.
inline-style-parser
inline-style
style
parser
css
remarkablemark
lodash.isfunction
3.0.9
The Lodash method `_.isFunction` exported as a module.
lodash-modularized
isfunction
throttle-debounce
1.0.0 - 1.1.0
Outdated
Throttle and debounce functions.
debounce
throttle
niksy
zen-observable
0.8.15
Outdated
An Implementation of ES Observables
zenparsing
@wry/equality
0.3.0 - 0.3.2
Outdated
Structural equality checking for JavaScript values
benjamn
@emotion/core
10.0.17 - 10.3.1
Outdated
+1
@wry/context
0.4.0 - 0.6.1
Outdated
Manage contextual information needed by (a)synchronous tasks without explicitly passing objects around
benjamn
react-scripts
0.4.2
Outdated
Configuration and scripts for Create React App.
+1
mini-create-react-context
0.3.3 - 0.4.1
Smaller Polyfill for the proposed React context API
react
context
contextTypes
polyfill
ponyfill
stringepsilon
react-input-autosize
2.2.2
Outdated
Auto-resizing Input Component for React
react
react-component
input
autosize
+1
web-vitals
0.2.0 - 2.1.4
Outdated
Easily measure performance metrics in JavaScript
crux
performance
metrics
Core Web Vitals
CLS
+5
optimism
0.11.2 - 0.15.0
Outdated
Composable reactive caching with efficient invalidation.
caching
cache
invalidation
reactive
reactivity
+4
benjamn
@apollo/client
3.3.0 - 3.3.6
Outdated
A fully-featured caching GraphQL client.
apollo
graphql
react
hooks
client
+1
+1
exenv
1.1.0 - 1.2.2
React's ExecutionEnvironment module extracted for use in other packages & components
react
browser
server
environment
env
+2
jedwatson
fp-ts
2.10.0 - 2.10.5
Outdated
Functional programming in TypeScript
typescript
algebraic-data-types
functional-programming
gcanti
react-modal
3.4.1 - 3.11.2
Outdated
Accessible modal dialog component for React.JS
react
react-component
modal
dialog
diasbruno
react-helmet-async
0.2.0
Outdated
Thread-safe Helmet for React 16+ and friends
wonderboymusic
@firebase/firestore
3.1.1 - 3.4.5
Outdated
The Cloud Firestore component of the Firebase JS SDK.
+1
lit-element
3.0.0
Outdated
A simple base class for creating fast, lightweight web components
+11
load-script
1.0.0 - 2.0.0
Dynamic script loading for browser
browser
script
load
html-react-parser
0.10.4 - 0.11.0
Outdated
HTML to React parser.
html-react-parser
html
react
parser
dom
remarkablemark
react-property
1.0.1 - 1.0.2
Outdated
HTML and SVG DOM property configs used by React.
react-property
html
svg
dom
property
+4
remarkablemark
recompose
0.25.0 - 0.30.0
A React utility belt for function components and higher-order components
react
higher-order
components
microcomponentization
toolkit
+2
change-emitter
0.1.2 - 0.1.6
Listen for changes. Like an event emitter that only emits a single event type. Really tiny.
change
event
emitter
react-player
2.9.0
Outdated
A React component for playing a variety of URLs, including file paths, YouTube, Facebook, Twitch, SoundCloud, Streamable, Vimeo, Wistia and DailyMotion
react
media
player
video
audio
+11
cookpete
apollo-link-error
1.1.8 - 1.1.10
Outdated
Error Apollo Link for GraphQL Network Stack
apollo-bot
webfontloader
1.6.18 - 1.6.28
Web Font Loader gives you added control when using linked fonts via @font-face.
web
fonts
webfonts
font
loader
+1
@loadable/component
5.14.1
Outdated
React code splitting made easy.
react
ssr
webpack
code-splitting
react-router
+4
uniqid
5.2.0
Outdated
Unique ID Generator
unique id
uniqid
unique identifier
hexatridecimal
adamhalasz
react-native-web
0.0.14 - 0.11.1
Outdated
React Native for Web
react
react-component
react-native
web
necolas
react-html-parser
2.0.2
Parse HTML into React components
react
html
htmlparser
htmlparser2
inner html
+1
wrakky
lazysizes
5.2.0 - 5.3.2
High performance (jankfree) lazy loader for images (including responsive images), iframes and scripts (widgets).
lazy
loader
lazyloader
lazyload
lazySizes
+16
react-router-hash-link
2.2.0 - 2.3.1
Outdated
Hash link scroll functionality for React Router v4/5
react
react-router
link
hash-link
scroll
rafgraph
react-apollo
2.1.0 - 2.4.1
Outdated
React Apollo Hooks, Components, and HOC.
apollo
graphql
react
hooks
hoc
+1
+5
@apollo/react-components
3.0.0 - 3.1.5
Outdated
React Apollo Query, Mutation and Subscription components.
apollo
graphql
react
components
+1
tti-polyfill
0.2.2
Polyfill for Time to Interactive. See https://goo.gl/OSmrPk
philipwalton
@tannin/plural-forms
1.0.0 - 1.1.0
Compiles a function to compute the plural forms index for a given value
aduth
react-gpt
2.0.1
A react display ad component using Google Publisher Tag
react-gpt
nfl
react
ad
gpt
+1
+2
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+8 packages
github.com
color-convert
engine.io-client
lit-html
intl-messageformat
web-vitals
+19 packages
pinterest.com
lodash
relay-runtime
react-query
react-relay
react-use
+50 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites