About
Community
thewirecutter.com
53 packages
Last scanned on Oct 27 at 06:41 PM
Update
Name
Size
Popularity
Severity
lodash
4.17.16
Vulnerable
Outdated
Lodash modular utilities.
Script
https://siren-production.freetls.fastly.net/_next/static/chunks/4f9215a3483e8b02f79684b1f3b12b8ceed5b19c.44b79fd5b8370adc48d1.js
https://siren-production.freetls.fastly.net/_next/static/chunks/4af6db8520821c80c07795837519855dd3f81e0e.5899e70f97a015d7231b.js
https://siren-production.freetls.fastly.net/_next/static/chunks/45969f65037397b1cbd42eef05af1e35ce1ab0cc.cb2ff2a96beec2221d94.js
https://siren-production.freetls.fastly.net/_next/static/chunks/77f12b840c896dea76ecb16ce2e9c17f9b40302c.458dcd8ec1cc8bb5fe2a.js
License
MIT
Footprint
11 KB
Vulnerabilities
High
GHSA-35jh-r3h4-6jhm
Command Injection in lodash
Affected versions >=0 <4.17.21
Moderate
GHSA-29mw-wpgm-hmr9
Regular Expression Denial of Service (ReDoS) in lodash
Affected versions >=0 <4.17.21
High
GHSA-p6mc-m468-83gw
Prototype Pollution in lodash
Affected versions >=3.7.0 <4.17.19
Matched Modules
Version distribution in production
3 846
4.17.16
946
4.17.21
337
4.17.20
322
4.17.15
302
4.17.19
301
4.17.13
Also used on 4830 websites
skype.com
20 packages
sentry.io
157 packages
pinterest.com
56 packages
pinimg.com
52 packages
Repository
Homepage
More
modules
stdlib
util
next
10.0.2 - 10.0.4
Vulnerable
Outdated
The React Framework
es5-ext
0.10.24 - 0.10.49
Vulnerable
Outdated
ECMAScript extensions and shims
ecmascript
ecmascript5
ecmascript6
es5
es6
+11
medikoo
react-is
16.3.0 - 16.13.1
Outdated
Brand checking of React Elements.
react
+1
qs
6.11.0
Outdated
A querystring parser that supports nesting and arrays, with a depth limit
querystring
qs
query
url
parse
+1
@babel/runtime
7.12.13 - 7.12.18
Outdated
babel's modular runtime helpers
+1
get-intrinsic
1.1.3
Outdated
Get and robustly cache all JS language-level intrinsics at first require time
javascript
ecmascript
es
js
intrinsic
+2
ljharb
function-bind
1.1.0 - 1.1.1
Outdated
Implementation of Function.prototype.bind
function
bind
shim
es5
call-bind
1.0.2
Outdated
Robustly `.call.bind()` a function
javascript
ecmascript
es
js
callbind
+8
ljharb
object-inspect
1.12.2
Outdated
string representations of objects in node and the browser
inspect
util.inspect
object
stringify
pretty
has-symbols
1.0.2 - 1.0.3
Determine if the JS environment has Symbol support. Supports spec, or shams.
Symbol
symbols
typeof
sham
polyfill
+3
ljharb
side-channel
1.0.4
Outdated
Store information about any JS value in a side channel. Uses WeakMap if available.
weakmap
map
side
channel
metadata
ljharb
has-property-descriptors
1.0.0
Outdated
Does the environment have full property descriptor support? Handles IE 8's broken defineProperty/gOPD.
property
descriptors
has
environment
env
+2
ljharb
define-properties
1.1.4
Outdated
Define multiple non-enumerable properties at once. Uses `Object.defineProperty` when available; falls back to standard assignment in older engines.
Object.defineProperty
Object.defineProperties
object
property descriptor
descriptor
+2
ljharb
has-tostringtag
1.0.0
Outdated
Determine if the JS environment has `Symbol.toStringTag` support. Supports spec, or shams.
javascript
ecmascript
symbol
symbols
tostringtag
+1
ljharb
object-keys
1.1.0 - 1.1.1
An Object.keys replacement, in case Object.keys is not available. From https://github.com/es-shims/es5-shim
Object.keys
keys
ES5
shim
ljharb
regexp.prototype.flags
1.4.2 - 1.4.3
Outdated
ES6 spec-compliant RegExp.prototype.flags shim.
RegExp.prototype.flags
regex
regular expression
ES6
shim
+6
ljharb
domelementtype
1.2.0 - 1.3.1
Outdated
all the types of nodes in htmlparser2's dom
dom
element
types
htmlparser2
feedic
is-regex
1.1.4
Is this value a JS regex? Works cross-realm/iframe, and despite ES6 @@toStringTag
regex
regexp
is
regular expression
regular
+1
ljharb
is-date-object
1.0.5
Is this value a JS Date object? This module works cross-realm/iframe, and despite ES6 @@toStringTag.
Date
ES6
toStringTag
@@toStringTag
Date object
ljharb
functions-have-names
1.1.1 - 1.2.3
Does this JS environment support the `name` property on functions?
function
name
es5
names
functions
+1
ljharb
has
1.0.1 - 1.0.3
Outdated
Object.prototype.hasOwnProperty.call shortcut
tarruda
scheduler
0.15.0 - 0.23.0
Cooperative scheduler for the browser environment.
react
+1
prop-types
15.8.0 - 15.8.1
Runtime type checking for React props and similar objects.
react
is-arguments
1.1.1
Is this an arguments object? It's a harder question than you think.
arguments
js
javascript
is-arguments
is
+1
ljharb
react
17.0.0 - 18.2.0
React is a JavaScript library for building user interfaces.
react
+1
deep-equal
1.1.0 - 1.1.1
Outdated
node's assert.deepEqual algorithm
equality
equal
compare
ljharb
date-fns
2.29.3
Outdated
Modern JavaScript date utility library
kossnocorp
object-is
1.1.0 - 1.1.5
Outdated
ES2015-compliant shim for Object.is - differentiates between -0 and +0
is
Object.is
equality
sameValueZero
ES6
+4
ljharb
clsx
1.1.1 - 1.2.1
Outdated
A tiny (239B) utility for constructing className strings conditionally.
classes
classname
classnames
lukeed
@emotion/memoize
0.7.5 - 0.8.0
Outdated
emotion's memoize utility
+1
hoist-non-react-statics
3.3.1 - 3.3.2
Copies non-react specific statics from a child component to a parent component
react
mridgway
@emotion/unitless
0.7.2 - 0.8.0
Outdated
An object of css properties that don't accept values with units
+1
@emotion/is-prop-valid
1.1.0
Outdated
A function to check whether a prop is valid for HTML and SVG elements
+1
ua-parser-js
0.7.32 - 1.0.32
Outdated
Detect Browser, Engine, OS, CPU, and Device type/model from User-Agent & Client Hints data. Supports browser & node.js environment
user-agent
client-hints
parser
browser
engine
+9
faisalman
@emotion/hash
0.8.0 - 0.9.0
Outdated
A MurmurHash2 implementation
+1
@emotion/weak-memoize
0.1.1 - 0.3.0
Outdated
A memoization function that uses a WeakMap
+1
lodash-es
4.17.21
Lodash exported as ES modules.
es6
modules
stdlib
util
space-separated-tokens
1.1.3 - 2.0.1
Outdated
Parse and stringify space separated tokens
dom
html
space
separated
tokens
+2
wooorm
react-lifecycles-compat
3.0.4
Backwards compatibility polyfill for React class components
react-popper
1.3.1 - 2.3.0
Official library to use Popper on React projects
react
react-popper
popperjs
component
drop
+2
@emotion/stylis
0.8.1 - 0.8.5
A custom build of Stylis
+1
popper.js
1.12.6 - 1.16.1
A kickass library to manage your poppers
popperjs
component
drop
tooltip
popover
+2
fezvrasta
zen-observable
0.8.15
Outdated
An Implementation of ES Observables
zenparsing
web-vitals
1.1.0 - 2.1.4
Outdated
Easily measure performance metrics in JavaScript
crux
performance
metrics
Core Web Vitals
CLS
+5
fp-ts
2.0.0 - 2.10.5
Outdated
Functional programming in TypeScript
typescript
algebraic-data-types
functional-programming
gcanti
gud
1.0.0
Create a 'gud nuff' (not cryptographically secure) globally unique id
global
unique
id
identifier
number
+2
thejameskyle
use-subscription
1.3.0 - 1.5.1
Outdated
Reusable hooks
+1
react-dates
20.2.4 - 21.8.0
A responsive and accessible date range picker component built with React
+4
react-gtm-module
2.0.9 - 2.0.11
React Google Tag Manager Module
react
reactjs
react-component
google tag manager
tag manager
+1
alinemorelli
react-html-parser
2.0.2
Parse HTML into React components
react
html
htmlparser
htmlparser2
inner html
+1
wrakky
deepcopy
2.0.0 - 2.1.0
deep copy data
sasaplus1
react-facebook
4.1.1 - 5.0.3
Outdated
Facebook components like a Login button, Like, Share, Comments, Embedded Post/Video, Messenger Chat and others
react
react-component
facebook
login
login button
+12
zlatkofedor
Popular search queries
webpack.js.org
url
react-scripts
react
lottie-api
react-helmet-async
+7 packages
github.com
color-convert
@headlessui/react
hoist-non-react-statics
reactstrap
lit-html
+60 packages
pinterest.com
lodash
relay-runtime
react-relay
react-use
lodash-es
+51 packages
Popular packages
react
React is a JavaScript library for building user interfaces.
+6 634 websites
core-js
Standard library
+10 238 websites
es5-ext
ECMAScript extensions and shims
+10 229 websites
@babel/runtime
babel's modular runtime helpers
+8 352 websites
lodash
Lodash modular utilities.
+4 826 websites
axios
Promise based HTTP client for the browser and node.js
+4 742 websites