understood.org 161 packages

Last scanned on Oct 27 at 07:07 PM
crypto-js 3.1.2 - 4.1.1VulnerableOutdated
JavaScript library of crypto standards.
License
MIT
Vulnerabilities
crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard
Affected versions >=0 <4.2.0
Version distribution in production
457
4.1.0
457
4.1.1
185
3.3.0
162
3.1.8
143
3.2.1
143
4.0.0
axios 0.19.2VulnerableOutdated
Promise based HTTP client for the browser and node.js
jsonwebtoken 8.5.0 - 8.5.1VulnerableOutdated
JSON Web Token implementation (symmetric and asymmetric)
browserify-sign 4.2.0 - 4.2.1VulnerableOutdated
adds node crypto signing for browsers
+2
dcousens
ljharb
cwmma
next 10.0.2 - 10.2.0VulnerableOutdated
The React Framework
rauchg
timneutkens
vercel-release-bot
es5-ext 0.10.24 - 0.10.49VulnerableOutdated
ECMAScript extensions and shims
semver 5.7.0 - 5.7.1Outdated
The semantic version parser used by npm.
+2
npm-cli-ops
saquibkhan
fritzy
tslib 1.13.0 - 1.14.1Outdated
Runtime library for TypeScript helper functions
ms 2.1.3
Tiny millisecond conversion utility
+5
gdborton
matheuss
rauchg
readable-stream 2.3.7Outdated
Node.js Streams, a user-land copy of the stream library from Node.js
safe-buffer 5.1.1 - 5.1.2Outdated
Safer Node.js Buffer API
string_decoder 1.1.0 - 1.3.0
The string_decoder module from Node core
uuid 8.3.2Outdated
RFC4122 (v1, v4, and v5) UUIDs
isarray 1.0.0 - 2.0.5
Array#isArray for older browsers
react-is 16.13.1Outdated
Brand checking of React Elements.
inherits 2.0.4
Browser-friendly inheritance fully compatible with standard node.js inherits()
buffer 4.9.2Outdated
Node.js Buffer API, for the browser
regenerator-runtime 0.13.9Outdated
Runtime for Regenerator-compiled generator and async functions.
@babel/runtime 7.16.7 - 7.18.0Outdated
babel's modular runtime helpers
+1
hzoo
existentialism
nicolo-ribaudo
lodash 4.17.21
Lodash modular utilities.
cookie 0.4.1Outdated
HTTP server cookie parsing and serialization
dougwilson
dougwilson
core-util-is 1.0.3
The `util.is*` functions introduced in Node v0.12.
@typescript-eslint/scope-manager 3.5.0 - 5.41.0Outdated
TypeScript scope analyser for ESLint
rxjs 6.6.7Outdated
Reactive Extensions for modern JavaScript
ieee754 1.2.0 - 1.2.1
Read/write IEEE754 floating point numbers from/to a Buffer or array-like object
util-deprecate 1.0.2
The Node.js `util.deprecate()` function with browser support
safer-buffer 2.1.2
Modern Buffer API polyfill without footguns
chalker
chalker
base64-js 1.5.1
Base64 encoding/decoding in pure JS
fast-json-stable-stringify 2.0.0 - 2.1.0
deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify without jsonify
bn.js 5.2.0Outdated
Big number implementation in pure javascript
events 3.3.0
Node's event emitter for all engines.
deepmerge 4.2.2Outdated
A library for deep (recursive) merging of Javascript objects
process-nextick-args 2.0.1
process.nextTick but always with args
cwmma
cwmma
util 0.11.1Outdated
Node.js's util module for all engines
scheduler 0.20.2Outdated
Cooperative scheduler for the browser environment.
randombytes 2.1.0
random bytes from browserify stand alone
prop-types 15.8.0 - 15.8.1
Runtime type checking for React props and similar objects.
react 17.0.1Outdated
React is a JavaScript library for building user interfaces.
process 0.11.10
process information for node.js and browsers
jws 3.2.1 - 4.0.0
Implementation of JSON Web Signatures
jwa 1.4.1Outdated
JWA implementation (supports all JWS algorithms)
react-dom 17.0.1Outdated
React package for working with the DOM.
date-fns 2.17.0 - 2.28.0Outdated
Modern JavaScript date utility library
kossnocorp
kossnocorp
lodash.isplainobject 4.0.6
The lodash method `_.isPlainObject` exported as a module.
minimalistic-assert 1.0.0 - 1.0.1
minimalistic-assert ===
cwmma
indutny
@emotion/memoize 0.6.6 - 0.7.4Outdated
emotion's memoize utility
+1
emmatown
tkh44
emotion-release-bot
hoist-non-react-statics 3.3.2
Copies non-react specific statics from a child component to a parent component
mridgway
mridgway
cross-fetch 3.1.0 - 3.1.4Outdated
Universal WHATWG Fetch API for Node, Browsers and React Native
ecdsa-sig-formatter 1.0.10 - 1.0.11
Translate ECDSA signatures between ASN.1/DER and JOSE-style concatenation
d2l-travis-deploy
d2l-travis-deploy
buffer-equal-constant-time 1.0.0 - 1.0.1
Constant-time comparison of Buffers
@emotion/unitless 0.7.2 - 0.7.5Outdated
An object of css properties that don't accept values with units
+1
emmatown
tkh44
emotion-release-bot
lodash.once 4.1.1
The lodash method `_.once` exported as a module.
lodash.isstring 4.0.1
The lodash method `_.isString` exported as a module.
symbol-observable 2.0.0 - 3.0.0Outdated
Symbol.observable ponyfill
@emotion/is-prop-valid 0.8.8Outdated
A function to check whether a prop is valid for HTML and SVG elements
+1
emmatown
tkh44
emotion-release-bot
sha.js 2.4.10 - 2.4.11
Streamable SHA hashes in pure javascript
dcousens
ljharb
cwmma
graphql 15.7.2 - 15.8.0Outdated
A Query Language and Runtime which can target any service.
ramda 0.26.0 - 0.26.1Outdated
A practical functional library for JavaScript programmers.
lodash.isboolean 3.0.3
The lodash method `_.isBoolean` exported as a module.
stream-browserify 1.0.0 - 2.0.2Outdated
the stream module from node core for browsers
asn1.js 5.3.0 - 5.4.1
ASN.1 encoder and decoder
lodash.includes 4.3.0
The lodash method `_.includes` exported as a module.
hash-base 3.1.0
abstract base class for hash-streams
elliptic 6.5.4Outdated
EC cryptography
lodash.isinteger 4.0.4
The lodash method `_.isInteger` exported as a module.
lodash.isnumber 3.0.3
The lodash method `_.isNumber` exported as a module.
hash.js 1.1.7
Various hash functions that could be run by both browser and node
brorand 1.1.0
Random number generator for browsers and node.js
aws-sdk 2.83.0 - 2.1241.0Outdated
AWS SDK for JavaScript
hmac-drbg 1.0.1
Deterministic random bit generator (hmac)
minimalistic-crypto-utils 1.0.1
Minimalistic tools for JS crypto modules
lodash-es 4.17.20 - 4.17.21
Lodash exported as ES modules.
des.js 1.0.1Outdated
DES implementation
ripemd160 2.0.2
Compute ripemd160 of bytes or strings.
warning 4.0.3
A mirror of Facebook's Warning
md5.js 1.3.5
node style md5 on pure JavaScript
pbkdf2 3.1.2
This library provides the functionality of PBKDF2 with the ability to use any supported hashing algorithm returned from crypto.getHashes()
parse-asn1 5.1.6Outdated
utility library for parsing asn1 files for use with browserify-sign.
+2
dcousens
ljharb
cwmma
cipher-base 1.0.4
abstract base class for crypto-streams
buffer-xor 1.0.0 - 1.0.3Outdated
A simple module for bitwise-xor on buffers
create-hash 1.2.0
create hashes for browserify
browserify-aes 1.2.0
aes, for browserify
create-hmac 1.1.6 - 1.1.7
node style hmacs in the browser
evp_bytestokey 1.0.3
The insecure key derivation algorithm from OpenSSL
browserify-rsa 4.1.0
RSA for browserify
+2
dcousens
ljharb
cwmma
crypto-browserify 3.12.0
implementation of crypto for the browser
+2
dcousens
ljharb
cwmma
create-ecdh 4.0.2 - 4.0.4
createECDH but browserifiable
public-encrypt 4.0.3
browserify version of publicEncrypt & privateDecrypt
+2
dcousens
ljharb
cwmma
diffie-hellman 5.0.2 - 5.0.3
pure js diffie-hellman
browserify-des 1.0.2
browserify-des ===
dcousens
ljharb
cwmma
browserify-cipher 1.0.1
ciphers for the browser
cwmma
cwmma
miller-rabin 4.0.1
Miller Rabin algorithm for primality test
randomfill 1.0.3 - 1.0.4
random fill from browserify stand alone
shallowequal 1.1.0
Like lodash isEqualWith but for shallow equal.
polished 4.1.3Outdated
A lightweight toolset for writing styles in Javascript.
crypt 0.0.0 - 0.0.2
utilities for encryption and hashing
pvorb
pvorb
charenc 0.0.0 - 0.0.2
character encoding utilities
pvorb
pvorb
graphql-tag 2.12.6
A JavaScript template literal tag that parses GraphQL queries
jnwng
abernix
apollo-bot
jwt-decode 3.0.0 - 3.1.2Outdated
Decode JWT tokens, mostly useful for browser applications.
react-lifecycles-compat 3.0.4
Backwards compatibility polyfill for React class components
fb
sophiebits
p-is-promise 3.0.0 - 4.0.0
Check if something is a promise
styled-components 5.3.3Outdated
CSS for the <Component> Age. Style components your way with speed, strong typing, and flexibility.
i18next 21.6.12Outdated
i18next internationalization framework
@emotion/stylis 0.8.4 - 0.8.5
A custom build of Stylis
+1
emmatown
tkh44
emotion-release-bot
zen-observable-ts 0.8.14 - 0.8.21Outdated
Thin wrapper around zen-observable and @types/zen-observable, to support ESM exports as well as CommonJS exports
jbaxleyiii
apollo-bot
ts-invariant 0.4.3 - 0.4.4Outdated
TypeScript implementation of invariant(condition, message)
extract-files 8.1.0Outdated
A function to recursively extract files and their object paths within a value, replacing them with null in a deep clone without mutating the original value. FileList instances are treated as File instance arrays. Files are typically File and Blob instance
zen-observable 0.8.15Outdated
An Implementation of ES Observables
zenparsing
zenparsing
@wry/trie 0.2.1 - 0.3.2Outdated
https://en.wikipedia.org/wiki/Trie
@wry/equality 0.3.4 - 0.4.0Outdated
Structural equality checking for JavaScript values
benjamn
benjamn
framer-motion 4.1.17Outdated
A simple and powerful JavaScript animation library
@wry/context 0.4.4 - 0.6.1Outdated
Manage contextual information needed by (a)synchronous tasks without explicitly passing objects around
benjamn
benjamn
optimism 0.14.1 - 0.15.0Outdated
Composable reactive caching with efficient invalidation.
react-i18next 11.12.0 - 11.16.2Outdated
Internationalization for react done right. Using the i18next i18n ecosystem.
@apollo/client 3.3.15Outdated
A fully-featured caching GraphQL client.
react-scripts 0.4.2Outdated
Configuration and scripts for Create React App.
+1
fb
timer
iansu
exenv 1.2.1 - 1.2.2
React's ExecutionEnvironment module extracted for use in other packages & components
fp-ts 2.6.6 - 2.9.5Outdated
Functional programming in TypeScript
string-convert 0.1.0 - 0.2.1
String convertions
akiran
akiran
json2mq 0.2.0
Generate media query string from JSON or javascript object
akiran
akiran
framesync 5.3.0 - 6.0.1Outdated
A frame-synced render loop for JavaScript
popmotion
popmotion
react-intersection-observer 8.28.2Outdated
Monitor if a component is inside the viewport, using IntersectionObserver API
hey-listen 1.0.6 - 1.0.8
Warning and invariant dev-ex messaging.
xstate 4.7.0 - 4.33.6Outdated
Finite State Machines and Statecharts for the Modern Web.
react-modal 3.14.4Outdated
Accessible modal dialog component for React.JS
universal-cookie 4.0.4Outdated
Universal cookies for JavaScript
@datadog/browser-rum 4.10.1 - 4.11.1Outdated
Datadog Real User Monitoring (RUM) enables you to visualize and analyze the real-time performance and user journeys of your application's individual users.
datadog
datadog
apollo-utilities 1.3.4
Utilities for working with GraphQL ASTs
+1
apollo-bot
benjamn
jbaxleyiii
popmotion 9.3.6Outdated
The animator's toolbox
apollo-link 1.2.12 - 1.2.14
Flexible, lightweight transport layer for GraphQL
jbaxleyiii
peggyrayzis
apollo-bot
style-value-types 4.1.3 - 4.1.4Outdated
Parsers, transformers and tests for special value types, eg: %, hex codes etc.
js-sha256 0.9.0Outdated
A simple SHA-256 / SHA-224 hash function for JavaScript supports UTF-8 encoding.
@contentful/rich-text-types 13.4.0Outdated
Type definitions and constants for the Contentful rich text field type.
it-internal
whydah-gally
contentful-ecosystem
apollo-link-http-common 0.2.14 - 0.2.16
Http utilities for Apollo Link shared across all links using http
use-subscription 1.5.1Outdated
Reusable hooks
+1
gnoff
fb
sophiebits
@auth0/auth0-spa-js 2.0.0Outdated
Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE
apollo-upload-client 13.0.0Outdated
A terminating Apollo Link for Apollo Client that fetches a GraphQL multipart request if the GraphQL variables contain files (by default FileList, File, or Blob instances), or else fetches a regular GraphQL POST or GET request (depending on the config and
@chakra-ui/hooks 1.2.0 - 2.1.0Outdated
React hooks for Chakra components
next-seo 4.29.0Outdated
SEO plugin for Next.js projects
@contentful/rich-text-react-renderer 13.4.0Outdated
React renderer for the Contentful rich text field type.
it-internal
whydah-gally
contentful-ecosystem
next-i18next 10.4.0 - 10.5.0Outdated
The easiest way to translate your NextJs apps.
sha1 1.1.0 - 1.1.1
native js function for hashing messages with SHA-1
pvorb
pvorb
auth0-js 9.18.1Outdated
Auth0 headless browser sdk
@use-it/event-listener 0.1.5 - 0.1.7
A custom React Hook that provides a useEventListener.
use-persisted-state 0.3.3
A custom React Hook that provides a multi-instance, multi-tab/browser shared and persistent state.
styled-breakpoints 0.0.1Outdated
Simple and powerful css breakpoints for styled-components and emotion
use-dark-mode 2.3.1
A custom React Hook to help you implement a "dark mode" component.
feathers-commons 0.8.5 - 0.8.7
Shared Feathers utility functions
the-platform x.x.x
@understood/fractal x.x.x
statsig-js x.x.x
react-cache x.x.x
jstimezonedetect x.x.x
@understood/common-app-utils x.x.x
styled-media-query x.x.x
@snowplow/browser-plugin-performance-timing x.x.x
@snowplow/tracker-core x.x.x
@snowplow/browser-tracker-core x.x.x
@snowplow/browser-tracker x.x.x
@snowplow/browser-plugin-timezone x.x.x
@understood/broadside-context x.x.x