Generated on Jan 23, 2024 via pnpm

Npm

@strapi/plugin-upload 4.13.6

Makes it easy to upload images and files to your Strapi Application.

Package summary

issues

licenses

Package created

30 Jul 2021

Version published

13 Sep 2023

Maintainers

Total deps

359

Direct deps

License

SEE LICENSE IN LICENSE

Issues

8 high severity issues

high

sharp@0.32.0

sharp vulnerability in libwebp dependency CVE-2023-4863

Recommendation: Upgrade to version 0.32.6 or later

via: sharp@0.32.0

@strapi/helper-plugin@4.13.6

Package uses an invalid SPDX license ("SEE LICENSE IN LICENSE")

Recommendation: Validate that the package complies with your license policy

via: @strapi/helper-plugin@4.13.6

@strapi/plugin-upload@4.13.6

Package uses an invalid SPDX license ("SEE LICENSE IN LICENSE")

Recommendation: Validate that the package complies with your license policy

via: @strapi/plugin-upload@4.13.6

@strapi/provider-upload-local@4.13.6

Package uses an invalid SPDX license ("SEE LICENSE IN LICENSE")

Recommendation: Validate that the package complies with your license policy

via: @strapi/provider-upload-local@4.13.6

@strapi/utils@4.13.6

Package uses an invalid SPDX license ("SEE LICENSE IN LICENSE")

Recommendation: Validate that the package complies with your license policy

via: @strapi/provider-upload-local@4.13.6 & others

caniuse-lite@1.0.30001579

Package uses an atypical license ("CC-BY-4.0")

Recommendation: Read and validate the license terms

via: @strapi/design-system@1.10.1 & others

rc@1.2.8

Package uses a custom license expression: `(BSD-2-Clause OR MIT OR Apache-2.0)`

Recommendation: Validate that the license expression complies with your license policy

via: sharp@0.32.0

sharp@0.32.0

Package uses install script: "(node install/libvips && node install/dll-copy && prebuild-install) || (node install/can-compile && node-gyp rebuild && node install/dll-copy)"

via: sharp@0.32.0

Collapse

Expand

6 moderate severity issues

moderate

axios@1.5.0

Axios Cross-Site Request Forgery Vulnerability

Recommendation: Upgrade to version 1.6.0 or later

via: @strapi/helper-plugin@4.13.6 & others

@strapi/design-system@1.10.1

Package has no specified source code repository

via: @strapi/design-system@1.10.1 & others

@strapi/icons@1.10.1

Package has no specified source code repository

via: @strapi/design-system@1.10.1 & others

@strapi/plugin-upload@4.13.6

Package has no specified source code repository

via: @strapi/plugin-upload@4.13.6

@strapi/ui-primitives@1.14.1

Package has no specified source code repository

via: @strapi/design-system@1.10.1 & others

react-style-singleton@2.2.1

Package has no specified source code repository

via: @strapi/design-system@1.10.1 & others

Collapse

Expand

5 low severity issues

low

@strapi/helper-plugin@4.13.6

Package uses a license that is not OSI approved ("SEE LICENSE IN LICENSE")

Recommendation: Read and validate the license terms

via: @strapi/helper-plugin@4.13.6

@strapi/plugin-upload@4.13.6

Package uses a license that is not OSI approved ("SEE LICENSE IN LICENSE")

Recommendation: Read and validate the license terms

via: @strapi/plugin-upload@4.13.6

@strapi/provider-upload-local@4.13.6

Package uses a license that is not OSI approved ("SEE LICENSE IN LICENSE")

Recommendation: Read and validate the license terms

via: @strapi/provider-upload-local@4.13.6

@strapi/utils@4.13.6

Package uses a license that is not OSI approved ("SEE LICENSE IN LICENSE")

Recommendation: Read and validate the license terms

via: @strapi/provider-upload-local@4.13.6 & others

caniuse-lite@1.0.30001579

Package uses a license that is not OSI approved ("CC-BY-4.0")

Recommendation: Read and validate the license terms

via: @strapi/design-system@1.10.1 & others

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

308 Packages, Including:

@babel/code-frame@7.23.5

@babel/compat-data@7.23.5

@babel/core@7.23.7

@babel/generator@7.23.6

@babel/helper-annotate-as-pure@7.22.5

@babel/helper-compilation-targets@7.23.6

@babel/helper-environment-visitor@7.22.20

@babel/helper-function-name@7.23.0

@babel/helper-hoist-variables@7.22.5

@babel/helper-module-imports@7.22.15

@babel/helper-module-transforms@7.23.3

@babel/helper-plugin-utils@7.22.5

@babel/helper-simple-access@7.22.5

@babel/helper-split-export-declaration@7.22.6

@babel/helper-string-parser@7.23.4

@babel/helper-validator-identifier@7.22.20

@babel/helper-validator-option@7.23.5

@babel/helpers@7.23.8

@babel/highlight@7.23.4

@babel/parser@7.23.6

@babel/plugin-syntax-jsx@7.23.3

@babel/runtime@7.23.8

@babel/template@7.22.15

@babel/traverse@7.23.7

@babel/types@7.23.6

@codemirror/autocomplete@6.12.0

@codemirror/commands@6.3.3

@codemirror/lang-json@6.0.1

@codemirror/language@6.10.0

@codemirror/lint@6.4.2

@codemirror/search@6.5.5

@codemirror/state@6.4.0

@codemirror/theme-one-dark@6.1.2

@codemirror/view@6.23.0

@emotion/babel-plugin@11.11.0

@emotion/cache@11.11.0

@emotion/hash@0.9.1

@emotion/is-prop-valid@0.8.8

@emotion/memoize@0.7.4

@emotion/memoize@0.8.1

@emotion/react@11.11.3

@emotion/serialize@1.1.3

@emotion/sheet@1.2.2

@emotion/stylis@0.8.5

@emotion/unitless@0.7.5

@emotion/unitless@0.8.1

@emotion/use-insertion-effect-with-fallbacks@1.0.1

@emotion/utils@1.2.1

@emotion/weak-memoize@0.3.1

@floating-ui/core@1.5.3

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

25 Packages, Including:

chownr@1.1.4

css-color-keywords@1.0.0

electron-to-chromium@1.4.642

fs.realpath@1.0.0

glob@7.2.3

graceful-fs@4.2.11

inflight@1.0.6

inherits@2.0.3

inherits@2.0.4

ini@1.3.8

lru-cache@5.1.1

lru-cache@6.0.0

minimatch@3.1.2

nano-time@1.0.0

once@1.4.0

picocolors@1.0.0

rimraf@3.0.2

semver@6.3.1

semver@7.5.4

setprototypeof@1.1.0

setprototypeof@1.2.0

wrappy@1.0.2

yallist@3.1.1

yallist@4.0.0

yaml@1.10.2

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

9 Packages, Including:

@ampproject/remapping@2.2.1

@internationalized/date@3.5.1

@internationalized/number@3.5.0

@swc/helpers@0.5.3

detect-libc@2.0.2

formik@2.4.0

sharp@0.32.0

tunnel-agent@0.6.0

unload@2.2.0

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

7 Packages, Including:

hoist-non-react-statics@3.3.2

ieee754@1.2.1

intl-messageformat@10.3.4

qs@6.11.1

react-intl@6.4.1

react-transition-group@4.4.5

source-map@0.5.7

SEE LICENSE IN LICENSE

Invalid

Not OSI Approved

4 Packages, Including:

@strapi/helper-plugin@4.13.6

@strapi/plugin-upload@4.13.6

@strapi/provider-upload-local@4.13.6

@strapi/utils@4.13.6

BSD Zero Clause License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

include-copyright

include-license

include-original

Cannot

hold-liable

Must

2 Packages, Including:

tslib@1.14.1

tslib@2.6.2

The Unlicense

Public Domain

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

private-use

modify

Cannot

include-copyright

hold-liable

Must

1 Packages, Including:

big-integer@1.6.52

Creative Commons Attribution 4.0 International

Uncategorized

Not OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

Cannot

Must

1 Packages, Including:

caniuse-lite@1.0.30001579

(MIT OR WTFPL)

Permissive

1 Packages, Including:

expand-template@2.0.3

(BSD-2-Clause OR MIT OR Apache-2.0)

Expression

1 Packages, Including:

rc@1.2.8

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of @strapi/plugin-upload 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
@strapi/design-system	1.10.1	189.25 kB	MIT	prod peer	1 4 1
@strapi/helper-plugin	4.13.6	48.93 kB	SEE LICENSE IN LICENSE	prod	2 5 2
@strapi/icons	1.10.1	103.59 kB	MIT	prod peer	1
@strapi/provider-upload-local	4.13.6	4.46 kB	SEE LICENSE IN LICENSE	prod	2 2
@strapi/utils	4.13.6	63.43 kB	SEE LICENSE IN LICENSE	prod	1 1
axios	1.5.0	431.76 kB	MIT	prod	1
byte-size	7.0.1	5.39 kB	MIT	prod
cropperjs	1.6.0	112.14 kB	MIT	prod
date-fns	2.30.0	682.42 kB	MIT	prod
formik	2.4.0	149.27 kB	Apache-2.0	prod
fs-extra	10.0.0	32.9 kB	MIT	prod
immer	9.0.19	237.82 kB	MIT	prod
koa-range	0.3.0	3.09 kB	MIT	prod
koa-static	5.0.0	2.95 kB	MIT	prod
lodash	4.17.21	311.49 kB	MIT	prod
mime-types	2.1.35	5.46 kB	MIT	prod
prop-types	15.8.1	22.12 kB	MIT	prod
qs	6.11.1	50.74 kB	BSD-3-Clause	prod
react-dnd	15.1.2	83.31 kB	MIT	prod
react-dom	18.2.0	1.04 MB	MIT	prod peer
react-helmet	6.1.0	24.48 kB	MIT	prod
react-intl	6.4.1	45.76 kB	BSD-3-Clause	prod
react-query	3.39.3	489.88 kB	MIT	prod
react-redux	8.1.1	69.11 kB	MIT	prod
react-router-dom	5.3.4	140.85 kB	MIT	prod peer
react-select	5.7.0	134.09 kB	MIT	prod
react	18.2.0	79.25 kB	MIT	prod peer
sharp	0.32.0	119.69 kB	Apache-2.0	prod	3
styled-components	5.3.3	779.77 kB	MIT	prod peer	1 1
yup	0.32.9	52.76 kB	MIT	prod