Home
Docs
GitHub
Pricing
Blog
Log In

Run Sandworm Audit for your App

Get started
Hold on, we're currently generating a fresh version of this report
Generated on Apr 23, 2024 via pnpm
Package summary
Share
13
issues
3
critical severity
license
3
5
high severity
license
5
1
moderate severity
meta
1
4
low severity
license
4
12
licenses
336
MIT
43
ISC
5
BSD-2-Clause
15
other licenses
N/A
3
(MIT OR CC0-1.0)
3
BlueOak-1.0.0
2
Apache-2.0
2
+ 5 more
Package created
2 Sep 2015
Version published
18 Aug 2023
Maintainers
1
Total deps
399
Direct deps
21
License
MIT

Issues

13

3 critical severity issues

critical
Recommendation: Check the package code and files for license information
via: unified-diff@4.0.1
Recommendation: Check the package code and files for license information
via: unified-diff@4.0.1
Recommendation: Check the package code and files for license information
via: unified-diff@4.0.1
Collapse
Expand

5 high severity issues

high
Recommendation: Read and validate the license terms
via: unified-engine@10.1.0
Recommendation: Read and validate the license terms
via: unified-engine@10.1.0
Recommendation: Validate that the package complies with your license policy
via: unified-diff@4.0.1
Recommendation: Validate that the license expression complies with your license policy
via: update-notifier@6.0.2
Recommendation: Read and validate the license terms
via: meow@11.0.0
Collapse
Expand

1 moderate severity issue

moderate
via: unified-diff@4.0.1
Collapse
Expand

4 low severity issues

low
Recommendation: Read and validate the license terms
via: unified-engine@10.1.0
Recommendation: Read and validate the license terms
via: unified-engine@10.1.0
Recommendation: Read and validate the license terms
via: meow@11.0.0
Recommendation: Read and validate the license terms
via: meow@11.0.0
Collapse
Expand

Licenses

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
336 Packages, Including:
@babel/code-frame@7.24.2
@babel/helper-validator-identifier@7.22.20
@babel/highlight@7.24.2
@pkgjs/parseargs@0.11.0
@pnpm/config.env-replace@1.1.0
@pnpm/network.ca-file@1.0.2
@pnpm/npm-conf@2.2.2
@sindresorhus/is@5.6.0
@szmarczak/http-timer@5.0.1
@types/acorn@4.0.6
@types/concat-stream@2.0.3
@types/debug@4.1.12
@types/estree-jsx@1.0.5
@types/estree@1.0.5
@types/hast@2.3.10
@types/http-cache-semantics@4.0.4
@types/is-empty@1.2.3
@types/mdast@3.0.15
@types/minimist@1.2.5
@types/ms@0.7.34
@types/nlcst@1.0.4
@types/node@18.19.31
@types/normalize-package-data@2.4.4
@types/supports-color@8.1.3
@types/unist@2.0.10
acorn-jsx@5.3.2
acorn@8.11.3
alex@11.0.1
ansi-regex@5.0.1
ansi-regex@6.0.1
ansi-styles@3.2.1
ansi-styles@6.2.1
array-iterate@1.1.4
array-iterate@2.0.1
arrify@1.0.1
bail@2.0.2
balanced-match@1.0.2
boxen@7.1.1
brace-expansion@2.0.1
bubble-stream-error@0.0.1
bubble-stream-error@1.0.0
buffer-from@1.1.2
cacheable-lookup@7.0.0
cacheable-request@10.2.14
camelcase-keys@8.0.2
camelcase@7.0.1
ccount@2.0.1
chalk@2.4.2
chalk@5.3.0
character-entities-html4@2.1.0

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
43 Packages, Including:
@isaacs/cliui@8.0.2
@npmcli/config@6.4.1
@npmcli/map-workspaces@3.0.6
@npmcli/name-from-folder@2.0.0
abbrev@2.0.0
ansi-align@3.0.1
foreground-child@3.1.1
fs.realpath@1.0.0
glob@10.3.12
glob@8.1.0
graceful-fs@4.2.10
graceful-fs@4.2.11
hosted-git-info@4.1.0
hosted-git-info@5.2.1
inflight@1.0.6
inherits@2.0.4
ini@1.3.8
ini@2.0.0
ini@4.1.2
isexe@2.0.0
lru-cache@10.2.0
lru-cache@6.0.0
lru-cache@7.18.3
minimatch@5.1.6
minimatch@9.0.4
minipass@7.0.4
nopt@7.2.0
npm-normalize-package-bin@3.0.1
once@1.4.0
picocolors@1.0.0
proc-log@3.0.0
proto-list@1.2.4
read-package-json-fast@3.0.2
semver@7.6.0
signal-exit@3.0.7
signal-exit@4.1.0
walk-up-path@3.0.1
which@2.0.2
wrappy@1.0.2
write-file-atomic@3.0.3
yallist@4.0.0
yaml@2.4.1
yargs-parser@21.1.1

BSD 2-Clause "Simplified" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
hold-liable
Must
include-copyright
include-license
5 Packages, Including:
configstore@6.0.0
http-cache-semantics@4.1.1
normalize-package-data@3.0.3
normalize-package-data@4.0.1
update-notifier@6.0.2

N/A

N/A
3 Packages, Including:
event-stream@3.1.7
map-stream@0.1.0
split@0.2.10

(MIT OR CC0-1.0)

Public Domain
3 Packages, Including:
type-fest@1.4.0
type-fest@2.19.0
type-fest@3.13.1

Blue Oak Model License 1.0.0

Uncategorized
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
Cannot
Must
2 Packages, Including:
jackspeak@2.3.6
path-scurry@1.10.2

Apache License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
use-patent-claims
place-warranty
Cannot
hold-liable
use-trademark
Must
include-copyright
include-license
state-changes
include-notice
2 Packages, Including:
spdx-correct@3.2.0
validate-npm-package-license@3.0.4

BSD 3-Clause "New" or "Revised" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
use-trademark
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
diff@5.2.0

(MIT OR Apache2)

Invalid
1 Packages, Including:
pause-stream@0.0.11

(BSD-2-Clause OR MIT OR Apache-2.0)

Expression
1 Packages, Including:
rc@1.2.8

Creative Commons Attribution 3.0 Unported

Uncategorized
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
Cannot
Must
1 Packages, Including:
spdx-exceptions@2.5.0

Creative Commons Zero v1.0 Universal

Public Domain
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
Cannot
Must
1 Packages, Including:
spdx-license-ids@3.0.17
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Direct Dependencies

21
All Dependencies CSV
β“˜ This is a list of alex 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.
NameVersionSizeLicenseTypeVulnerabilities
@types/mdast3.0.153.12 kBMIT
prod
@types/nlcst1.0.42.66 kBMIT
prod
meow11.0.07.59 kBMIT
prod
1
2
rehype-parse8.0.512.67 kBMIT
prod
rehype-retext3.0.25.35 kBMIT
prod
remark-frontmatter4.0.15.56 kBMIT
prod
remark-gfm3.0.16.35 kBMIT
prod
remark-mdx2.0.04.43 kBMIT
prod
remark-message-control7.1.15.45 kBMIT
prod
remark-parse10.0.25.75 kBMIT
prod
remark-retext5.0.15.44 kBMIT
prod
retext-english4.1.02.75 kBMIT
prod
retext-equality6.6.023.69 kBMIT
prod
retext-profanities7.2.26 kBMIT
prod
unified-diff4.0.15.18 kBMIT
prod
3
1
1
unified-engine10.1.026.48 kBMIT
prod
2
2
unified10.1.220 kBMIT
prod
update-notifier6.0.26.15 kBBSD-2-Clause
prod
1
vfile-reporter7.0.57.18 kBMIT
prod
vfile-sort3.0.13.65 kBMIT
prod
vfile5.3.717.89 kBMIT
prod

Visualizations