Hold on, we're currently generating a fresh version of this report

Generated on May 4, 2024 via pnpm

cldr 5.8.0

Library for extracting data from CLDR (the Unicode Common Locale Data Repository)

internationalization

Package summary

15

issues

7

licenses

Package created

4 Nov 2012

Version published

12 Dec 2020

Maintainers

4

Total deps

84

Direct deps

9

License

BSD-3-Clause

Issues

15

2 critical severity issues

xmldom@0.4.0

xmldom allows multiple root nodes in a DOM

Recommendation: None

via: xmldom@0.4.0

unicoderegexp@0.4.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: unicoderegexp@0.4.1

6 high severity issues

chainsaw@0.0.9

Package uses an invalid SPDX license ("MIT/X11")

Recommendation: Validate that the package complies with your license policy

via: seq@0.3.5

hashish@0.0.4

Package uses an invalid SPDX license ("MIT/X11")

Recommendation: Validate that the package complies with your license policy

via: seq@0.3.5

seq@0.3.5

Package uses an invalid SPDX license ("MIT/X11")

Recommendation: Validate that the package complies with your license policy

via: seq@0.3.5

traverse@0.3.9

Package uses an invalid SPDX license ("MIT/X11")

Recommendation: Validate that the package complies with your license policy

via: seq@0.3.5

memoizeasync@1.1.0

Package uses an invalid SPDX license ("BSD")

Recommendation: Validate that the package complies with your license policy

via: memoizeasync@1.1.0

xmldom@0.4.0

Deprecated package

via: xmldom@0.4.0

2 moderate severity issues

xmldom@0.4.0

Misinterpretation of malicious XML input

Recommendation: Upgrade to version 0.5.0 or later

via: xmldom@0.4.0

xmldom@0.4.0

Misinterpretation of malicious XML input

Recommendation: None

via: xmldom@0.4.0

5 low severity issues

chainsaw@0.0.9

Package uses a license that is not OSI approved ("MIT/X11")

Recommendation: Read and validate the license terms

via: seq@0.3.5

hashish@0.0.4

Package uses a license that is not OSI approved ("MIT/X11")

Recommendation: Read and validate the license terms

via: seq@0.3.5

seq@0.3.5

Package uses a license that is not OSI approved ("MIT/X11")

Recommendation: Read and validate the license terms

via: seq@0.3.5

traverse@0.3.9

Package uses a license that is not OSI approved ("MIT/X11")

Recommendation: Read and validate the license terms

via: seq@0.3.5

memoizeasync@1.1.0

Package uses a license that is not OSI approved ("BSD")

Recommendation: Read and validate the license terms

via: memoizeasync@1.1.0

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

70 Packages, Including:

array-buffer-byte-length@1.0.1

arraybuffer.prototype.slice@1.0.3

available-typed-arrays@1.0.7

call-bind@1.0.7

data-view-buffer@1.0.1

data-view-byte-length@1.0.1

data-view-byte-offset@1.0.0

define-data-property@1.1.4

define-properties@1.2.1

es-abstract@1.23.3

es-define-property@1.0.0

es-errors@1.3.0

es-object-atoms@1.0.0

es-set-tostringtag@2.0.3

es-to-primitive@1.2.1

for-each@0.3.3

function-bind@1.1.2

function.prototype.name@1.1.6

functions-have-names@1.2.3

get-intrinsic@1.2.4

get-symbol-description@1.0.2

globalthis@1.0.4

gopd@1.0.1

has-bigints@1.0.2

has-property-descriptors@1.0.2

has-proto@1.0.3

has-symbols@1.0.3

has-tostringtag@1.0.2

hasown@2.0.2

internal-slot@1.0.7

is-array-buffer@3.0.4

is-bigint@1.0.4

is-boolean-object@1.1.2

is-callable@1.2.7

is-data-view@1.0.1

is-date-object@1.0.5

is-negative-zero@2.0.3

is-number-object@1.0.7

is-regex@1.1.4

is-shared-array-buffer@1.0.3

is-string@1.0.7

is-symbol@1.0.4

is-typed-array@1.1.13

is-weakref@1.0.2

isarray@2.0.5

lru-cache@2.5.0

object-inspect@1.13.1

object-keys@1.1.1

object.assign@4.1.5

pegjs@0.10.0

MIT/X11

Invalid

Not OSI Approved

4 Packages, Including:

chainsaw@0.0.9

hashish@0.0.4

seq@0.3.5

traverse@0.3.9

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

4 Packages, Including:

escodegen@2.1.0

esprima@4.0.1

estraverse@5.3.0

esutils@2.0.3

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

3 Packages, Including:

cldr@5.8.0

passerror@1.1.1

source-map@0.6.1

BSD

Invalid

Not OSI Approved

1 Packages, Including:

memoizeasync@1.1.0

N/A

N/A

1 Packages, Including:

unicoderegexp@0.4.1

(LGPL-2.0 OR MIT)

Permissive

1 Packages, Including:

xmldom@0.4.0

Direct Dependencies

9

All Dependencies CSV

ⓘ This is a list of cldr 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
escodegen	2.1.0	19.55 kB	BSD-2-Clause	prod
esprima	4.0.1	50.86 kB	BSD-2-Clause	prod
memoizeasync	1.1.0	10.67 kB	BSD	prod	1 1
passerror	1.1.1	2.48 kB	BSD-3-Clause	prod
pegjs	0.10.0	69.61 kB	MIT	prod
seq	0.3.5	10.68 kB	MIT/X11	prod	4 4
unicoderegexp	0.4.1	10.1 kB	UNKNOWN	prod	1
xmldom	0.4.0	23.62 kB	(LGPL-2.0 OR MIT)	prod	1 1 2
xpath	0.0.32	38.59 kB	MIT	prod

Recent Versions