Generated on Apr 27, 2024 via pnpm

Npm

Home

firebase-tools 12.5.4

Command-Line Interface for Firebase

cdn

cli

ssl

Package summary

issues

licenses

Package created

15 Jan 2014

Version published

12 Sep 2023

Maintainers

Total deps

612

Direct deps

License

MIT

Issues

3 critical severity issues

critical

protobufjs@7.2.4

protobufjs Prototype Pollution vulnerability

Recommendation: Upgrade to version 7.2.5 or later

via: @google-cloud/pubsub@3.7.5

cli-table@0.3.11

Package has no specified license

Recommendation: Check the package code and files for license information

via: cli-table@0.3.11

valid-url@1.0.9

Package has no specified license

Recommendation: Check the package code and files for license information

via: superstatic@9.0.3

Collapse

Expand

9 high severity issues

high

jackspeak@2.3.6

Package uses an atypical license ("BlueOak-1.0.0")

Recommendation: Read and validate the license terms

via: exegesis@4.1.2 & others

path-scurry@1.10.2

Package uses an atypical license ("BlueOak-1.0.0")

Recommendation: Read and validate the license terms

via: exegesis@4.1.2 & others

deep-freeze@0.0.1

Package uses an invalid SPDX license ("public domain")

Recommendation: Validate that the package complies with your license policy

via: exegesis@4.1.2 & others

rc@1.2.8

Package uses a custom license expression: `(BSD-2-Clause OR MIT OR Apache-2.0)`

Recommendation: Validate that the license expression complies with your license policy

via: superstatic@9.0.3 & others

har-validator@5.1.5

Deprecated package

via: request@2.88.2

protobufjs@7.2.4

Package uses postinstall script: "node scripts/postinstall"

via: @google-cloud/pubsub@3.7.5

re2@1.20.10

Package uses install script: "install-from-cache --artifact build/Release/re2.node --host-var RE2_DOWNLOAD_MIRROR --skip-path-var RE2_DOWNLOAD_SKIP_PATH --skip-ver-var RE2_DOWNLOAD_SKIP_VER || node-gyp rebuild"

via: superstatic@9.0.3

request@2.88.2

Deprecated package

via: request@2.88.2

uuid@3.4.0

Deprecated package

via: request@2.88.2

Collapse

Expand

3 moderate severity issues

moderate

tough-cookie@2.5.0

tough-cookie Prototype Pollution vulnerability

Recommendation: Upgrade to version 4.1.3 or later

via: request@2.88.2

request@2.88.2

Server-Side Request Forgery in Request

Recommendation: None

via: request@2.88.2

minipass-pipeline@1.2.4

Package has no specified source code repository

via: superstatic@9.0.3

Collapse

Expand

3 low severity issues

low

jackspeak@2.3.6

Package uses a license that is not OSI approved ("BlueOak-1.0.0")

Recommendation: Read and validate the license terms

via: exegesis@4.1.2 & others

path-scurry@1.10.2

Package uses a license that is not OSI approved ("BlueOak-1.0.0")

Recommendation: Read and validate the license terms

via: exegesis@4.1.2 & others

deep-freeze@0.0.1

Package uses a license that is not OSI approved ("public domain")

Recommendation: Read and validate the license terms

via: exegesis@4.1.2 & others

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

450 Packages, Including:

@apidevtools/json-schema-ref-parser@9.1.2

@babel/helper-string-parser@7.24.1

@babel/helper-validator-identifier@7.22.20

@babel/parser@7.24.4

@babel/types@7.24.0

@colors/colors@1.5.0

@colors/colors@1.6.0

@dabh/diagnostics@2.0.3

@jsdevtools/ono@7.1.3

@pkgjs/parseargs@0.11.0

@pnpm/config.env-replace@1.1.0

@pnpm/network.ca-file@1.0.2

@pnpm/npm-conf@2.2.2

@tootallnate/quickjs-emscripten@0.23.0

@types/duplexify@3.6.4

@types/glob@8.1.0

@types/json-schema@7.0.15

@types/linkify-it@3.0.5

@types/long@4.0.2

@types/markdown-it@12.2.3

@types/mdurl@1.0.5

@types/minimatch@5.1.2

@types/node@20.12.7

@types/rimraf@3.0.2

@types/triple-beam@1.3.5

abort-controller@3.0.0

accepts@1.3.8

acorn-jsx@5.3.2

acorn@8.11.3

agent-base@6.0.2

agent-base@7.1.1

aggregate-error@3.1.0

ajv-formats@2.1.1

ajv@6.12.6

ajv@8.12.0

ansi-escapes@4.3.2

ansi-escapes@6.2.1

ansi-regex@5.0.1

ansi-regex@6.0.1

ansi-styles@4.3.0

ansi-styles@6.2.1

ansicolors@0.3.2

archiver-utils@2.1.0

archiver-utils@3.0.4

archiver@5.3.2

argparse@1.0.10

array-flatten@1.1.1

array-flatten@3.0.0

arrify@2.0.1

as-array@2.0.0

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

71 Packages, Including:

@isaacs/cliui@8.0.2

@npmcli/agent@2.2.2

@npmcli/fs@3.1.0

abbrev@2.0.0

ansi-align@3.0.1

anymatch@3.1.3

cacache@18.0.2

chownr@2.0.0

cli-width@3.0.0

cliui@8.0.1

foreground-child@3.1.1

fs-minipass@2.1.0

fs-minipass@3.0.3

fs.realpath@1.0.0

get-caller-file@2.0.5

glob-parent@5.1.2

glob@10.3.12

glob@7.2.3

glob@8.1.0

graceful-fs@4.2.10

graceful-fs@4.2.11

har-schema@2.0.0

inflight@1.0.6

inherits@2.0.4

ini@1.3.8

ini@2.0.0

isexe@2.0.0

isexe@3.1.1

json-stringify-safe@5.0.1

libsodium-wrappers@0.7.13

libsodium@0.7.13

lru-cache@10.2.1

lru-cache@6.0.0

lru-cache@7.18.3

make-fetch-happen@13.0.0

minimatch@3.1.2

minimatch@5.1.6

minimatch@6.2.0

minimatch@9.0.4

minipass-collect@2.0.1

minipass-flush@1.0.5

minipass-pipeline@1.2.4

minipass-sized@1.0.3

minipass@3.3.6

minipass@5.0.0

minipass@7.0.4

mute-stream@0.0.8

nopt@7.2.0

once@1.4.0

proc-log@3.0.0

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

35 Packages, Including:

@google-cloud/paginator@4.0.1

@google-cloud/precise-date@3.0.1

@google-cloud/projectify@3.0.0

@google-cloud/promisify@2.0.4

@google-cloud/pubsub@3.7.5

@grpc/grpc-js@1.8.21

@grpc/proto-loader@0.7.12

@jsdoc/salty@0.2.8

@opentelemetry/api@1.8.0

@opentelemetry/semantic-conventions@1.3.1

aws-sign2@0.7.0

caseless@0.12.0

crc-32@1.2.2

ecdsa-sig-formatter@1.0.11

eslint-visitor-keys@3.4.3

exponential-backoff@3.1.1

fast-text-encoding@1.0.6

forever-agent@0.6.1

gaxios@4.3.3

gaxios@5.1.3

gcp-metadata@4.3.1

gcp-metadata@5.3.0

google-auth-library@7.14.1

google-auth-library@8.9.0

google-gax@3.6.1

js2xmlparser@4.0.2

jsdoc@4.0.2

long@5.2.3

oauth-sign@0.9.0

proto3-json-serializer@1.1.1

readdir-glob@1.1.3

request@2.88.2

rxjs@7.8.1

tunnel-agent@0.6.0

xmlcreate@2.0.4

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

28 Packages, Including:

@protobufjs/aspromise@1.1.2

@protobufjs/base64@1.1.2

@protobufjs/codegen@2.0.4

@protobufjs/eventemitter@1.1.0

@protobufjs/fetch@1.1.0

@protobufjs/float@1.0.2

@protobufjs/inquire@1.1.0

@protobufjs/path@1.1.2

@protobufjs/pool@1.1.0

@protobufjs/utf8@1.1.0

bcrypt-pbkdf@1.0.2

buffer-equal-constant-time@1.0.1

filesize@6.4.0

heap-js@2.5.0

ieee754@1.2.1

install-artifact-from-github@1.3.5

protobufjs-cli@1.1.1

protobufjs@7.2.4

qs@6.11.0

qs@6.12.1

qs@6.5.3

re2@1.20.10

source-map@0.6.1

sprintf-js@1.0.3

sprintf-js@1.1.3

stream-chain@2.2.5

stream-json@1.8.0

tough-cookie@2.5.0

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

14 Packages, Including:

configstore@5.0.1

entities@2.1.0

escodegen@1.14.3

escodegen@2.1.0

espree@9.6.1

esprima@4.0.1

estraverse@4.3.0

estraverse@5.3.0

esutils@2.0.3

http-cache-semantics@4.1.1

uglify-js@3.17.4

update-notifier-cjs@5.1.6

uri-js@4.4.1

webidl-conversions@3.0.1

N/A

2 Packages, Including:

cli-table@0.3.11

valid-url@1.0.9

Blue Oak Model License 1.0.0

Uncategorized

Not OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

Cannot

Must

2 Packages, Including:

jackspeak@2.3.6

path-scurry@1.10.2

The Unlicense

Public Domain

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

private-use

modify

Cannot

include-copyright

hold-liable

Must

2 Packages, Including:

markdown-it-anchor@8.6.7

tweetnacl@0.14.5

(MIT OR CC0-1.0)

Public Domain

2 Packages, Including:

type-fest@0.20.2

type-fest@0.21.3

Python License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

state-changes

1 Packages, Including:

argparse@2.0.1

public domain

Invalid

Not OSI Approved

1 Packages, Including:

deep-freeze@0.0.1

(AFL-2.1 OR BSD-3-Clause)

Permissive

1 Packages, Including:

json-schema@0.4.0

(BSD-3-Clause OR GPL-2.0)

Permissive

1 Packages, Including:

node-forge@1.3.1

(BSD-2-Clause OR MIT OR Apache-2.0)

Expression

1 Packages, Including:

rc@1.2.8

BSD Zero Clause License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

include-copyright

include-license

include-original

Cannot

hold-liable

Must

1 Packages, Including:

tslib@2.6.2

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of firebase-tools 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
@google-cloud/pubsub	3.7.5	361.2 kB	Apache-2.0	prod	1 1
abort-controller	3.0.0	17.14 kB	MIT	prod
ajv	6.12.6	197.63 kB	MIT	prod
archiver	5.3.2	13.02 kB	MIT	prod
async-lock	1.3.2	6.06 kB	MIT	prod
body-parser	1.20.2	14.75 kB	MIT	prod
chokidar	3.6.0	25.83 kB	MIT	prod
cjson	0.3.3	5.92 kB	MIT	prod
cli-table	0.3.11	5.94 kB	UNKNOWN	prod	1
colorette	2.0.20	4.94 kB	MIT	prod
commander	4.1.1	26.55 kB	MIT	prod
configstore	5.0.1	3.32 kB	BSD-2-Clause	prod
cors	2.8.5	6.03 kB	MIT	prod
cross-env	5.2.1	8.94 kB	MIT	prod
cross-spawn	7.0.3	7.3 kB	MIT	prod
csv-parse	5.5.5	1.34 MB	MIT	prod
exegesis-express	4.0.0	4.6 kB	MIT	prod	3 3
exegesis	4.1.2	320.59 kB	MIT	prod	3 3
express	4.19.2	209.73 kB	MIT	prod
filesize	6.4.0	11.14 kB	BSD-3-Clause	prod
form-data	4.0.0	10.24 kB	MIT	prod
fs-extra	10.1.0	16.52 kB	MIT	prod
glob	7.2.3	15.08 kB	ISC	prod
google-auth-library	7.14.1	91.53 kB	Apache-2.0	prod
inquirer	8.2.6	23.24 kB	MIT	prod
js-yaml	3.14.1	75.07 kB	MIT	prod
jsonwebtoken	9.0.2	11.94 kB	MIT	prod
leven	3.1.0	2.44 kB	MIT	prod
libsodium-wrappers	0.7.13	17 kB	ISC	prod
lodash	4.17.21	311.49 kB	MIT	prod
marked-terminal	5.2.0	12.67 kB	MIT	prod
marked	4.3.0	103.63 kB	MIT	prod peer
mime	2.6.0	18.29 kB	MIT	prod
minimatch	3.1.2	11.66 kB	ISC	prod
morgan	1.10.0	9.37 kB	MIT	prod
node-fetch	2.7.0	43.6 kB	MIT	prod
open	6.4.0	10.59 kB	MIT	prod
ora	5.4.1	6.74 kB	MIT	prod
p-limit	3.1.0	3.19 kB	MIT	prod
portfinder	1.0.32	6.38 kB	MIT	prod
progress	2.0.3	5.86 kB	MIT	prod
proxy-agent	6.4.0	23.17 kB	MIT	prod
request	2.88.2	57.83 kB	Apache-2.0	prod	3 2
retry	0.13.1	6.39 kB	MIT	prod
rimraf	3.0.2	6.33 kB	ISC	prod
semver	7.6.0	26.57 kB	ISC	prod optional
stream-chain	2.2.5	9.66 kB	BSD-3-Clause	prod
stream-json	1.8.0	15.92 kB	BSD-3-Clause	prod
strip-ansi	6.0.1	1.99 kB	MIT	prod
superstatic	9.0.3	21.35 kB	MIT	prod	1 4 1 2
tar	6.2.1	162.71 kB	ISC	prod optional
tcp-port-used	1.0.2	6.15 kB	MIT	prod
tmp	0.2.3	53.08 kB	MIT	prod
triple-beam	1.4.1	1 B	MIT	prod
universal-analytics	0.5.3	25.88 kB	MIT	prod
update-notifier-cjs	5.1.6	6.65 kB	BSD-2-Clause	prod	1
uuid	8.3.2	27.32 kB	MIT	prod
winston-transport	4.7.0	11.56 kB	MIT	prod
winston	3.13.0	267.69 kB	MIT	prod
ws	7.5.9	28.37 kB	MIT	prod