Generated on May 4, 2024 via pnpm

Npm

Home

grunt-contrib-imagemin 4.0.0

Minify images

gruntplugin

compress

gif

Package summary

issues

licenses

Package created

6 Dec 2012

Version published

31 Mar 2020

Maintainers

Total deps

438

Direct deps

License

MIT

Issues

16 high severity issues

high

http-cache-semantics@3.8.1

http-cache-semantics vulnerable to Regular Expression Denial of Service

Recommendation: Upgrade to version 4.1.1 or later

via: imagemin-gifsicle@6.0.1 & others

semver-regex@2.0.0

semver-regex Regular Expression Denial of Service (ReDOS)

Recommendation: Upgrade to version 3.1.3 or later

via: imagemin-gifsicle@6.0.1 & others

glob-parent@3.1.0

glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex

Recommendation: Upgrade to version 5.1.2 or later

via: imagemin@6.1.0

trim-newlines@1.0.0

Uncontrolled Resource Consumption in trim-newlines

Recommendation: Upgrade to version 3.0.1 or later

via: imagemin-gifsicle@6.0.1 & others

nth-check@1.0.2

Inefficient Regular Expression Complexity in nth-check

Recommendation: Upgrade to version 2.0.1 or later

via: imagemin-svgo@7.1.0

glob-to-regexp@0.3.0

Package uses an invalid SPDX license ("BSD")

Recommendation: Validate that the package complies with your license policy

via: imagemin@6.1.0

gifsicle@4.0.1

Package uses postinstall script: "node lib/install.js"

via: imagemin-gifsicle@6.0.1

jpegtran-bin@4.0.0

Package uses postinstall script: "node lib/install.js"

via: imagemin-jpegtran@6.0.0

optipng-bin@5.1.0

Package uses postinstall script: "node lib/install.js"

via: imagemin-optipng@6.0.0

resolve-url@0.2.1

Deprecated package

via: imagemin@6.1.0

source-map-resolve@0.5.3

Deprecated package

via: imagemin@6.1.0

source-map-url@0.4.1

Deprecated package

via: imagemin@6.1.0

stable@0.1.8

Deprecated package

via: imagemin-svgo@7.1.0

svgo@1.3.2

Deprecated package

via: imagemin-svgo@7.1.0

urix@0.1.0

Deprecated package

via: imagemin@6.1.0

uuid@3.4.0

Deprecated package

via: imagemin-gifsicle@6.0.1 & others

Collapse

Expand

1 moderate severity issue

moderate

got@7.1.0

Got allows a redirect to a UNIX socket

Recommendation: Upgrade to version 11.8.5 or later

via: imagemin-gifsicle@6.0.1 & others

Collapse

Expand

4 low severity issues

low

semver-regex@2.0.0

Regular expression denial of service in semver-regex

Recommendation: Upgrade to version 3.1.4 or later

via: imagemin-gifsicle@6.0.1 & others

mdn-data@2.0.14

Package uses a license that is not OSI approved ("CC0-1.0")

Recommendation: Read and validate the license terms

via: imagemin-svgo@7.1.0

mdn-data@2.0.4

Package uses a license that is not OSI approved ("CC0-1.0")

Recommendation: Read and validate the license terms

via: imagemin-svgo@7.1.0

glob-to-regexp@0.3.0

Package uses a license that is not OSI approved ("BSD")

Recommendation: Read and validate the license terms

via: imagemin@6.1.0

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

392 Packages, Including:

@mrmlnc/readdir-enhanced@2.2.1

@nodelib/fs.stat@1.1.3

@sindresorhus/is@0.7.0

@types/keyv@3.1.4

@types/node@20.12.8

@types/q@1.5.8

@types/responselike@1.0.3

ansi-regex@2.1.1

ansi-styles@2.2.1

ansi-styles@3.2.1

arch@2.2.0

archive-type@4.0.0

argparse@1.0.10

arr-diff@4.0.0

arr-flatten@1.1.0

arr-union@3.1.0

array-buffer-byte-length@1.0.1

array-find-index@1.0.2

array-union@1.0.2

array-uniq@1.0.3

array-unique@0.3.2

array.prototype.reduce@1.0.7

arraybuffer.prototype.slice@1.0.3

arrify@1.0.1

assign-symbols@1.0.0

available-typed-arrays@1.0.7

balanced-match@1.0.2

base64-js@1.5.1

base@0.11.2

bin-build@3.0.0

bin-check@4.1.0

bin-version-check@4.0.0

bin-version@3.1.0

bin-wrapper@4.1.0

bl@1.2.3

brace-expansion@1.1.11

braces@2.3.2

buffer-alloc-unsafe@1.1.0

buffer-alloc@1.2.0

buffer-crc32@0.2.13

buffer-fill@1.0.0

buffer@5.7.1

cache-base@1.0.1

cacheable-request@2.1.4

call-bind@1.0.7

call-me-maybe@1.0.2

camelcase-keys@2.1.0

camelcase@2.1.1

caw@2.0.1

chalk@1.1.3

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

22 Packages, Including:

boolbase@1.0.0

fs.realpath@1.0.0

glob-parent@3.1.0

glob@7.2.3

graceful-fs@4.2.11

hosted-git-info@2.8.9

inflight@1.0.6

inherits@2.0.4

ini@1.3.8

isexe@2.0.0

lru-cache@4.1.5

minimatch@3.1.2

once@1.4.0

proto-list@1.2.4

pseudomap@1.0.2

rimraf@2.7.1

sax@1.2.4

semver@5.7.2

signal-exit@3.0.7

which@1.3.1

wrappy@1.0.2

yallist@2.1.2

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

10 Packages, Including:

css-select@2.1.0

css-what@3.4.2

domelementtype@1.3.1

domelementtype@2.3.0

domutils@1.7.0

entities@2.2.0

esprima@4.0.1

http-cache-semantics@3.8.1

normalize-package-data@2.5.0

nth-check@1.0.2

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

5 Packages, Including:

duplexer3@0.1.5

ieee754@1.2.1

source-map@0.5.7

source-map@0.6.1

sprintf-js@1.0.3

Creative Commons Zero v1.0 Universal

Public Domain

Not OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

Cannot

Must

3 Packages, Including:

mdn-data@2.0.14

mdn-data@2.0.4

spdx-license-ids@3.0.17

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

3 Packages, Including:

spdx-correct@3.2.0

tunnel-agent@0.6.0

validate-npm-package-license@3.0.4

(MIT OR Apache-2.0)

Permissive

1 Packages, Including:

atob@2.1.2

BSD

Invalid

Not OSI Approved

1 Packages, Including:

glob-to-regexp@0.3.0

Creative Commons Attribution 3.0 Unported

Uncategorized

Not OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

Cannot

Must

1 Packages, Including:

spdx-exceptions@2.5.0

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of grunt-contrib-imagemin 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
chalk	2.4.2	9.63 kB	MIT	prod optional
imagemin-gifsicle	6.0.1	2.13 kB	MIT	prod optional	5 1 1
imagemin-jpegtran	6.0.0	1.98 kB	MIT	prod optional	5 1 1
imagemin-optipng	6.0.0	2.31 kB	MIT	prod optional	5 1 1
imagemin-svgo	7.1.0	1.63 kB	MIT	prod optional	3 2
imagemin	6.1.0	2.59 kB	MIT	prod	6 1
p-map	1.2.0	2.49 kB	MIT	prod
plur	3.1.1	2.16 kB	MIT	prod
pretty-bytes	5.6.0	3.73 kB	MIT	prod