Generated on Nov 30, 2023 via pnpm

grunt-jscs 3.0.1

Grunt task for checking JavaScript Code Style with jscs.

Package summary

34

issues

8

licenses

Package created

24 Jun 2013

Version published

21 Jun 2016

Maintainers

2

Total deps

157

Direct deps

4

License

MIT

Issues

34

11 critical severity issues

lodash@3.10.1

Prototype Pollution in lodash

Recommendation: Upgrade to version 4.17.12 or later

via: jscs@3.0.7 & others

underscore@1.6.0

Arbitrary Code Execution in underscore

Recommendation: Upgrade to version 1.12.1 or later

via: jscs@3.0.7

cli-table@0.3.11

Package has no specified license

Recommendation: Check the package code and files for license information

via: jscs@3.0.7

colors@0.6.2

Package has no specified license

Recommendation: Check the package code and files for license information

via: jscs@3.0.7

cycle@1.0.3

Package has no specified license

Recommendation: Check the package code and files for license information

via: jscs@3.0.7

domhandler@2.3.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: jscs@3.0.7

domutils@1.5.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: jscs@3.0.7

jsonlint@1.6.3

Package has no specified license

Recommendation: Check the package code and files for license information

via: jscs@3.0.7

nomnom@1.8.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: jscs@3.0.7

prompt@0.2.14

Package has no specified license

Recommendation: Check the package code and files for license information

via: jscs@3.0.7

utile@0.2.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: jscs@3.0.7

14 high severity issues

pathval@0.1.1

Prototype pollution in pathval

Recommendation: Upgrade to version 1.1.1 or later

via: jscs@3.0.7

lodash@3.10.1

Prototype Pollution in lodash

Recommendation: Upgrade to version 4.17.19 or later

via: jscs@3.0.7 & others

lodash@3.10.1

Command Injection in lodash

Recommendation: Upgrade to version 4.17.21 or later

via: jscs@3.0.7 & others

lodash@3.10.1

Prototype Pollution in lodash

Recommendation: Upgrade to version 4.17.11 or later

via: jscs@3.0.7 & others

js-yaml@3.4.6

Code Injection in js-yaml

Recommendation: Upgrade to version 3.13.1 or later

via: jscs@3.0.7

JSV@4.0.2

Package uses an invalid SPDX license ("FreeBSD")

Recommendation: Validate that the package complies with your license policy

via: jscs@3.0.7

entities@1.0.0

Package uses an invalid SPDX license ("BSD-like")

Recommendation: Validate that the package complies with your license policy

via: jscs@3.0.7

revalidator@0.1.8

Package uses an invalid SPDX license ("Apache 2.0")

Recommendation: Validate that the package complies with your license policy

via: jscs@3.0.7

core-js@2.6.12

Deprecated package

via: jscs@3.0.7

core-js@2.6.12

Package uses postinstall script: "node -e "try{require('./postinstall')}catch(e){}""

via: jscs@3.0.7

jscs-preset-wikimedia@1.0.1

Deprecated package

via: jscs@3.0.7

jscs@3.0.7

Deprecated package

via: jscs@3.0.7

nomnom@1.8.1

Deprecated package

via: jscs@3.0.7

uuid@2.0.3

Deprecated package

via: jscs@3.0.7

5 moderate severity issues

lodash@3.10.1

Regular Expression Denial of Service (ReDoS) in lodash

Recommendation: Upgrade to version 4.17.11 or later

via: jscs@3.0.7 & others

js-yaml@3.4.6

Denial of Service in js-yaml

Recommendation: Upgrade to version 3.13.0 or later

via: jscs@3.0.7

lodash@3.10.1

Regular Expression Denial of Service (ReDoS) in lodash

Recommendation: Upgrade to version 4.17.21 or later

via: jscs@3.0.7 & others

JSV@4.0.2

Package has no specified source code repository

via: jscs@3.0.7

eyes@0.1.8

Package has no specified source code repository

via: jscs@3.0.7

4 low severity issues

lodash@3.10.1

Prototype Pollution in lodash

Recommendation: Upgrade to version 4.17.5 or later

via: jscs@3.0.7 & others

JSV@4.0.2

Package uses a license that is not OSI approved ("FreeBSD")

Recommendation: Read and validate the license terms

via: jscs@3.0.7

entities@1.0.0

Package uses a license that is not OSI approved ("BSD-like")

Recommendation: Read and validate the license terms

via: jscs@3.0.7

revalidator@0.1.8

Package uses a license that is not OSI approved ("Apache 2.0")

Recommendation: Read and validate the license terms

via: jscs@3.0.7

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

126 Packages, Including:

ansi-regex@2.1.1

ansi-styles@1.0.0

ansi-styles@2.2.1

argparse@1.0.10

array-buffer-byte-length@1.0.0

async@0.2.10

available-typed-arrays@1.0.5

babel-runtime@6.26.0

babylon@6.18.0

balanced-match@1.0.2

brace-expansion@1.1.11

call-bind@1.0.5

chalk@0.4.0

chalk@1.1.3

colors@1.0.3

commander@2.9.0

comment-parser@0.3.2

concat-map@0.0.1

core-js@2.6.12

core-util-is@1.0.3

cst@0.4.10

deep-equal@2.2.3

define-data-property@1.1.1

define-properties@1.2.1

dom-serializer@0.2.2

es-get-iterator@1.1.3

escape-string-regexp@1.0.5

exit@0.1.2

eyes@0.1.8

for-each@0.3.3

function-bind@1.1.2

functions-have-names@1.2.3

get-intrinsic@1.2.2

gopd@1.0.1

graceful-readlink@1.0.1

grunt-jscs@3.0.1

has-ansi@2.0.0

has-bigints@1.0.2

has-color@0.1.7

has-property-descriptors@1.0.1

has-proto@1.0.1

has-symbols@1.0.3

has-tostringtag@1.0.0

hasown@2.0.0

hooker@0.2.3

htmlparser2@3.8.3

i@0.3.7

inherit@2.2.7

internal-slot@1.0.6

is-arguments@1.1.1

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

12 Packages, Including:

fs.realpath@1.0.0

glob@5.0.15

glob@7.2.3

inflight@1.0.6

inherits@2.0.4

minimatch@3.0.8

minimatch@3.1.2

mute-stream@0.0.8

once@1.4.0

read@1.0.7

rimraf@2.7.1

wrappy@1.0.2

N/A

N/A

9 Packages, Including:

cli-table@0.3.11

colors@0.6.2

cycle@1.0.3

domhandler@2.3.0

domutils@1.5.1

jsonlint@1.6.3

nomnom@1.8.1

prompt@0.2.14

utile@0.2.1

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

5 Packages, Including:

domelementtype@1.3.1

domelementtype@2.3.0

entities@2.2.0

esprima@2.7.3

estraverse@4.3.0

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

2 Packages, Including:

source-map@0.5.7

sprintf-js@1.0.3

FreeBSD

Invalid

Not OSI Approved

1 Packages, Including:

JSV@4.0.2

BSD-like

Invalid

Not OSI Approved

1 Packages, Including:

entities@1.0.0

Apache 2.0

Invalid

Not OSI Approved

1 Packages, Including:

revalidator@0.1.8

Direct Dependencies

4

All Dependencies CSV

ⓘ This is a list of grunt-jscs 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
hooker	0.2.3	8.47 kB	MIT	prod
jscs	3.0.7	156.23 kB	MIT	prod	11 14 5 4
lodash	4.6.1	269.19 kB	MIT	prod	1 3 2 1
vow	0.4.20	13.22 kB	MIT	prod

All Versions