Home
Docs
GitHub
Pricing
Blog
Log In

Run Sandworm Audit for your App

Get started
Hold on, we're currently generating a fresh version of this report
Generated on Jun 9, 2024 via pnpm

imagemin-pngcrush 7.0.0

pngcrush imagemin plugin
Package summary
Share
6
issues
4
high severity
vulnerability
2
meta
2
1
moderate severity
vulnerability
1
1
low severity
vulnerability
1
5
licenses
147
MIT
18
ISC
2
BSD-3-Clause
2
other licenses
BSD-2-Clause
1
Apache-2.0
1
Package created
23 Apr 2014
Version published
31 May 2020
Maintainers
7
Total deps
169
Direct deps
3
License
MIT

Issues

6

4 high severity issues

high
Recommendation: Upgrade to version 4.1.1 or later
via: pngcrush-bin@5.0.2
Recommendation: Upgrade to version 3.1.3 or later
via: pngcrush-bin@5.0.2
via: pngcrush-bin@5.0.2
via: exec-buffer@3.2.0 & others
Collapse
Expand

1 moderate severity issue

moderate
Recommendation: Upgrade to version 11.8.5 or later
via: pngcrush-bin@5.0.2
Collapse
Expand

1 low severity issue

low
Recommendation: Upgrade to version 3.1.4 or later
via: pngcrush-bin@5.0.2
Collapse
Expand

Licenses

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
147 Packages, Including:
@sindresorhus/is@0.7.0
@types/keyv@3.1.4
@types/node@20.14.2
@types/responselike@1.0.3
arch@2.2.0
archive-type@4.0.0
balanced-match@1.0.2
base64-js@1.5.1
bin-build@3.0.0
bin-check@4.1.0
bin-version-check@4.0.0
bin-version@3.1.0
bin-wrapper@4.1.0
bl@1.2.3
brace-expansion@1.1.11
buffer-alloc-unsafe@1.1.0
buffer-alloc@1.2.0
buffer-crc32@0.2.13
buffer-fill@1.0.0
buffer@5.7.1
cacheable-request@2.1.4
caw@2.0.1
clone-response@1.0.2
commander@2.20.3
concat-map@0.0.1
config-chain@1.1.13
content-disposition@0.5.4
core-util-is@1.0.3
cross-spawn@5.1.0
cross-spawn@6.0.5
decode-uri-component@0.2.2
decompress-response@3.3.0
decompress-tar@4.1.1
decompress-tarbz2@4.1.1
decompress-targz@4.1.1
decompress-unzip@4.0.1
decompress@4.2.1
download@6.2.5
download@7.1.0
end-of-stream@1.4.4
escape-string-regexp@1.0.5
exec-buffer@3.2.0
execa@0.7.0
execa@1.0.0
executable@4.1.1
ext-list@2.2.2
ext-name@5.0.0
fd-slicer@1.1.0
file-type@3.9.0
file-type@4.4.0

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
18 Packages, Including:
fs.realpath@1.0.0
glob@7.2.3
graceful-fs@4.2.11
inflight@1.0.6
inherits@2.0.4
ini@1.3.8
isexe@2.0.0
lru-cache@4.1.5
minimatch@3.1.2
once@1.4.0
proto-list@1.2.4
pseudomap@1.0.2
rimraf@2.7.1
semver@5.7.2
signal-exit@3.0.7
which@1.3.1
wrappy@1.0.2
yallist@2.1.2

BSD 3-Clause "New" or "Revised" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
use-trademark
hold-liable
Must
include-copyright
include-license
2 Packages, Including:
duplexer3@0.1.5
ieee754@1.2.1

BSD 2-Clause "Simplified" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
http-cache-semantics@3.8.1

Apache License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
use-patent-claims
place-warranty
Cannot
hold-liable
use-trademark
Must
include-copyright
include-license
state-changes
include-notice
1 Packages, Including:
tunnel-agent@0.6.0
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Direct Dependencies

3
All Dependencies CSV
β“˜ This is a list of imagemin-pngcrush 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.
NameVersionSizeLicenseTypeVulnerabilities
exec-buffer3.2.02.07 kBMIT
prod
1
is-png2.0.01.92 kBMIT
prod
pngcrush-bin5.0.2551.21 kBMIT
prod
4
1
1

Visualizations