Home
Docs
GitHub
Pricing
Blog
Log In

Run Sandworm Audit for your App

Get started
Hold on, we're currently generating a fresh version of this report
Generated on May 15, 2024 via pnpm

lodash-cli 4.17.5

The Lodash command-line interface.
Package summary
Share
9
issues
1
critical severity
vulnerability
1
4
high severity
vulnerability
3
license
1
3
moderate severity
vulnerability
3
1
low severity
license
1
6
licenses
21
MIT
9
ISC
1
Apache-2.0
3
other licenses
BSD-3-Clause
1
BSD-2-Clause
1
MIT/X11
1
Package created
31 Aug 2013
Version published
4 Feb 2018
Maintainers
2
Total deps
34
Direct deps
5
License
MIT

Issues

9

1 critical severity issue

critical
Recommendation: Upgrade to version 4.17.12 or later
via: lodash@4.17.5
Collapse
Expand

4 high severity issues

high
Recommendation: Upgrade to version 4.17.11 or later
via: lodash@4.17.5
Recommendation: Upgrade to version 4.17.19 or later
via: lodash@4.17.5
Recommendation: Upgrade to version 4.17.21 or later
via: lodash@4.17.5
Recommendation: Validate that the package complies with your license policy
via: uglify-js@2.7.5
Collapse
Expand

3 moderate severity issues

moderate
Recommendation: Upgrade to version 4.17.11 or later
via: lodash@4.17.5
Recommendation: Upgrade to version 4.17.21 or later
via: lodash@4.17.5
Recommendation: Upgrade to version 5.7.2 or later
via: semver@5.3.0
Collapse
Expand

1 low severity issue

low
Recommendation: Read and validate the license terms
via: uglify-js@2.7.5
Collapse
Expand

Licenses

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
21 Packages, Including:
align-text@0.1.4
async@0.2.10
balanced-match@1.0.2
brace-expansion@1.1.11
camelcase@1.2.1
center-align@0.1.3
closure-compiler@0.2.12
concat-map@0.0.1
decamelize@1.2.0
is-buffer@1.1.6
kind-of@3.2.2
lazy-cache@1.0.4
lodash-cli@4.17.5
lodash@4.17.5
longest@1.0.1
path-is-absolute@1.0.1
repeat-string@1.6.1
right-align@0.1.3
uglify-to-browserify@1.0.2
window-size@0.1.0
yargs@3.10.0

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
9 Packages, Including:
cliui@2.1.0
fs.realpath@1.0.0
glob@7.1.1
inflight@1.0.6
inherits@2.0.4
minimatch@3.1.2
once@1.4.0
semver@5.3.0
wrappy@1.0.2

Apache License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
use-patent-claims
place-warranty
Cannot
hold-liable
use-trademark
Must
include-copyright
include-license
state-changes
include-notice
1 Packages, Including:
google-closure-compiler@20150901.0.0

BSD 3-Clause "New" or "Revised" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
use-trademark
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
source-map@0.5.7

BSD 2-Clause "Simplified" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
uglify-js@2.7.5

MIT/X11

Invalid
Not OSI Approved
1 Packages, Including:
wordwrap@0.0.2
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Direct Dependencies

5
All Dependencies CSV
β“˜ This is a list of lodash-cli 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.
NameVersionSizeLicenseTypeVulnerabilities
closure-compiler0.2.122.66 kBMIT
prod
glob7.1.115.25 kBISC
prod
lodash4.17.5298.37 kBMIT
prod
1
3
2
semver5.3.014.74 kBISC
prod
1
uglify-js2.7.5117.88 kBBSD-2-Clause
prod
1
1

Visualizations