Home
Docs
GitHub
Pricing
Blog
Log In
DOCS
GITHUB
PRICING
BLOG
Log In

Run Sandworm Audit for your App

Get started
Generated on Oct 1, 2023 via pnpm
Repo
Npm
Home

npm-registry-client 7.3.0

Client for the npm registry
Package summary
Share
8
issues
4
high severity
license
1
meta
3
2
moderate severity
vulnerability
2
2
low severity
license
2
9
licenses
60
MIT
20
ISC
8
Apache-2.0
9
other licenses
BSD-3-Clause
3
BSD-2-Clause
2
(AFL-2.1 OR BSD-3-Clause)
1
CC-BY-3.0
1
+ 2 more
Package created
7 Jun 2012
Version published
20 Oct 2016
Maintainers
5
Total versions
156
License
ISC

Issues

8

4 high severity issues

high
spdx-exceptions@2.3.0
Package uses an atypical license ("CC-BY-3.0")
Recommendation: Read and validate the license terms
via: normalize-package-data@2.5.0
har-validator@5.1.5
Deprecated package
via: request@2.88.2
request@2.88.2
Deprecated package
via: request@2.88.2
uuid@3.4.0
Deprecated package
via: request@2.88.2
Collapse
Expand

2 moderate severity issues

moderate
tough-cookie@2.5.0
tough-cookie Prototype Pollution vulnerability
Recommendation: Upgrade to version 4.1.3 or later
via: request@2.88.2
request@2.88.2
Server-Side Request Forgery in Request
Recommendation: None
via: request@2.88.2
Collapse
Expand

2 low severity issues

low
spdx-exceptions@2.3.0
Package uses a license that is not OSI approved ("CC-BY-3.0")
Recommendation: Read and validate the license terms
via: normalize-package-data@2.5.0
spdx-license-ids@3.0.15
Package uses a license that is not OSI approved ("CC0-1.0")
Recommendation: Read and validate the license terms
via: normalize-package-data@2.5.0
Collapse
Expand

Licenses

MIT
60
ISC
20
Apache-2.0
8
BSD-3-Clause
3
BSD-2-Clause
2
(AFL-2.1 OR BSD-3-Clause)
1
CC-BY-3.0
1
CC0-1.0
1
Unlicense
1

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
Packages
ajv@6.12.6
ansi-regex@2.1.1
asn1@0.2.6
assert-plus@1.0.0
asynckit@0.4.0
aws4@1.12.0
buffer-from@1.1.2
code-point-at@1.1.0
combined-stream@1.0.8
concat-stream@1.6.2
core-util-is@1.0.2
core-util-is@1.0.3
dashdash@1.14.1
delayed-stream@1.0.0
delegates@1.0.0
ecc-jsbn@0.1.2
extend@3.0.2
extsprintf@1.3.0
fast-deep-equal@3.1.3
fast-json-stable-stringify@2.1.0
form-data@2.3.3
function-bind@1.1.1
getpass@0.1.7
har-validator@5.1.5
has-color@0.1.7
has@1.0.3
http-signature@1.2.0
is-core-module@2.13.0
is-fullwidth-code-point@1.0.0
is-typedarray@1.0.0
isarray@1.0.0
isstream@0.1.2
jsbn@0.1.1
json-schema-traverse@0.4.1
jsprim@1.4.2
mime-db@1.52.0
mime-types@2.1.35
number-is-nan@1.0.1
object-assign@4.1.1
path-parse@1.0.7
performance-now@2.1.0
process-nextick-args@2.0.1
psl@1.9.0
punycode@2.3.0
readable-stream@2.3.8
resolve@1.22.6
retry@0.10.1
safe-buffer@5.1.2
safe-buffer@5.2.1
safer-buffer@2.1.2
spdx-expression-parse@3.0.1
sshpk@1.17.0
string-width@1.0.2
string_decoder@1.1.1
strip-ansi@3.0.1
supports-preserve-symlinks-flag@1.0.0
typedarray@0.0.6
util-deprecate@1.0.2
uuid@3.4.0
verror@1.10.0

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
Packages
aproba@1.2.0
are-we-there-yet@1.1.7
console-control-strings@1.1.0
gauge@2.6.0
graceful-fs@4.2.11
har-schema@2.0.0
has-unicode@2.0.1
hosted-git-info@2.8.9
inherits@2.0.4
json-stringify-safe@5.0.1
npm-package-arg@4.2.1
npm-registry-client@7.3.0
npmlog@3.1.2
once@1.4.0
semver@5.7.2
set-blocking@2.0.0
signal-exit@3.0.7
slide@1.1.6
wide-align@1.1.5
wrappy@1.0.2

Apache License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
use-patent-claims
place-warranty
Cannot
hold-liable
use-trademark
Must
include-copyright
include-license
state-changes
include-notice
Packages
aws-sign2@0.7.0
caseless@0.12.0
forever-agent@0.6.1
oauth-sign@0.9.0
request@2.88.2
spdx-correct@3.2.0
tunnel-agent@0.6.0
validate-npm-package-license@3.0.4

BSD 3-Clause "New" or "Revised" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
use-trademark
hold-liable
Must
include-copyright
include-license
Packages
bcrypt-pbkdf@1.0.2
qs@6.5.3
tough-cookie@2.5.0

BSD 2-Clause "Simplified" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
hold-liable
Must
include-copyright
include-license
Packages
normalize-package-data@2.5.0
uri-js@4.4.1

(AFL-2.1 OR BSD-3-Clause)

Permissive
Packages
json-schema@0.4.0

Creative Commons Attribution 3.0 Unported

Uncategorized
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
Cannot
Must
Packages
spdx-exceptions@2.3.0

Creative Commons Zero v1.0 Universal

Public Domain
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
Cannot
Must
Packages
spdx-license-ids@3.0.15

The Unlicense

Public Domain
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
private-use
modify
Cannot
include-copyright
hold-liable
Must
Packages
tweetnacl@0.14.5
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Dependencies

97
Get CSV
Name Version Size License Type Vulnerabilities
ajv 6.12.6 197.63 kB MIT prod
ansi-regex 2.1.1 2.29 kB MIT prod optional
aproba 1.2.0 3.44 kB ISC prod optional
are-we-there-yet 1.1.7 5.11 kB ISC prod optional
asn1 0.2.6 5.84 kB MIT prod
assert-plus 1.0.0 3.85 kB MIT prod
asynckit 0.4.0 7.92 kB MIT prod
aws-sign2 0.7.0 5.04 kB Apache-2.0 prod
aws4 1.12.0 8.06 kB MIT prod
bcrypt-pbkdf 1.0.2 10.85 kB BSD-3-Clause prod
buffer-from 1.1.2 2.26 kB MIT prod
caseless 0.12.0 5.2 kB Apache-2.0 prod
code-point-at 1.1.0 1.73 kB MIT prod optional
combined-stream 1.0.8 3.97 kB MIT prod
concat-stream 1.6.2 3.72 kB MIT prod
console-control-strings 1.1.0 3.26 kB ISC prod optional
core-util-is 1.0.2 6.85 kB MIT prod
core-util-is 1.0.3 1.85 kB MIT prod
dashdash 1.14.1 22.99 kB MIT prod
delayed-stream 1.0.0 3.38 kB MIT prod
delegates 1.0.0 2.78 kB MIT prod optional
ecc-jsbn 0.1.2 7.91 kB MIT prod
extend 3.0.2 7.09 kB MIT prod
extsprintf 1.3.0 8.8 kB MIT prod
fast-deep-equal 3.1.3 3.57 kB MIT prod
fast-json-stable-stringify 2.1.0 6.17 kB MIT prod
forever-agent 0.6.1 4.92 kB Apache-2.0 prod
form-data 2.3.3 33.47 kB MIT prod
function-bind 1.1.1 6.15 kB MIT prod
gauge 2.6.0 20.13 kB ISC prod optional
getpass 0.1.7 2.54 kB MIT prod
graceful-fs 4.2.11 9.57 kB ISC prod
har-schema 2.0.0 3.54 kB ISC prod
har-validator 5.1.5 2.54 kB MIT prod 1
has-color 0.1.7 986 B MIT prod optional
has-unicode 2.0.1 1.92 kB ISC prod optional
has 1.0.3 1.52 kB MIT prod
hosted-git-info 2.8.9 7.92 kB ISC prod
http-signature 1.2.0 14.85 kB MIT prod
inherits 2.0.4 1.98 kB ISC prod
is-core-module 2.13.0 8.92 kB MIT prod
is-fullwidth-code-point 1.0.0 2.07 kB MIT prod optional
is-typedarray 1.0.0 1.84 kB MIT prod
isarray 1.0.0 1.97 kB MIT prod
isstream 0.1.2 3.67 kB MIT prod
jsbn 0.1.1 13.39 kB MIT prod
json-schema-traverse 0.4.1 5.02 kB MIT prod
json-schema 0.4.0 8.73 kB (AFL-2.1 OR BSD-3-Clause) prod
json-stringify-safe 5.0.1 3.92 kB ISC prod
jsprim 1.4.2 10.63 kB MIT prod
mime-db 1.52.0 26.36 kB MIT prod
mime-types 2.1.35 5.46 kB MIT prod
normalize-package-data 2.5.0 8.46 kB BSD-2-Clause prod 12
npm-package-arg 4.2.1 4.33 kB ISC prod
npm-registry-client 7.3.0 104.28 kB ISC prod
npmlog 3.1.2 6.08 kB ISC prod optional
number-is-nan 1.0.1 1.43 kB MIT prod optional
oauth-sign 0.9.0 5.07 kB Apache-2.0 prod
object-assign 4.1.1 2.61 kB MIT prod optional
once 1.4.0 1.93 kB ISC prod
path-parse 1.0.7 2.02 kB MIT prod
performance-now 2.1.0 4.46 kB MIT prod
process-nextick-args 2.0.1 1.62 kB MIT prod
psl 1.9.0 139.49 kB MIT prod
punycode 2.3.0 7.21 kB MIT prod
qs 6.5.3 27.47 kB BSD-3-Clause prod
readable-stream 2.3.8 25.14 kB MIT prod optional
request 2.88.2 57.83 kB Apache-2.0 prod 32
resolve 1.22.6 26.64 kB MIT prod
retry 0.10.1 9.13 kB MIT prod
safe-buffer 5.1.2 9.59 kB MIT prod
safe-buffer 5.2.1 9.74 kB MIT prod
safer-buffer 2.1.2 11.75 kB MIT prod
semver 5.7.2 17.45 kB ISC prod
set-blocking 2.0.0 2.16 kB ISC prod optional
signal-exit 3.0.7 3.76 kB ISC prod optional
slide 1.1.6 4.29 kB ISC prod
spdx-correct 3.2.0 7.07 kB Apache-2.0 prod 12
spdx-exceptions 2.3.0 1.34 kB CC-BY-3.0 prod 11
spdx-expression-parse 3.0.1 4.32 kB MIT prod 12
spdx-license-ids 3.0.15 3.89 kB CC0-1.0 prod 1
sshpk 1.17.0 54.41 kB MIT prod
string-width 1.0.2 2.03 kB MIT prod optional
string_decoder 1.1.1 4.72 kB MIT prod
strip-ansi 3.0.1 1.69 kB MIT prod optional
supports-preserve-symlinks-flag 1.0.0 3.72 kB MIT prod
tough-cookie 2.5.0 23.87 kB BSD-3-Clause prod 1
tunnel-agent 0.6.0 5.69 kB Apache-2.0 prod
tweetnacl 0.14.5 48.5 kB Unlicense prod
typedarray 0.0.6 7.31 kB MIT prod
uri-js 4.4.1 128.91 kB BSD-2-Clause prod
util-deprecate 1.0.2 2.19 kB MIT prod
uuid 3.4.0 11.87 kB MIT prod 1
validate-npm-package-license 3.0.4 5.54 kB Apache-2.0 prod 12
verror 1.10.0 11.99 kB MIT prod
wide-align 1.1.5 1.95 kB ISC prod optional
wrappy 1.0.2 1.64 kB ISC prod

Visualizations

Tree
Treemap

Recent Versions

Ready to start?

Get real-time protection against malicious scripts

Get started with Sandworm
Install Sandworm Audit
Sandworm Audit
Getting Started Issue Types Resolve Issues License Policies Npm Package List Composer Package List
Sandworm GUARD
Getting Started Supported Methods Describing Permissions Enforcing Permissions
TOS
Terms of Use Privacy Policy Security Cybersecurity Glossary
Get in touch
Sponsor Discuss Contact
More from Sandworm
Newsletter Blog