npm 4.0.2

a package manager for JavaScript

Repository

github.com/npm/npm

npm

npmjs.com/package/npm

Homepage

docs.npmjs.com/

Package Created

12 Jul 2013

Maintainers

Version Published

4 Nov 2016

Dependencies

227

Total Versions

517

License

Artistic-2.0

Issues

critical one critical severity issue

Insufficient Entropy in cryptiles

Recommendation: Upgrade to version 4.1.2 or later

cryptiles@2.0.5 via: node-gyp@3.4.0 & others

https://github.com/advisories/GHSA-rq8g-5pc5-wrhr

high 24 high severity issues

npm@4.0.2

Incorrect Permission Assignment for Critical Resource in NPM Recommendation: Upgrade to version 5.7.1 or later

via: npm@4.0.2
npm@4.0.2

npm Vulnerable to Global node_modules Binary Overwrite Recommendation: Upgrade to version 6.13.4 or later

via: npm@4.0.2
npm@4.0.2

npm symlink reference outside of node_modules Recommendation: Upgrade to version 6.13.3 or later

via: npm@4.0.2
npm@4.0.2

Arbitrary File Write in npm Recommendation: Upgrade to version 6.13.3 or later

via: npm@4.0.2
tar@2.2.2

Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization Recommendation: Upgrade to version 3.2.2 or later

via: node-gyp@3.4.0 & others
npm-user-validate@0.1.5

Regular expression denial of service in npm-user-validate Recommendation: Upgrade to version 1.0.1 or later

via: npm-user-validate@0.1.5
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning Recommendation: Upgrade to version 3.2.3 or later

via: node-gyp@3.4.0 & others
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links Recommendation: Upgrade to version 4.4.16 or later

via: node-gyp@3.4.0 & others
tar@2.2.2

Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization Recommendation: Upgrade to version 4.4.18 or later

via: node-gyp@3.4.0 & others
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links Recommendation: Upgrade to version 4.4.18 or later

via: node-gyp@3.4.0 & others
hawk@3.1.3

Uncontrolled Resource Consumption in Hawk Recommendation: Upgrade to version 9.0.1 or later

via: node-gyp@3.4.0 & others
sntp@1.0.9

Package uses an invalid SPDX license ("BSD") Recommendation: Validate that the package complies with your license policy

via: node-gyp@3.4.0 & others
spdx-exceptions@2.3.0

Package uses an atypical license ("CC-BY-3.0") Recommendation: Read and validate the license terms

via: init-package-json@1.9.6 & others
boom@2.10.1

Deprecated package

via: node-gyp@3.4.0 & others
cryptiles@2.0.5

Deprecated package

via: node-gyp@3.4.0 & others
es5-ext@0.10.62

Package uses postinstall script: " node -e "try{require('./_postinstall')}catch(e){}" || exit 0"

via: node-gyp@3.4.0 & others
hawk@3.1.3

Deprecated package

via: node-gyp@3.4.0 & others
hoek@2.16.3

Deprecated package

via: node-gyp@3.4.0 & others
node-uuid@1.4.8

Deprecated package

via: node-gyp@3.4.0 & others
read-package-tree@5.1.6

Deprecated package

via: read-package-tree@5.1.6
readdir-scoped-modules@1.1.0

Deprecated package

via: read-installed@4.0.3 & others
request@2.78.0

Deprecated package

via: node-gyp@3.4.0 & others
sntp@1.0.9

Deprecated package

via: node-gyp@3.4.0 & others
tar@2.2.2

Deprecated package

via: node-gyp@3.4.0 & others

moderate 6 moderate severity issues

npm@4.0.2

npm CLI exposing sensitive information through logs Recommendation: Upgrade to version 6.14.6 or later

via: npm@4.0.2
tunnel-agent@0.4.3

Memory Exposure in tunnel-agent Recommendation: Upgrade to version 0.6.0 or later

via: node-gyp@3.4.0 & others
hosted-git-info@2.1.5

Regular Expression Denial of Service in hosted-git-info Recommendation: Upgrade to version 2.8.9 or later

via: hosted-git-info@2.1.5 & others
hoek@2.16.3

Prototype Pollution in hoek Recommendation: Upgrade to version 4.2.1 or later

via: node-gyp@3.4.0 & others
request@2.78.0

Server-Side Request Forgery in Request Recommendation: None

via: node-gyp@3.4.0 & others
pinkie@2.0.4

Package has no specified source code repository

via: node-gyp@3.4.0 & others

low 5 low severity issues

npm-user-validate@0.1.5

Regular Expression Denial of Service in npm-user-validate Recommendation: Upgrade to version 1.0.1 or later

via: npm-user-validate@0.1.5
chownr@1.0.1

Time-of-check Time-of-use (TOCTOU) Race Condition in chownr Recommendation: Upgrade to version 1.1.0 or later

via: chownr@1.0.1
sntp@1.0.9

Package uses a license that is not OSI approved ("BSD") Recommendation: Read and validate the license terms

via: node-gyp@3.4.0 & others
spdx-exceptions@2.3.0

Package uses a license that is not OSI approved ("CC-BY-3.0") Recommendation: Read and validate the license terms

via: init-package-json@1.9.6 & others
spdx-license-ids@3.0.13

Package uses a license that is not OSI approved ("CC0-1.0") Recommendation: Read and validate the license terms

via: init-package-json@1.9.6 & others

Licenses

MIT License

Permissive OSI Approved

Can: commercial-use modify distribute sublicense private-use

Cannot: hold-liable

Must: include-copyright include-license

ansi-regex@2.1.1 ansi-styles@2.2.1 ansicolors@0.3.2 ansistyles@0.1.3 archy@1.0.0 array-index@1.0.0 asap@2.0.6 asn1@0.2.6 assert-plus@0.2.0 assert-plus@1.0.0 asynckit@0.4.0 aws4@1.12.0 balanced-match@1.0.2 brace-expansion@1.1.11 buffer-from@1.1.2 buffer-shims@1.0.0 builtin-modules@1.1.1 builtins@0.0.7 builtins@1.0.3 chalk@1.1.3 clone@1.0.4 code-point-at@1.1.0 columnify@1.5.4 combined-stream@1.0.8 commander@2.20.3 concat-map@0.0.1 concat-stream@1.6.2 config-chain@1.1.13 core-util-is@1.0.2 core-util-is@1.0.3 dashdash@1.14.1 debug@2.6.9 debuglog@1.0.1 defaults@1.0.4 delayed-stream@1.0.0 delegates@1.0.0 duplexify@3.7.1 ecc-jsbn@0.1.2 editor@1.0.0 end-of-stream@1.4.4 es6-iterator@2.0.3 escape-string-regexp@1.0.5 extend@3.0.2 extsprintf@1.3.0 flush-write-stream@1.1.1 form-data@2.1.4 from2@1.3.0 from2@2.3.0 generate-function@2.3.1 generate-object-property@1.2.0 getpass@0.1.7 has-ansi@2.0.0 has-color@0.1.7 http-signature@1.1.1 iferr@0.1.5 imurmurhash@0.1.4 is-builtin-module@1.0.0 is-fullwidth-code-point@1.0.0 is-my-ip-valid@1.0.1 is-my-json-valid@2.20.6 is-property@1.0.2 is-typedarray@1.0.0 isarray@0.0.1 isarray@1.0.0 isstream@0.1.2 jsbn@0.1.1 json-parse-better-errors@1.0.2 jsonparse@1.3.1 jsonpointer@5.0.1 jsprim@1.4.2 lodash._baseuniq@4.6.0 lodash._createset@4.0.3 lodash._root@3.0.1 lodash.clonedeep@4.5.0 lodash.union@4.6.0 lodash.uniq@4.5.0 lodash.without@4.4.0 mime-db@1.52.0 mime-types@2.1.35 minimist@1.2.8 mkdirp@0.5.6 ms@2.0.0 node-gyp@3.4.0 node-uuid@1.4.8 number-is-nan@1.0.1 object-assign@4.1.1 os-homedir@1.0.2 os-tmpdir@1.0.2 path-array@1.0.1 path-is-absolute@1.0.1 pinkie-promise@2.0.1 pinkie@2.0.4 process-nextick-args@1.0.7 process-nextick-args@2.0.1 pump@1.0.3 pump@2.0.1 pumpify@1.5.1 punycode@1.4.1 readable-stream@1.1.14 readable-stream@2.1.5 readable-stream@2.3.8 retry@0.10.1 safe-buffer@5.1.2 safer-buffer@2.1.2 slash@1.0.0 sorted-union-stream@2.1.3 spdx-expression-parse@3.0.1 sshpk@1.17.0 stream-each@1.2.3 stream-iterate@1.2.0 stream-shift@1.0.1 string-width@1.0.2 string_decoder@0.10.31 string_decoder@1.1.1 stringstream@0.0.6 strip-ansi@3.0.1 supports-color@2.0.0 text-table@0.2.0 through@2.3.8 through2@2.0.5 typedarray@0.0.6 umask@1.1.0 unpipe@1.0.0 util-deprecate@1.0.2 util-extend@1.0.3 verror@1.10.0 wcwidth@1.0.1 xtend@4.0.2

ISC License

Permissive OSI Approved

Can: commercial-use modify distribute

Cannot: hold-liable

Must: include-copyright include-license

abbrev@1.0.9 aproba@1.0.4 are-we-there-yet@1.1.7 block-stream@0.0.9 chownr@1.0.1 console-control-strings@1.1.0 d@1.0.1 dezalgo@1.0.4 es5-ext@0.10.62 es6-symbol@3.1.3 ext@1.7.0 fs-vacuum@1.2.10 fs-write-stream-atomic@1.0.10 fs.realpath@1.0.0 fstream-ignore@1.0.5 fstream-npm@1.2.1 fstream@1.0.12 gauge@2.6.0 gauge@2.7.4 glob@7.1.7 graceful-fs@4.1.15 har-validator@2.0.6 has-unicode@2.0.1 hosted-git-info@2.1.5 inflight@1.0.6 inherits@2.0.4 ini@1.3.8 init-package-json@1.9.6 isexe@2.0.0 json-stringify-safe@5.0.1 lockfile@1.0.4 minimatch@3.1.2 mute-stream@0.0.8 next-tick@1.1.0 nopt@3.0.6 normalize-git-url@3.0.2 npm-cache-filename@1.0.2 npm-package-arg@4.2.1 npm-registry-client@7.3.0 npmlog@3.1.2 npmlog@4.0.2 once@1.4.0 osenv@0.1.5 promzard@0.3.0 proto-list@1.2.4 read-cmd-shim@1.0.5 read-installed@4.0.3 read-package-json@2.0.13 read-package-tree@5.1.6 read@1.0.7 readdir-scoped-modules@1.1.0 realize-package-specifier@3.0.3 rimraf@2.5.4 semver@5.3.0 set-blocking@2.0.0 signal-exit@3.0.7 slide@1.1.6 tar@2.2.2 type@1.2.0 type@2.7.2 uid-number@0.0.6 unique-filename@1.1.1 unique-slug@2.0.2 validate-npm-package-name@2.2.2 validate-npm-package-name@3.0.0 which@1.2.14 wide-align@1.1.5 wrappy@1.0.2 write-file-atomic@1.2.0

Apache License 2.0

Permissive OSI Approved

Can: commercial-use modify distribute sublicense private-use use-patent-claims place-warranty

Cannot: hold-liable use-trademark

Must: include-copyright include-license state-changes include-notice

aws-sign2@0.6.0 caseless@0.11.0 forever-agent@0.6.1 oauth-sign@0.8.2 request@2.78.0 spdx-correct@3.2.0 tunnel-agent@0.4.3 validate-npm-package-license@3.0.4

BSD 3-Clause "New" or "Revised" License

Permissive OSI Approved

Can: commercial-use modify distribute place-warranty

Cannot: use-trademark hold-liable

Must: include-copyright include-license

bcrypt-pbkdf@1.0.2 boom@2.10.1 cryptiles@2.0.5 hawk@3.1.3 hoek@2.16.3 qs@6.3.3 tough-cookie@2.3.4

BSD 2-Clause "Simplified" License

Permissive OSI Approved

Can: commercial-use modify distribute place-warranty

Cannot: hold-liable

Must: include-copyright include-license

cmd-shim@2.0.2 mississippi@1.2.0 normalize-package-data@2.3.8 npm-install-checks@3.0.2 npm-user-validate@0.1.5

(WTFPL OR MIT)

Permissive

opener@1.4.3 path-is-inside@1.0.2 sorted-object@2.0.1

(MIT OR Apache-2.0)

Permissive

JSONStream@1.2.1

(AFL-2.1 OR BSD-3-Clause)

Permissive

json-schema@0.4.0

(BSD-2-Clause OR MIT)

Permissive

sha@2.0.1

BSD

Invalid Not OSI Approved

sntp@1.0.9

Creative Commons Attribution 3.0 Unported

Uncategorized Not OSI Approved

Can:

Cannot:

Must:

spdx-exceptions@2.3.0

Creative Commons Zero v1.0 Universal

Public Domain Not OSI Approved

Can:

Cannot:

Must:

spdx-license-ids@3.0.13

The Unlicense

Public Domain OSI Approved

Can: commercial-use private-use modify

Cannot: include-copyright hold-liable

Must:

tweetnacl@0.14.5

Dependencies

227

Get CSV

Name	Version	Size	License	Type	Vulnerabilities
JSONStream	1.2.1	135.32 kB	(MIT OR Apache-2.0)	prod
abbrev	1.0.9	1.76 kB	ISC	prod
ansi-regex	2.1.1	2.29 kB	MIT	prod dev
ansi-styles	2.2.1	2.39 kB	MIT	prod
ansicolors	0.3.2	2.8 kB	MIT	prod
ansistyles	0.1.3	2.57 kB	MIT	prod
aproba	1.0.4	2.45 kB	ISC	prod
archy	1.0.0	2.95 kB	MIT	prod
are-we-there-yet	1.1.7	5.11 kB	ISC	prod
array-index	1.0.0	5.52 kB	MIT	prod	1
asap	2.0.6	11.14 kB	MIT	prod
asn1	0.2.6	5.84 kB	MIT	prod
assert-plus	0.2.0	3.72 kB	MIT	prod
assert-plus	1.0.0	3.85 kB	MIT	prod
asynckit	0.4.0	7.92 kB	MIT	prod dev
aws-sign2	0.6.0	5.05 kB	Apache-2.0	prod dev
aws4	1.12.0	8.06 kB	MIT	prod dev
balanced-match	1.0.2	2.61 kB	MIT	prod
bcrypt-pbkdf	1.0.2	10.85 kB	BSD-3-Clause	prod
block-stream	0.0.9	3.64 kB	ISC	prod
boom	2.10.1	38.57 kB	BSD-3-Clause	prod	21
brace-expansion	1.1.11	4.14 kB	MIT	prod
buffer-from	1.1.2	2.26 kB	MIT	prod
buffer-shims	1.0.0	2.11 kB	MIT	prod
builtin-modules	1.1.1	1.93 kB	MIT	prod
builtins	0.0.7	877 B	MIT	prod
builtins	1.0.3	1.59 kB	MIT	prod
caseless	0.11.0	5.05 kB	Apache-2.0	prod dev
chalk	1.1.3	5.11 kB	MIT	prod dev
chownr	1.0.1	1.45 kB	ISC	prod	1
clone	1.0.4	4.35 kB	MIT	prod
cmd-shim	2.0.2	4.96 kB	BSD-2-Clause	prod
code-point-at	1.1.0	1.73 kB	MIT	prod dev
columnify	1.5.4	9.47 kB	MIT	prod
combined-stream	1.0.8	3.97 kB	MIT	prod dev
commander	2.20.3	18.26 kB	MIT	prod
concat-map	0.0.1	2.21 kB	MIT	prod
concat-stream	1.6.2	3.72 kB	MIT	prod dev
config-chain	1.1.13	5.84 kB	MIT	prod
console-control-strings	1.1.0	3.26 kB	ISC	prod
core-util-is	1.0.2	6.85 kB	MIT	prod
core-util-is	1.0.3	1.85 kB	MIT	prod
cryptiles	2.0.5	2.84 kB	BSD-3-Clause	prod	131
d	1.0.1	6.28 kB	ISC	prod dev	1
dashdash	1.14.1	22.99 kB	MIT	prod
debug	2.6.9	16.13 kB	MIT	prod dev peer
debuglog	1.0.1	1.88 kB	MIT	prod
defaults	1.0.4	1.93 kB	MIT	prod dev
delayed-stream	1.0.0	3.38 kB	MIT	prod
delegates	1.0.0	2.78 kB	MIT	prod
dezalgo	1.0.4	1.65 kB	ISC	prod
duplexify	3.7.1	4.92 kB	MIT	prod
ecc-jsbn	0.1.2	7.91 kB	MIT	prod
editor	1.0.0	1.82 kB	MIT	prod
end-of-stream	1.4.4	2.33 kB	MIT	prod
es5-ext	0.10.62	92.79 kB	ISC	prod dev	1
es6-iterator	2.0.3	8.07 kB	MIT	prod dev	1
es6-symbol	3.1.3	7.21 kB	ISC	prod dev	1
escape-string-regexp	1.0.5	1.54 kB	MIT	prod dev
ext	1.7.0	8.35 kB	ISC	prod
extend	3.0.2	7.09 kB	MIT	prod dev
extsprintf	1.3.0	8.8 kB	MIT	prod
flush-write-stream	1.1.1	2.47 kB	MIT	prod
forever-agent	0.6.1	4.92 kB	Apache-2.0	prod dev
form-data	2.1.4	7.4 kB	MIT	prod dev
from2	1.3.0	3.26 kB	MIT	prod
from2	2.3.0	3.65 kB	MIT	prod
fs-vacuum	1.2.10	5.69 kB	ISC	prod
fs-write-stream-atomic	1.0.10	5.49 kB	ISC	prod
fs.realpath	1.0.0	4.33 kB	ISC	prod
fstream-ignore	1.0.5	3.81 kB	ISC	prod
fstream-npm	1.2.1	6.6 kB	ISC	prod
fstream	1.0.12	16.61 kB	ISC	prod
gauge	2.6.0	20.13 kB	ISC	prod
gauge	2.7.4	15.64 kB	ISC	prod
generate-function	2.3.1	3.55 kB	MIT	prod
generate-object-property	1.2.0	1.6 kB	MIT	prod
getpass	0.1.7	2.54 kB	MIT	prod
glob	7.1.7	15.41 kB	ISC	prod dev
graceful-fs	4.1.15	8 kB	ISC	prod dev optional
har-validator	2.0.6	5.76 kB	ISC	prod dev	1
has-ansi	2.0.0	1.66 kB	MIT	prod
has-color	0.1.7	986 B	MIT	prod
has-unicode	2.0.1	1.92 kB	ISC	prod
hawk	3.1.3	118.94 kB	BSD-3-Clause	prod dev	1711
hoek	2.16.3	63.68 kB	BSD-3-Clause	prod	11
hosted-git-info	2.1.5	4.39 kB	ISC	prod	1
http-signature	1.1.1	14.87 kB	MIT	prod dev
iferr	0.1.5	2.47 kB	MIT	prod
imurmurhash	0.1.4	4.21 kB	MIT	prod
inflight	1.0.6	1.99 kB	ISC	prod dev
inherits	2.0.4	1.98 kB	ISC	prod dev
ini	1.3.8	3.9 kB	ISC	prod
init-package-json	1.9.6	7.75 kB	ISC	prod	112
is-builtin-module	1.0.0	1.51 kB	MIT	prod
is-fullwidth-code-point	1.0.0	2.07 kB	MIT	prod dev
is-my-ip-valid	1.0.1	4.54 kB	MIT	prod
is-my-json-valid	2.20.6	9.57 kB	MIT	prod dev
is-property	1.0.2	4.39 kB	MIT	prod
is-typedarray	1.0.0	1.84 kB	MIT	prod dev
isarray	0.0.1	2.68 kB	MIT	prod
isarray	1.0.0	1.97 kB	MIT	prod dev
isexe	2.0.0	3.67 kB	ISC	prod
isstream	0.1.2	3.67 kB	MIT	prod dev
jsbn	0.1.1	13.39 kB	MIT	prod
json-parse-better-errors	1.0.2	2.98 kB	MIT	prod
json-schema	0.4.0	8.73 kB	(AFL-2.1 OR BSD-3-Clause)	prod
json-stringify-safe	5.0.1	3.92 kB	ISC	prod dev
jsonparse	1.3.1	8.35 kB	MIT	prod
jsonpointer	5.0.1	2.71 kB	MIT	prod
jsprim	1.4.2	10.63 kB	MIT	prod
lockfile	1.0.4	9.4 kB	ISC	prod
lodash._baseuniq	4.6.0	6.13 kB	MIT	prod
lodash._createset	4.0.3	4.02 kB	MIT	prod
lodash._root	3.0.1	2.08 kB	MIT	prod
lodash.clonedeep	4.5.0	11.36 kB	MIT	prod
lodash.union	4.6.0	8.31 kB	MIT	prod
lodash.uniq	4.5.0	6.78 kB	MIT	prod
lodash.without	4.4.0	7.59 kB	MIT	prod
mime-db	1.52.0	26.36 kB	MIT	prod
mime-types	2.1.35	5.46 kB	MIT	prod dev
minimatch	3.1.2	11.66 kB	ISC	prod dev
minimist	1.2.8	15.16 kB	MIT	prod dev
mississippi	1.2.0	4.37 kB	BSD-2-Clause	prod
mkdirp	0.5.6	2.95 kB	MIT	prod dev
ms	2.0.0	2.81 kB	MIT	prod
mute-stream	0.0.8	2.6 kB	ISC	prod
next-tick	1.1.0	3.67 kB	ISC	prod
node-gyp	3.4.0	394.7 kB	MIT	prod	11641
node-uuid	1.4.8	13.8 kB	MIT	prod	1
nopt	3.0.6	10.07 kB	ISC	prod
normalize-git-url	3.0.2	3.09 kB	ISC	prod
normalize-package-data	2.3.8	8.49 kB	BSD-2-Clause	prod	112
npm-cache-filename	1.0.2	1.69 kB	ISC	prod
npm-install-checks	3.0.2	3.24 kB	BSD-2-Clause	prod
npm-package-arg	4.2.1	4.33 kB	ISC	prod	1
npm-registry-client	7.3.0	104.28 kB	ISC	prod	11053
npm-user-validate	0.1.5	2.35 kB	BSD-2-Clause	prod	11
npmlog	3.1.2	6.08 kB	ISC	prod optional
npmlog	4.0.2	6.28 kB	ISC	prod
number-is-nan	1.0.1	1.43 kB	MIT	prod
oauth-sign	0.8.2	5.01 kB	Apache-2.0	prod dev
object-assign	4.1.1	2.61 kB	MIT	prod dev
once	1.4.0	1.93 kB	ISC	prod dev
opener	1.4.3	2.84 kB	(WTFPL OR MIT)	prod dev
os-homedir	1.0.2	1.72 kB	MIT	prod dev
os-tmpdir	1.0.2	1.75 kB	MIT	prod
osenv	0.1.5	2.25 kB	ISC	prod
path-array	1.0.1	3.9 kB	MIT	prod	1
path-is-absolute	1.0.1	1.84 kB	MIT	prod dev
path-is-inside	1.0.2	1.78 kB	(WTFPL OR MIT)	prod dev
pinkie-promise	2.0.1	1.5 kB	MIT	prod	1
pinkie	2.0.4	3.84 kB	MIT	prod	1
process-nextick-args	1.0.7	1.88 kB	MIT	prod
process-nextick-args	2.0.1	1.62 kB	MIT	prod
promzard	0.3.0	8.95 kB	ISC	prod
proto-list	1.2.4	2.04 kB	ISC	prod
pump	1.0.3	2.92 kB	MIT	prod
pump	2.0.1	3.06 kB	MIT	prod
pumpify	1.5.1	3.4 kB	MIT	prod
punycode	1.4.1	7.87 kB	MIT	prod dev
qs	6.3.3	22.99 kB	BSD-3-Clause	prod dev
read-cmd-shim	1.0.5	2.07 kB	ISC	prod
read-installed	4.0.3	8.1 kB	ISC	prod	212
read-package-json	2.0.13	6.32 kB	ISC	prod	112
read-package-tree	5.1.6	3.9 kB	ISC	prod	312
read	1.0.7	2.61 kB	ISC	prod
readable-stream	1.1.14	20.15 kB	MIT	prod
readable-stream	2.1.5	36.75 kB	MIT	prod dev optional
readable-stream	2.3.8	25.14 kB	MIT	prod
readdir-scoped-modules	1.1.0	1.85 kB	ISC	prod	1
realize-package-specifier	3.0.3	4.95 kB	ISC	prod	1
request	2.78.0	55.95 kB	Apache-2.0	prod dev	1941
retry	0.10.1	9.13 kB	MIT	prod
rimraf	2.5.4	5 kB	ISC	prod
safe-buffer	5.1.2	9.59 kB	MIT	prod
safer-buffer	2.1.2	11.75 kB	MIT	prod
semver	5.3.0	14.74 kB	ISC	prod
set-blocking	2.0.0	2.16 kB	ISC	prod
sha	2.0.1	3.49 kB	(BSD-2-Clause OR MIT)	prod
signal-exit	3.0.7	3.76 kB	ISC	prod dev
slash	1.0.0	1020 B	MIT	prod
slide	1.1.6	4.29 kB	ISC	prod
sntp	1.0.9	6.69 kB	BSD	prod	311
sorted-object	2.0.1	1.5 kB	(WTFPL OR MIT)	prod
sorted-union-stream	2.1.3	2.71 kB	MIT	prod
spdx-correct	3.2.0	7.07 kB	Apache-2.0	prod	12
spdx-exceptions	2.3.0	1.34 kB	CC-BY-3.0	prod	11
spdx-expression-parse	3.0.1	4.32 kB	MIT	prod	12
spdx-license-ids	3.0.13	3.75 kB	CC0-1.0	prod	1
sshpk	1.17.0	54.41 kB	MIT	prod
stream-each	1.2.3	2.7 kB	MIT	prod
stream-iterate	1.2.0	2.36 kB	MIT	prod
stream-shift	1.0.1	1.8 kB	MIT	prod
string-width	1.0.2	2.03 kB	MIT	prod dev
string_decoder	0.10.31	3.52 kB	MIT	prod
string_decoder	1.1.1	4.72 kB	MIT	prod
stringstream	0.0.6	2.4 kB	MIT	prod dev
strip-ansi	3.0.1	1.69 kB	MIT	prod dev
supports-color	2.0.0	1.91 kB	MIT	prod peer
tar	2.2.2	211.58 kB	ISC	prod	6
text-table	0.2.0	3.81 kB	MIT	prod dev
through	2.3.8	4.36 kB	MIT	prod dev
through2	2.0.5	3.96 kB	MIT	prod
tough-cookie	2.3.4	61.15 kB	BSD-3-Clause	prod dev
tunnel-agent	0.4.3	5.64 kB	Apache-2.0	prod dev	1
tweetnacl	0.14.5	48.5 kB	Unlicense	prod
type	1.2.0	17.68 kB	ISC	prod
type	2.7.2	19.86 kB	ISC	prod dev
typedarray	0.0.6	7.31 kB	MIT	prod
uid-number	0.0.6	2 kB	ISC	prod
umask	1.1.0	4.04 kB	MIT	prod
unique-filename	1.1.1	13.26 kB	ISC	prod
unique-slug	2.0.2	1.57 kB	ISC	prod
unpipe	1.0.0	2.05 kB	MIT	prod dev
util-deprecate	1.0.2	2.19 kB	MIT	prod
util-extend	1.0.3	1.57 kB	MIT	prod dev
validate-npm-package-license	3.0.4	5.54 kB	Apache-2.0	prod	12
validate-npm-package-name	2.2.2	3.36 kB	ISC	prod
validate-npm-package-name	3.0.0	5.25 kB	ISC	prod
verror	1.10.0	11.99 kB	MIT	prod
wcwidth	1.0.1	5.68 kB	MIT	prod
which	1.2.14	4.06 kB	ISC	prod dev
wide-align	1.1.5	1.95 kB	ISC	prod
wrappy	1.0.2	1.64 kB	ISC	prod
write-file-atomic	1.2.0	2.56 kB	ISC	prod
xtend	4.0.2	2.47 kB	MIT	prod dev

🪱 Sandworm Audit For Your App

npm 4.0.2

Issues

critical one critical severity issue

high 24 high severity issues

moderate 6 moderate severity issues

low 5 low severity issues

Licenses

MIT License

ISC License

Apache License 2.0

BSD 3-Clause "New" or "Revised" License

BSD 2-Clause "Simplified" License

(WTFPL OR MIT)

(MIT OR Apache-2.0)

(AFL-2.1 OR BSD-3-Clause)

(BSD-2-Clause OR MIT)

BSD

Creative Commons Attribution 3.0 Unported

Creative Commons Zero v1.0 Universal

The Unlicense

Dependencies

Get real-time protection against malicious scripts