Generated on May 20, 2024 via pnpm

Npm

Home

pubnub 4.34.1

Publish & Subscribe Real-time Messaging with PubNub

cloud

publish

Package summary

issues

licenses

Package created

5 Jan 2012

Version published

22 Nov 2021

Maintainers

Total deps

989

Direct deps

License

MIT

Issues

4 critical severity issues

critical

vm2@3.9.19

vm2 Sandbox Escape vulnerability

Recommendation: None

via: superagent-proxy@3.0.0

vm2@3.9.19

vm2 Sandbox Escape vulnerability

Recommendation: None

via: superagent-proxy@3.0.0

@segment/loosely-validate-event@2.0.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: isomorphic-webcrypto@2.3.8

valid-url@1.0.9

Package has no specified license

Recommendation: Check the package code and files for license information

via: isomorphic-webcrypto@2.3.8

Collapse

Expand

11 high severity issues

high

jackspeak@2.3.6

Package uses an atypical license ("BlueOak-1.0.0")

Recommendation: Read and validate the license terms

via: isomorphic-webcrypto@2.3.8

path-scurry@1.11.1

Package uses an atypical license ("BlueOak-1.0.0")

Recommendation: Read and validate the license terms

via: isomorphic-webcrypto@2.3.8

caniuse-lite@1.0.30001620

Package uses an atypical license ("CC-BY-4.0")

Recommendation: Read and validate the license terms

via: isomorphic-webcrypto@2.3.8

qrcode-terminal@0.11.0

Package uses an invalid SPDX license ("Apache 2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

rc@1.2.8

Package uses a custom license expression: `(BSD-2-Clause OR MIT OR Apache-2.0)`

Recommendation: Validate that the license expression complies with your license policy

via: isomorphic-webcrypto@2.3.8

readline@1.3.0

Package uses an invalid SPDX license ("BSD")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

@unimodules/core@7.1.2

Deprecated package

via: isomorphic-webcrypto@2.3.8

@unimodules/react-native-adapter@6.3.9

Deprecated package

via: isomorphic-webcrypto@2.3.8

formidable@1.2.6

Deprecated package

via: superagent-proxy@3.0.0 & others

querystring@0.2.1

Deprecated package

via: isomorphic-webcrypto@2.3.8

superagent@6.1.0

Deprecated package

via: superagent-proxy@3.0.0 & others

Collapse

Expand

18 moderate severity issues

moderate

pubnub@4.34.1

pubnub Insufficient Entropy vulnerability

Recommendation: Upgrade to version 7.4.0 or later

via: pubnub@4.34.1

pubnub@4.34.1

pubnub Insufficient Entropy vulnerability

Recommendation: Upgrade to version 7.4.0 or later

via: pubnub@4.34.1

lightningcss-darwin-arm64@1.19.0

Package uses a problematic Weakly Protective license ("MPL-2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

lightningcss-darwin-x64@1.19.0

Package uses a problematic Weakly Protective license ("MPL-2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

lightningcss-linux-arm-gnueabihf@1.19.0

Package uses a problematic Weakly Protective license ("MPL-2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

lightningcss-linux-arm64-gnu@1.19.0

Package uses a problematic Weakly Protective license ("MPL-2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

lightningcss-linux-arm64-musl@1.19.0

Package uses a problematic Weakly Protective license ("MPL-2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

lightningcss-linux-x64-gnu@1.19.0

Package uses a problematic Weakly Protective license ("MPL-2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

lightningcss-linux-x64-musl@1.19.0

Package uses a problematic Weakly Protective license ("MPL-2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

lightningcss-win32-x64-msvc@1.19.0

Package uses a problematic Weakly Protective license ("MPL-2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

lightningcss@1.19.0

Package uses a problematic Weakly Protective license ("MPL-2.0")

Recommendation: Validate that the package complies with your license policy

via: isomorphic-webcrypto@2.3.8

@expo/sdk-runtime-versions@1.0.0

Package has no specified source code repository

via: isomorphic-webcrypto@2.3.8

@peculiar/asn1-schema@2.3.8

Package has no specified source code repository

via: isomorphic-webcrypto@2.3.8

@segment/loosely-validate-event@2.0.0

Package has no specified source code repository

via: isomorphic-webcrypto@2.3.8

babel-core@7.0.0-bridge.0

Package has no specified source code repository

via: isomorphic-webcrypto@2.3.8

join-component@1.1.0

Package has no specified source code repository

via: isomorphic-webcrypto@2.3.8

lighthouse-logger@1.4.2

Package has no specified source code repository

via: isomorphic-webcrypto@2.3.8

minipass-pipeline@1.2.4

Package has no specified source code repository

via: isomorphic-webcrypto@2.3.8

Collapse

Expand

5 low severity issues

low

jackspeak@2.3.6

Package uses a license that is not OSI approved ("BlueOak-1.0.0")

Recommendation: Read and validate the license terms

via: isomorphic-webcrypto@2.3.8

path-scurry@1.11.1

Package uses a license that is not OSI approved ("BlueOak-1.0.0")

Recommendation: Read and validate the license terms

via: isomorphic-webcrypto@2.3.8

caniuse-lite@1.0.30001620

Package uses a license that is not OSI approved ("CC-BY-4.0")

Recommendation: Read and validate the license terms

via: isomorphic-webcrypto@2.3.8

qrcode-terminal@0.11.0

Package uses a license that is not OSI approved ("Apache 2.0")

Recommendation: Read and validate the license terms

via: isomorphic-webcrypto@2.3.8

readline@1.3.0

Package uses a license that is not OSI approved ("BSD")

Recommendation: Read and validate the license terms

via: isomorphic-webcrypto@2.3.8

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

835 Packages, Including:

@babel/code-frame@7.10.4

@babel/code-frame@7.24.2

@babel/compat-data@7.24.4

@babel/core@7.24.5

@babel/generator@7.24.5

@babel/helper-annotate-as-pure@7.22.5

@babel/helper-builder-binary-assignment-operator-visitor@7.22.15

@babel/helper-compilation-targets@7.23.6

@babel/helper-create-class-features-plugin@7.24.5

@babel/helper-create-regexp-features-plugin@7.22.15

@babel/helper-define-polyfill-provider@0.6.2

@babel/helper-environment-visitor@7.22.20

@babel/helper-function-name@7.23.0

@babel/helper-hoist-variables@7.22.5

@babel/helper-member-expression-to-functions@7.24.5

@babel/helper-module-imports@7.24.3

@babel/helper-module-transforms@7.24.5

@babel/helper-optimise-call-expression@7.22.5

@babel/helper-plugin-utils@7.24.5

@babel/helper-remap-async-to-generator@7.22.20

@babel/helper-replace-supers@7.24.1

@babel/helper-simple-access@7.24.5

@babel/helper-skip-transparent-expression-wrappers@7.22.5

@babel/helper-split-export-declaration@7.24.5

@babel/helper-string-parser@7.24.1

@babel/helper-validator-identifier@7.24.5

@babel/helper-validator-option@7.23.5

@babel/helper-wrap-function@7.24.5

@babel/helpers@7.24.5

@babel/highlight@7.24.5

@babel/parser@7.24.5

@babel/plugin-bugfix-firefox-class-in-computed-class-key@7.24.5

@babel/plugin-bugfix-safari-id-destructuring-collision-in-function-expression@7.24.1

@babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining@7.24.1

@babel/plugin-bugfix-v8-static-class-fields-redefine-readonly@7.24.1

@babel/plugin-proposal-async-generator-functions@7.20.7

@babel/plugin-proposal-class-properties@7.18.6

@babel/plugin-proposal-decorators@7.24.1

@babel/plugin-proposal-export-default-from@7.24.1

@babel/plugin-proposal-logical-assignment-operators@7.20.7

@babel/plugin-proposal-nullish-coalescing-operator@7.18.6

@babel/plugin-proposal-numeric-separator@7.18.6

@babel/plugin-proposal-object-rest-spread@7.20.7

@babel/plugin-proposal-optional-catch-binding@7.18.6

@babel/plugin-proposal-optional-chaining@7.21.0

@babel/plugin-proposal-private-property-in-object@7.21.0-placeholder-for-preset-env.2

@babel/plugin-syntax-async-generators@7.8.4

@babel/plugin-syntax-class-properties@7.12.13

@babel/plugin-syntax-class-static-block@7.14.5

@babel/plugin-syntax-decorators@7.24.1

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

72 Packages, Including:

@isaacs/cliui@8.0.2

@isaacs/ttlcache@1.4.1

@npmcli/fs@3.1.1

anymatch@3.1.3

at-least-node@1.0.0

cacache@18.0.3

chownr@2.0.0

cliui@6.0.0

cliui@8.0.1

electron-to-chromium@1.4.774

fastq@1.17.1

foreground-child@3.1.1

fs-minipass@2.1.0

fs-minipass@3.0.3

fs.realpath@1.0.0

get-caller-file@2.0.5

glob-parent@5.1.2

glob@10.3.15

glob@6.0.4

glob@7.1.6

glob@7.2.3

graceful-fs@4.2.11

hosted-git-info@3.0.8

inflight@1.0.6

inherits@2.0.4

ini@1.3.8

isexe@2.0.0

lru-cache@10.2.2

lru-cache@5.1.1

lru-cache@6.0.0

minimatch@3.1.2

minimatch@9.0.4

minipass-collect@2.0.1

minipass-flush@1.0.5

minipass-pipeline@1.2.4

minipass@3.3.6

minipass@5.0.0

minipass@7.1.1

npm-package-arg@7.0.0

once@1.4.0

osenv@0.1.5

picocolors@1.0.1

require-main-filename@2.0.0

rimraf@2.4.5

rimraf@2.6.3

rimraf@2.7.1

rimraf@3.0.2

sax@1.3.0

semver@5.7.2

semver@6.3.1

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

26 Packages, Including:

@expo/xcpretty@4.3.1

@hapi/hoek@9.3.0

@hapi/topo@5.1.0

@react-native/debugger-frontend@0.74.83

@sideway/address@4.1.5

@sideway/formula@3.0.1

@sideway/pinpoint@2.0.0

@sinonjs/commons@3.0.1

@sinonjs/fake-timers@10.3.0

asn1js@3.0.5

charenc@0.0.2

crypt@0.0.2

fbemitter@3.0.0

ieee754@1.2.1

joi@17.13.1

makeerror@1.0.12

md5@2.2.1

md5@2.3.0

qs@6.12.1

source-map-js@1.2.0

source-map@0.5.7

source-map@0.6.1

source-map@0.7.4

sprintf-js@1.0.3

sprintf-js@1.1.3

tmpl@1.0.5

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

14 Packages, Including:

@ampproject/remapping@2.3.0

@rnx-kit/chromium-edge-launcher@1.0.0

bser@2.1.1

chrome-launcher@0.15.2

detect-libc@1.0.3

fb-watchman@2.0.2

find-yarn-workspace-root@2.0.0

human-signals@2.1.0

lighthouse-logger@1.4.2

marky@1.2.5

msrcrypto@1.5.8

ts-interface-checker@0.1.13

walker@1.0.8

xcode@3.0.1

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

14 Packages, Including:

default-gateway@4.2.0

dotenv-expand@11.0.6

dotenv@16.4.5

escodegen@1.14.3

esprima@4.0.1

estraverse@4.3.0

esutils@2.0.3

fontfaceobserver@2.3.0

jsc-android@250231.0.0

memory-cache@0.2.0

regjsparser@0.9.1

terser@5.31.0

webidl-conversions@3.0.1

webidl-conversions@5.0.0

Mozilla Public License 2.0

Weakly Protective

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

place-warranty

use-patent-claims

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

disclose-source

include-original

9 Packages, Including:

lightningcss-darwin-arm64@1.19.0

lightningcss-darwin-x64@1.19.0

lightningcss-linux-arm-gnueabihf@1.19.0

lightningcss-linux-arm64-gnu@1.19.0

lightningcss-linux-arm64-musl@1.19.0

lightningcss-linux-x64-gnu@1.19.0

lightningcss-linux-x64-musl@1.19.0

lightningcss-win32-x64-msvc@1.19.0

lightningcss@1.19.0

(MIT OR CC0-1.0)

Public Domain

4 Packages, Including:

type-fest@0.16.0

type-fest@0.21.3

type-fest@0.3.1

type-fest@0.7.1

BSD Zero Clause License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

include-copyright

include-license

include-original

Cannot

hold-liable

Must

3 Packages, Including:

jsc-safe-url@0.2.4

password-prompt@1.1.3

tslib@2.6.2

N/A

2 Packages, Including:

@segment/loosely-validate-event@2.0.0

valid-url@1.0.9

The Unlicense

Public Domain

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

private-use

modify

Cannot

include-copyright

hold-liable

Must

2 Packages, Including:

big-integer@1.6.52

stream-buffers@2.2.0

Blue Oak Model License 1.0.0

Uncategorized

Not OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

Cannot

Must

2 Packages, Including:

jackspeak@2.3.6

path-scurry@1.11.1

Python License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

state-changes

1 Packages, Including:

argparse@2.0.1

Creative Commons Attribution 4.0 International

Uncategorized

Not OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

Cannot

Must

1 Packages, Including:

caniuse-lite@1.0.30001620

(BSD-3-Clause OR GPL-2.0)

Permissive

1 Packages, Including:

node-forge@1.3.1

Apache 2.0

Invalid

Not OSI Approved

1 Packages, Including:

qrcode-terminal@0.11.0

(BSD-2-Clause OR MIT OR Apache-2.0)

Expression

1 Packages, Including:

rc@1.2.8

BSD

Invalid

Not OSI Approved

1 Packages, Including:

readline@1.3.0

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of pubnub 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
@babel/runtime	7.24.5	256.12 kB	MIT	prod optional
@tsconfig/node12	1.0.11	1.32 kB	MIT	prod
agentkeepalive	3.5.3	33.41 kB	MIT	prod
cbor-js	0.1.0	4.49 kB	MIT	prod
cbor-sync	1.0.4	8.33 kB	MIT	prod
isomorphic-webcrypto	2.3.8	54.99 kB	MIT	prod	2 9 16 5
lil-uuid	0.1.1	5.13 kB	MIT	prod
superagent-proxy	3.0.0	4.2 kB	MIT	prod	2 2
superagent	6.1.0	209.51 kB	MIT	prod peer	2