Home
Docs
GitHub
Pricing
Blog
Log In
DOCS
GITHUB
PRICING
BLOG
Log In

Run Sandworm Audit for your App

Get started
Hold on, we're currently generating a fresh version of this report
Generated on Feb 27, 2024 via pnpm
Repo
Npm
Home

strongloop 2.9.2

StrongLoop Command Line Tools
Backend
LoopBack
Mobile
Platform
StrongLoop
alerts
analytics
agent
apm
build
bundle
cluster
config
dependencies
deploy
devops
event loop
forever
git
heap
heroku
logging
mBaaS
manager
master
memory
metrics
monitoring
nodeops
npm
npmrc
openshift
ops
performance
pm
process
profiler
profiling
registry
response
runner
service
slc
slowest functions
streams
strong-agent
strong-cli
strong-cluster-control
strong-pm
strong-supervisor
strongloop
strongops
supervisor
switch
time
upstart
Package summary
Share
374
issues
85
critical severity
vulnerability
19
license
66
172
high severity
vulnerability
49
license
69
meta
54
44
moderate severity
vulnerability
37
meta
7
73
low severity
vulnerability
8
license
65
41
licenses
1055
MIT
66
N/A
63
ISC
212
other licenses
Apache-2.0
55
BSD-3-Clause
33
BSD
29
BSD-2-Clause
26
+ 34 more
Package created
8 Jul 2014
Version published
2 Oct 2014
Maintainers
17
Total deps
1396
Direct deps
26
License
UNKNOWN

Issues

374

85 critical severity issues

critical
swagger-ui@2.0.24
Cross-Site Scripting in swagger-ui
Recommendation: Upgrade to version 2.2.1 or later
via: strong-pm@1.7.4
swagger-ui@2.0.24
Cross-Site Scripting in swagger-ui
Recommendation: Upgrade to version 2.2.1 or later
via: strong-pm@1.7.4
swagger-ui@2.0.24
Cross-site scripting in Swagger-UI
Recommendation: Upgrade to version 3.23.11 or later
via: strong-pm@1.7.4
ejs@2.7.4
ejs template injection vulnerability
Recommendation: Upgrade to version 3.1.7 or later
via: generator-loopback@1.25.0 & others
nodemailer@2.7.2
Command injection in nodemailer
Recommendation: Upgrade to version 6.4.16 or later
via: generator-loopback@1.25.0 & others
shell-quote@0.0.1
Potential Command Injection in shell-quote
Recommendation: Upgrade to version 1.6.1 or later
via: strong-pm@1.7.4
swagger-ui@2.0.24
Cross-Site Scripting in swagger-ui
Recommendation: Upgrade to version 2.2.1 or later
via: strong-pm@1.7.4
uglify-js@2.3.6
Incorrect Handling of Non-Boolean Comparisons During Minification in uglify-js
Recommendation: Upgrade to version 2.4.24 or later
via: strong-pm@1.7.4
decompress@3.0.0
Path Traversal in decompress
Recommendation: Upgrade to version 4.2.1 or later
via: generator-loopback@1.25.0
ejs@1.0.0
ejs is vulnerable to remote code execution due to weak input validation
Recommendation: Upgrade to version 2.5.5 or later
via: loopback-sdk-angular-cli@1.2.0 & others
morgan@1.6.1
Code Injection in morgan
Recommendation: Upgrade to version 1.9.1 or later
via: loopback-sdk-angular-cli@1.2.0 & others
lodash@3.10.1
Prototype Pollution in lodash
Recommendation: Upgrade to version 4.17.12 or later
via: generator-loopback@1.25.0 & others
deep-extend@0.4.2
Prototype Pollution in deep-extend
Recommendation: Upgrade to version 0.5.1 or later
via: generator-loopback@1.25.0 & others
handlebars@1.0.12
Prototype Pollution in handlebars
Recommendation: Upgrade to version 3.0.8 or later
via: strong-pm@1.7.4
handlebars@1.0.12
Remote code execution in handlebars when compiling templates
Recommendation: Upgrade to version 4.7.7 or later
via: strong-pm@1.7.4
underscore@1.7.0
Arbitrary Code Execution in underscore
Recommendation: Upgrade to version 1.12.1 or later
via: generator-loopback@1.25.0 & others
handlebars@1.0.12
Prototype Pollution in handlebars
Recommendation: Upgrade to version 4.7.7 or later
via: strong-pm@1.7.4
shell-quote@0.0.1
Improper Neutralization of Special Elements used in a Command in Shell-quote
Recommendation: Upgrade to version 1.7.3 or later
via: strong-pm@1.7.4
minimist@0.0.8
Prototype Pollution in minimist
Recommendation: Upgrade to version 0.2.4 or later
via: loopback-sdk-angular-cli@1.2.0 & others
JSONStream@0.8.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
asn1@0.1.11
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
assert-plus@0.1.5
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
aws-sign2@0.5.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
base64-js@0.0.2
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0 & others
browser-request@0.3.3
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
buffer-crc32@0.2.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
cli-color@0.2.3
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-registry@1.1.6
cli-table@0.3.11
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0
colors@0.6.2
Package has no specified license
Recommendation: Check the package code and files for license information
via: colors@0.6.2 & others
combined-stream@0.0.7
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
commander@1.3.2
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
commander@2.1.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
cookie-signature@1.0.3
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
cookie@0.1.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
ctype@0.5.3
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
cycle@1.0.3
Package has no specified license
Recommendation: Check the package code and files for license information
via: prompt@0.2.14
debug@0.7.4
Package has no specified license
Recommendation: Check the package code and files for license information
via: debug@0.7.4 & others
debug@0.8.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
debug@1.0.5
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0 & others
delayed-stream@0.0.5
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
domhandler@2.3.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0
domutils@1.4.3
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0
domutils@1.5.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0
duplex@1.0.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0 & others
ejs@1.0.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-sdk-angular-cli@1.2.0 & others
es5-ext@0.9.2
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-registry@1.1.6
escape-html@1.0.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
event-emitter@0.2.2
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-registry@1.1.6
forEachAsync@2.2.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: fs.extra@1.2.1
forever-agent@0.5.2
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
fresh@0.2.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
handlebars@1.0.12
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-pm@1.7.4
inherits@1.0.2
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-pm@1.7.4
ini@1.1.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: ini@1.1.0 & others
jayson@1.1.3
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
mime@1.2.11
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-sdk-angular-cli@1.2.0 & others
ms@0.7.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-sdk-angular-cli@1.2.0 & others
msgpack-js@0.3.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0 & others
mux-demux@3.7.9
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0 & others
node-inspector@0.7.5
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
oauth-sign@0.3.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
options@0.0.6
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0 & others
pad-component@0.0.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0
path-to-regexp@0.1.2
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
prompt@0.2.14
Package has no specified license
Recommendation: Check the package code and files for license information
via: prompt@0.2.14
qs@0.1.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-sdk-angular-cli@1.2.0
qs@0.6.6
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0 & others
range-parser@0.0.4
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
send@0.1.4
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
send@0.2.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
sequence@2.2.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: fs.extra@1.2.1
sprintf@0.1.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-pm@1.7.4
sse@0.0.7
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0 & others
statsd-udpkv-backend@0.2.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-pm@1.7.4 & others
statware@1.1.3
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-pm@1.7.4 & others
tinycolor@0.0.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
uglify-js@2.3.6
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-pm@1.7.4
uid2@0.0.3
Package has no specified license
Recommendation: Check the package code and files for license information
via: generator-loopback@1.25.0 & others
underscore@1.4.4
Package has no specified license
Recommendation: Check the package code and files for license information
via: strong-pm@1.7.4 & others
url2@0.0.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-sdk-angular-cli@1.2.0
utile@0.2.1
Package has no specified license
Recommendation: Check the package code and files for license information
via: prompt@0.2.14
uuid@1.4.2
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
weak-map@1.0.0
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-sdk-angular-cli@1.2.0
ws@0.4.32
Package has no specified license
Recommendation: Check the package code and files for license information
via: node-inspector@0.7.5
xml2js@0.2.6
Package has no specified license
Recommendation: Check the package code and files for license information
via: loopback-workspace@2.6.0
Collapse
Expand

172 high severity issues

high
handlebars@1.0.12
Arbitrary Code Execution in handlebars
Recommendation: Upgrade to version 3.0.8 or later
via: strong-pm@1.7.4
handlebars@1.0.12
Prototype Pollution in handlebars
Recommendation: Upgrade to version 3.0.8 or later
via: strong-pm@1.7.4
loopback@1.10.0
Improper Authorization in loopback
Recommendation: Upgrade to version 2.40.0 or later
via: loopback-workspace@2.6.0
qs@4.0.0
Prototype Pollution Protection Bypass in qs
Recommendation: Upgrade to version 6.0.4 or later
via: loopback-sdk-angular-cli@1.2.0 & others
npm@1.4.29
Incorrect Permission Assignment for Critical Resource in NPM
Recommendation: Upgrade to version 5.7.1 or later
via: npm@1.4.29
aws-sdk@2.0.5
Prototype Pollution via file load in aws-sdk and @aws-sdk/shared-ini-file-loader
Recommendation: Upgrade to version 2.814.0 or later
via: loopback-workspace@2.6.0
npm@1.4.29
npm Vulnerable to Global node_modules Binary Overwrite
Recommendation: Upgrade to version 6.13.4 or later
via: npm@1.4.29
npm@1.4.29
npm symlink reference outside of node_modules
Recommendation: Upgrade to version 6.13.3 or later
via: npm@1.4.29
tar@1.0.3
Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization
Recommendation: Upgrade to version 3.2.2 or later
via: strong-pm@1.7.4
npm@1.4.29
Arbitrary File Write in npm
Recommendation: Upgrade to version 6.13.3 or later
via: npm@1.4.29
npm@1.4.29
npm Token Leak in npm
Recommendation: Upgrade to version 2.15.1 or later
via: npm@1.4.29
base64-url@1.2.1
Out-of-bounds Read in base64-url
Recommendation: Upgrade to version 2.0.0 or later
via: loopback-sdk-angular-cli@1.2.0 & others
ws@0.4.32
DoS due to excessively large websocket message in ws
Recommendation: Upgrade to version 1.1.1 or later
via: node-inspector@0.7.5 & others
qs@0.1.0
Denial-of-Service Extended Event Loop Blocking in qs
Recommendation: Upgrade to version 1.0.0 or later
via: loopback-sdk-angular-cli@1.2.0 & others
negotiator@0.5.3
Regular Expression Denial of Service in negotiator
Recommendation: Upgrade to version 0.6.1 or later
via: loopback-sdk-angular-cli@1.2.0 & others
tar@1.0.3
Symlink Arbitrary File Overwrite in tar
Recommendation: Upgrade to version 2.0.0 or later
via: strong-pm@1.7.4
ws@0.4.32
Denial of Service in ws
Recommendation: Upgrade to version 1.1.5 or later
via: node-inspector@0.7.5 & others
hawk@1.1.1
Regular Expression Denial of Service in hawk
Recommendation: Upgrade to version 3.1.3 or later
via: loopback-workspace@2.6.0
qs@0.1.0
Denial-of-Service Memory Exhaustion in qs
Recommendation: Upgrade to version 1.0.0 or later
via: loopback-sdk-angular-cli@1.2.0 & others
semver@2.3.2
Regular Expression Denial of Service in semver
Recommendation: Upgrade to version 4.3.2 or later
via: loopback-sdk-angular-cli@1.2.0 & others
uglify-js@2.3.6
Regular Expression Denial of Service in uglify-js
Recommendation: Upgrade to version 2.6.0 or later
via: strong-pm@1.7.4
ini@1.1.0
ini before 1.3.6 vulnerable to Prototype Pollution via ini.parse
Recommendation: Upgrade to version 1.3.6 or later
via: ini@1.1.0 & others
ejs@1.0.0
ejs vulnerable to DoS due to weak input validation
Recommendation: Upgrade to version 2.5.5 or later
via: loopback-sdk-angular-cli@1.2.0 & others
fresh@0.3.0
Regular Expression Denial of Service in fresh
Recommendation: Upgrade to version 0.5.2 or later
via: loopback-sdk-angular-cli@1.2.0 & others
minimatch@0.3.0
Regular Expression Denial of Service in minimatch
Recommendation: Upgrade to version 3.0.2 or later
via: node-inspector@0.7.5
mime@1.3.4
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input
Recommendation: Upgrade to version 1.4.1 or later
via: loopback-sdk-angular-cli@1.2.0 & others
hoek@0.9.1
Prototype Pollution in hoek
Recommendation: Upgrade to version 4.2.1 or later
via: loopback-workspace@2.6.0
swagger-ui@2.0.24
Cross-Site Scripting in swagger-ui
Recommendation: Upgrade to version 2.2.1 or later
via: strong-pm@1.7.4
debug@0.7.4
debug Inefficient Regular Expression Complexity vulnerability
Recommendation: Upgrade to version 2.6.9 or later
via: debug@0.7.4 & others
lodash@3.10.1
Prototype Pollution in lodash
Recommendation: Upgrade to version 4.17.11 or later
via: generator-loopback@1.25.0 & others
glob-parent@3.1.0
glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex
Recommendation: Upgrade to version 5.1.2 or later
via: generator-loopback@1.25.0
follow-redirects@0.0.3
Exposure of sensitive information in follow-redirects
Recommendation: Upgrade to version 1.14.7 or later
via: loopback-workspace@2.6.0
diff@2.2.3
Regular Expression Denial of Service (ReDoS)
Recommendation: Upgrade to version 3.5.0 or later
via: generator-loopback@1.25.0
css-what@1.0.0
css-what vulnerable to ReDoS due to use of insecure regular expression
Recommendation: Upgrade to version 2.1.3 or later
via: generator-loopback@1.25.0
hawk@1.1.1
Uncontrolled Resource Consumption in Hawk
Recommendation: Upgrade to version 9.0.1 or later
via: loopback-workspace@2.6.0
handlebars@1.0.12
Arbitrary Code Execution in Handlebars
Recommendation: Upgrade to version 3.0.8 or later
via: strong-pm@1.7.4
handlebars@1.0.12
Prototype Pollution in handlebars
Recommendation: Upgrade to version 3.0.7 or later
via: strong-pm@1.7.4
trim-newlines@1.0.0
Uncontrolled Resource Consumption in trim-newlines
Recommendation: Upgrade to version 3.0.1 or later
via: generator-loopback@1.25.0
tar@1.0.3
Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization
Recommendation: Upgrade to version 4.4.18 or later
via: strong-pm@1.7.4
tar@1.0.3
Arbitrary File Overwrite in tar
Recommendation: Upgrade to version 2.2.2 or later
via: strong-pm@1.7.4
shelljs@0.7.8
Improper Privilege Management in shelljs
Recommendation: Upgrade to version 0.8.5 or later
via: generator-loopback@1.25.0 & others
nth-check@1.0.2
Inefficient Regular Expression Complexity in nth-check
Recommendation: Upgrade to version 2.0.1 or later
via: generator-loopback@1.25.0
lodash@3.10.1
Prototype Pollution in lodash
Recommendation: Upgrade to version 4.17.19 or later
via: generator-loopback@1.25.0 & others
handlebars@1.0.12
Arbitrary Code Execution in handlebars
Recommendation: Upgrade to version 3.0.8 or later
via: strong-pm@1.7.4
hoek@0.9.1
hoek subject to prototype pollution via the clone function.
Recommendation: None
via: loopback-workspace@2.6.0
ssh2@0.4.15
OS Command Injection in ssh2
Recommendation: Upgrade to version 1.4.0 or later
via: strong-deploy@1.2.0
qs@4.0.0
qs vulnerable to Prototype Pollution
Recommendation: Upgrade to version 6.2.4 or later
via: loopback-sdk-angular-cli@1.2.0 & others
minimatch@0.3.0
minimatch ReDoS vulnerability
Recommendation: Upgrade to version 3.0.5 or later
via: node-inspector@0.7.5
lodash@3.10.1
Command Injection in lodash
Recommendation: Upgrade to version 4.17.21 or later
via: generator-loopback@1.25.0 & others
boom@0.4.2
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
canonical-json@0.0.4
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: generator-loopback@1.25.0 & others
cpr@0.1.1
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: cpr@0.1.1
cryptiles@0.2.2
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
dotenv@0.2.8
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4 & others
duplexer2@0.0.2
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: generator-loopback@1.25.0
escodegen-wallaby@1.6.43
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: generator-loopback@1.25.0
esprima@1.2.5
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4 & others
estraverse@1.9.3
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: generator-loopback@1.25.0 & others
follow-redirects@0.0.3
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
glob-to-regexp@0.0.1
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4 & others
glob-to-regexp@0.3.0
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: generator-loopback@1.25.0
glob@3.2.11
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: node-inspector@0.7.5
graceful-fs@1.1.14
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: cpr@0.1.1
graceful-fs@1.2.3
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: cpr@0.1.1
hawk@1.1.1
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
hoek@0.9.1
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
mute-stream@0.0.4
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: strong-registry@1.1.6
osenv@0.0.3
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: strong-registry@1.1.6
qs@1.2.2
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
semver@2.2.1
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: strong-agent@1.6.4 & others
semver@2.3.2
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-sdk-angular-cli@1.2.0 & others
showdown@0.3.1
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-sdk-angular-cli@1.2.0
sntp@0.2.4
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
source-map@0.1.43
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
source-map@0.2.0
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: generator-loopback@1.25.0
stream-counter@0.2.0
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: loopback-sdk-angular-cli@1.2.0 & others
tar@1.0.3
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
ycssmin@1.0.1
Package uses an invalid SPDX license ("BSD")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
strong-build@1.0.3
Package uses an invalid SPDX license ("Dual Artistic/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strong-build@1.0.3
strong-control-channel@1.3.0
Package uses an invalid SPDX license ("Dual Artistic/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4 & others
strong-deploy@1.2.0
Package uses an invalid SPDX license ("Dual Artistic/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strong-deploy@1.2.0
strong-pm@1.7.4
Package uses an invalid SPDX license ("Dual Artistic/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
strong-service-install@1.1.3
Package uses an invalid SPDX license ("Dual Artistic/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
strong-supervisor@1.6.0
Package uses an invalid SPDX license ("Dual Artistic/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4 & others
strongloop@2.9.2
Package uses an invalid SPDX license ("Dual Artistic/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strongloop@2.9.2
loopback-datasource-juggler@1.7.1
Package uses an invalid SPDX license ("Dual MIT/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
loopback-explorer@1.8.0
Package uses an invalid SPDX license ("Dual MIT/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
loopback-workspace@2.6.0
Package uses an invalid SPDX license ("Dual MIT/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
loopback@1.10.0
Package uses an invalid SPDX license ("Dual MIT/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
strong-remoting@1.5.3
Package uses an invalid SPDX license ("Dual MIT/StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
optimist@0.3.7
Package uses an invalid SPDX license ("MIT/X11")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
optimist@0.5.2
Package uses an invalid SPDX license ("MIT/X11")
Recommendation: Validate that the package complies with your license policy
via: optimist@0.5.2
optimist@0.6.1
Package uses an invalid SPDX license ("MIT/X11")
Recommendation: Validate that the package complies with your license policy
via: loopback-sdk-angular-cli@1.2.0 & others
yargs@1.2.6
Package uses an invalid SPDX license ("MIT/X11")
Recommendation: Validate that the package complies with your license policy
via: node-inspector@0.7.5
aws-sdk-apis@3.1.10
Package uses an invalid SPDX license ("Apache 2.0")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
aws-sdk@2.0.5
Package uses an invalid SPDX license ("Apache 2.0")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
revalidator@0.1.8
Package uses an invalid SPDX license ("Apache 2.0")
Recommendation: Validate that the package complies with your license policy
via: prompt@0.2.14
css-select@1.0.0
Package uses an invalid SPDX license ("BSD-like")
Recommendation: Validate that the package complies with your license policy
via: generator-loopback@1.25.0
css-what@1.0.0
Package uses an invalid SPDX license ("BSD-like")
Recommendation: Validate that the package complies with your license policy
via: generator-loopback@1.25.0
entities@1.0.0
Package uses an invalid SPDX license ("BSD-like")
Recommendation: Validate that the package complies with your license policy
via: generator-loopback@1.25.0
strong-agent@1.6.4
Package uses an invalid SPDX license ("StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strong-agent@1.6.4 & others
strong-mesh-models@3.1.0
Package uses an invalid SPDX license ("StrongLoop")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
strong-trace@1.3.4
Package uses an invalid SPDX license ("SEE LICENSE IN LICENSE.md")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4 & others
strongloop-license@1.5.2
Package uses an invalid SPDX license ("SEE LICENSE IN LICENSE.md")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4 & others
bcryptjs@2.0.2
Package uses an invalid SPDX license ("New-BSD, MIT")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
btoa@1.1.1
Package uses an invalid SPDX license ("Apache2")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
docular@0.6.6
Package uses an invalid SPDX license ("(MIT OR CC_by_3.0)")
Recommendation: Validate that the package complies with your license policy
via: loopback-sdk-angular-cli@1.2.0
fs.extra@1.2.1
Package uses a custom license expression: `(MIT OR Apache License, Version 2.0)`
Recommendation: Validate that the license expression complies with your license policy
via: fs.extra@1.2.1
less@1.4.2
Package uses an invalid SPDX license ("Apache v2")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
punycode@1.2.4
Package uses an invalid SPDX license ("(MIT OR GPL)")
Recommendation: Validate that the package complies with your license policy
via: loopback-workspace@2.6.0
rc@0.3.5
Package uses a custom license expression: `(BSD OR MIT OR Apache2)`
Recommendation: Validate that the license expression complies with your license policy
via: node-inspector@0.7.5
rc@1.2.8
Package uses a custom license expression: `(BSD-2-Clause OR MIT OR Apache-2.0)`
Recommendation: Validate that the license expression complies with your license policy
via: generator-loopback@1.25.0
shelljs@0.3.0
Package uses an invalid SPDX license ("BSD*")
Recommendation: Validate that the package complies with your license policy
via: strong-build@1.0.3 & others
spdx-exceptions@2.5.0
Package uses an atypical license ("CC-BY-3.0")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0 & others
strong-fork-syslog@1.2.3
Package uses an invalid SPDX license ("Simplified BSD License")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4 & others
swagger-client@2.0.36
Package uses an invalid SPDX license ("apache 2.0")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
swagger-ui@2.0.24
Package uses an invalid SPDX license ("Apache")
Recommendation: Validate that the package complies with your license policy
via: strong-pm@1.7.4
walk@2.2.1
Package uses an invalid SPDX license ("(MIT OR Apache2)")
Recommendation: Validate that the package complies with your license policy
via: fs.extra@1.2.1
boom@0.4.2
Deprecated package
via: loopback-workspace@2.6.0
buildmail@4.0.1
Deprecated package
via: generator-loopback@1.25.0 & others
coffee-script@1.6.3
Deprecated package
via: strong-pm@1.7.4
connect@2.30.2
Deprecated package
via: loopback-sdk-angular-cli@1.2.0 & others
core-js-pure@3.36.0
Package uses postinstall script: "node -e "try{require('./postinstall')}catch(e){}""
via: generator-loopback@1.25.0 & others
cryptiles@0.2.2
Deprecated package
via: loopback-workspace@2.6.0
ejs@1.0.0
Deprecated package
via: loopback-sdk-angular-cli@1.2.0 & others
ejs@2.7.4
Package uses postinstall script: "node ./postinstall.js"
via: generator-loopback@1.25.0 & others
forEachAsync@2.2.1
Deprecated package
via: fs.extra@1.2.1
graceful-fs@1.1.14
Deprecated package
via: cpr@0.1.1
graceful-fs@1.2.3
Deprecated package
via: cpr@0.1.1
gulp-util@3.0.8
Deprecated package
via: generator-loopback@1.25.0
har-validator@5.1.5
Deprecated package
via: generator-loopback@1.25.0 & others
hawk@1.1.1
Deprecated package
via: loopback-workspace@2.6.0
hoek@0.9.1
Deprecated package
via: loopback-workspace@2.6.0
ini@1.1.0
Deprecated package
via: ini@1.1.0 & others
loopback-boot@2.28.0
Deprecated package
via: generator-loopback@1.25.0 & others
loopback-component-explorer@2.7.0
Deprecated package
via: generator-loopback@1.25.0
loopback-datasource-juggler@1.7.1
Deprecated package
via: loopback-workspace@2.6.0
loopback-datasource-juggler@2.59.3
Deprecated package
via: generator-loopback@1.25.0 & others
loopback-explorer@1.8.0
Deprecated package
via: strong-pm@1.7.4
loopback@1.10.0
Deprecated package
via: loopback-workspace@2.6.0
loopback@2.42.0
Deprecated package
via: generator-loopback@1.25.0 & others
mailcomposer@0.2.12
Deprecated package
via: loopback-workspace@2.6.0
mailcomposer@4.0.1
Deprecated package
via: generator-loopback@1.25.0 & others
mimelib@0.2.19
Deprecated package
via: loopback-workspace@2.6.0
minimatch@0.3.0
Deprecated package
via: node-inspector@0.7.5
mkdirp@0.3.5
Deprecated package
via: cpr@0.1.1 & others
mkdirp@0.5.1
Deprecated package
via: loopback-sdk-angular-cli@1.2.0 & others
node-uuid@1.4.8
Deprecated package
via: loopback-workspace@2.6.0 & others
nodemailer@0.7.1
Deprecated package
via: loopback-workspace@2.6.0
nodemailer@2.7.2
Deprecated package
via: generator-loopback@1.25.0 & others
readdir-scoped-modules@1.1.0
Deprecated package
via: strong-pm@1.7.4 & others
request@2.37.0
Deprecated package
via: loopback-workspace@2.6.0
request@2.88.2
Deprecated package
via: generator-loopback@1.25.0 & others
samsam@1.3.0
Deprecated package
via: generator-loopback@1.25.0
showdown@0.3.1
Deprecated package
via: loopback-sdk-angular-cli@1.2.0
sntp@0.2.4
Deprecated package
via: loopback-workspace@2.6.0
socks@1.1.9
Deprecated package
via: generator-loopback@1.25.0 & others
source-map-resolve@0.5.3
Deprecated package
via: generator-loopback@1.25.0
spawn-sync@1.0.15
Package uses postinstall script: "node postinstall"
via: generator-loopback@1.25.0
sprintf@0.1.1
Deprecated package
via: strong-pm@1.7.4
stable@0.1.8
Deprecated package
via: generator-loopback@1.25.0 & others
strong-agent@1.6.4
Package uses install script: "node-gyp rebuild || exit 0"
via: strong-agent@1.6.4 & others
strong-remoting@1.5.3
Deprecated package
via: loopback-workspace@2.6.0
strong-remoting@2.36.1
Deprecated package
via: generator-loopback@1.25.0 & others
swagger-client@2.0.36
Deprecated package
via: strong-pm@1.7.4
swagger-ui@2.0.24
Deprecated package
via: strong-pm@1.7.4
tar@1.0.3
Deprecated package
via: strong-pm@1.7.4
tree-sitter@0.20.4
Package uses install script: "prebuild-install || node-gyp rebuild"
via: generator-loopback@1.25.0 & others
uuid@1.4.2
Deprecated package
via: loopback-workspace@2.6.0
uuid@2.0.3
Deprecated package
via: generator-loopback@1.25.0
uuid@3.4.0
Deprecated package
via: generator-loopback@1.25.0 & others
ws@0.4.32
Package uses install script: "(node-gyp rebuild 2> builderror.log) || (exit 0)"
via: node-inspector@0.7.5
Collapse
Expand

44 moderate severity issues

moderate
lodash@3.10.1
Regular Expression Denial of Service (ReDoS) in lodash
Recommendation: Upgrade to version 4.17.11 or later
via: generator-loopback@1.25.0 & others
mem@1.1.0
Denial of Service in mem
Recommendation: Upgrade to version 4.0.0 or later
via: generator-loopback@1.25.0 & others
swagger-ui@2.0.24
Reverse Tabnapping in swagger-ui
Recommendation: Upgrade to version 3.18.0 or later
via: strong-pm@1.7.4
underscore.string@2.3.3
Regular Expression Denial of Service in underscore.string
Recommendation: Upgrade to version 3.3.5 or later
via: generator-loopback@1.25.0 & others
tunnel-agent@0.4.3
Memory Exposure in tunnel-agent
Recommendation: Upgrade to version 0.6.0 or later
via: generator-loopback@1.25.0 & others
swagger-ui@2.0.24
Cross-Site Scripting in swagger-ui
Recommendation: Upgrade to version 2.2.1 or later
via: strong-pm@1.7.4
swagger-ui@2.0.24
Cross-Site Scripting in swagger-ui
Recommendation: Upgrade to version 2.2.1 or later
via: strong-pm@1.7.4
swagger-ui@2.0.24
Cross-Site Scripting in swagger-ui
Recommendation: Upgrade to version 2.2.1 or later
via: strong-pm@1.7.4
swagger-ui@2.0.24
Cross-Site Scripting in swagger-ui
Recommendation: Upgrade to version 3.0.13 or later
via: strong-pm@1.7.4
handlebars@1.0.12
Cross-Site Scripting in handlebars
Recommendation: Upgrade to version 4.0.0 or later
via: strong-pm@1.7.4
shelljs@0.7.8
Improper Privilege Management in shelljs
Recommendation: Upgrade to version 0.8.5 or later
via: generator-loopback@1.25.0 & others
cookie-signature@1.0.3
cookie-signature Timing Attack
Recommendation: Upgrade to version 1.0.4 or later
via: node-inspector@0.7.5
cookiejar@1.3.1
cookiejar Regular Expression Denial of Service via Cookie.parse function
Recommendation: Upgrade to version 2.1.4 or later
via: strong-pm@1.7.4
swagger-ui@2.0.24
Spoofing attack in swagger-ui
Recommendation: Upgrade to version 4.1.3 or later
via: strong-pm@1.7.4
swagger-ui@2.0.24
Improper Neutralization of Input During Web Page Generation in swagger-ui
Recommendation: Upgrade to version 2.2.1 or later
via: strong-pm@1.7.4
got@5.7.1
Got allows a redirect to a UNIX socket
Recommendation: Upgrade to version 11.8.5 or later
via: generator-loopback@1.25.0
npm@1.4.29
npm CLI exposing sensitive information through logs
Recommendation: Upgrade to version 6.14.6 or later
via: npm@1.4.29
nodemailer@2.7.2
Header injection in nodemailer
Recommendation: Upgrade to version 6.6.1 or later
via: generator-loopback@1.25.0 & others
bl@0.9.5
Remote Memory Exposure in bl
Recommendation: Upgrade to version 1.2.3 or later
via: strong-pm@1.7.4
express@4.0.0
No Charset in Content-Type Header in express
Recommendation: Upgrade to version 4.5.0 or later
via: node-inspector@0.7.5
swagger-ui@2.0.24
Server side request forgery in SwaggerUI
Recommendation: Upgrade to version 4.1.3 or later
via: strong-pm@1.7.4
xml2js@0.4.23
xml2js is vulnerable to prototype pollution
Recommendation: Upgrade to version 0.5.0 or later
via: generator-loopback@1.25.0 & others
follow-redirects@0.0.3
Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects
Recommendation: Upgrade to version 1.14.8 or later
via: loopback-workspace@2.6.0
request@2.88.2
Server-Side Request Forgery in Request
Recommendation: None
via: generator-loopback@1.25.0 & others
ejs@1.0.0
mde ejs vulnerable to XSS
Recommendation: Upgrade to version 2.5.5 or later
via: loopback-sdk-angular-cli@1.2.0 & others
request@2.37.0
Remote Memory Exposure in request
Recommendation: Upgrade to version 2.68.0 or later
via: loopback-workspace@2.6.0
swagger-ui@2.0.24
Cross-Site Scripting in swagger-ui
Recommendation: Upgrade to version 3.20.9 or later
via: strong-pm@1.7.4
debug@0.7.4
Regular Expression Denial of Service in debug
Recommendation: Upgrade to version 2.6.9 or later
via: debug@0.7.4 & others
ms@0.7.1
Vercel ms Inefficient Regular Expression Complexity vulnerability
Recommendation: Upgrade to version 2.0.0 or later
via: loopback-sdk-angular-cli@1.2.0 & others
lodash@3.10.1
Regular Expression Denial of Service (ReDoS) in lodash
Recommendation: Upgrade to version 4.17.21 or later
via: generator-loopback@1.25.0 & others
send@0.2.0
Root Path Disclosure in send
Recommendation: Upgrade to version 0.11.1 or later
via: node-inspector@0.7.5
tough-cookie@2.5.0
tough-cookie Prototype Pollution vulnerability
Recommendation: Upgrade to version 4.1.3 or later
via: generator-loopback@1.25.0 & others
follow-redirects@0.0.3
Follow Redirects improperly handles URLs in the url.parse() function
Recommendation: Upgrade to version 1.15.4 or later
via: loopback-workspace@2.6.0
nodemailer@2.7.2
nodemailer ReDoS when trying to send a specially crafted email
Recommendation: Upgrade to version 6.9.9 or later
via: generator-loopback@1.25.0 & others
minimist@0.0.8
Prototype Pollution in minimist
Recommendation: Upgrade to version 0.2.1 or later
via: loopback-sdk-angular-cli@1.2.0 & others
semver@2.3.2
semver vulnerable to Regular Expression Denial of Service
Recommendation: Upgrade to version 5.7.2 or later
via: loopback-sdk-angular-cli@1.2.0 & others
axios@0.21.4
Axios Cross-Site Request Forgery Vulnerability
Recommendation: Upgrade to version 0.28.0 or later
via: generator-loopback@1.25.0
eyes@0.1.8
Package has no specified source code repository
via: generator-loopback@1.25.0 & others
pad-component@0.0.1
Package has no specified source code repository
via: generator-loopback@1.25.0
range-parser@0.0.4
Package has no specified source code repository
via: node-inspector@0.7.5
sprintf@0.1.1
Package has no specified source code repository
via: strong-pm@1.7.4
uid2@0.0.3
Package has no specified source code repository
via: generator-loopback@1.25.0 & others
walk@2.2.1
Package has no specified source code repository
via: fs.extra@1.2.1
weak-map@1.0.0
Package has no specified source code repository
via: loopback-sdk-angular-cli@1.2.0
Collapse
Expand

73 low severity issues

low
braces@1.8.5
Regular Expression Denial of Service in braces
Recommendation: Upgrade to version 2.3.1 or later
via: generator-loopback@1.25.0
loopback@1.10.0
Sensitive Data Exposure in loopback
Recommendation: Upgrade to version 2.42.0 or later
via: loopback-workspace@2.6.0
lodash@3.10.1
Prototype Pollution in lodash
Recommendation: Upgrade to version 4.17.5 or later
via: generator-loopback@1.25.0 & others
braces@1.8.5
Regular Expression Denial of Service (ReDoS) in braces
Recommendation: Upgrade to version 2.3.1 or later
via: generator-loopback@1.25.0
serve-static@1.0.1
Open Redirect in serve-static
Recommendation: Upgrade to version 1.7.2 or later
via: node-inspector@0.7.5
send@0.2.0
Directory Traversal in send
Recommendation: Upgrade to version 0.8.4 or later
via: node-inspector@0.7.5
showdown@0.3.1
Reverse Tabnabbing in showdown
Recommendation: Upgrade to version 1.9.1 or later
via: loopback-sdk-angular-cli@1.2.0
ws@0.4.32
Remote Memory Disclosure in ws
Recommendation: Upgrade to version 1.0.1 or later
via: node-inspector@0.7.5 & others
boom@0.4.2
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
canonical-json@0.0.4
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0 & others
cpr@0.1.1
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: cpr@0.1.1
cryptiles@0.2.2
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
dotenv@0.2.8
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4 & others
duplexer2@0.0.2
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0
escodegen-wallaby@1.6.43
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0
esprima@1.2.5
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4 & others
estraverse@1.9.3
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0 & others
follow-redirects@0.0.3
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
glob-to-regexp@0.0.1
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4 & others
glob-to-regexp@0.3.0
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0
glob@3.2.11
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: node-inspector@0.7.5
graceful-fs@1.1.14
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: cpr@0.1.1
graceful-fs@1.2.3
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: cpr@0.1.1
hawk@1.1.1
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
hoek@0.9.1
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
mute-stream@0.0.4
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: strong-registry@1.1.6
osenv@0.0.3
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: strong-registry@1.1.6
qs@1.2.2
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
semver@2.2.1
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: strong-agent@1.6.4 & others
semver@2.3.2
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-sdk-angular-cli@1.2.0 & others
showdown@0.3.1
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-sdk-angular-cli@1.2.0
sntp@0.2.4
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
source-map@0.1.43
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
source-map@0.2.0
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0
stream-counter@0.2.0
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: loopback-sdk-angular-cli@1.2.0 & others
tar@1.0.3
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
ycssmin@1.0.1
Package uses a license that is not OSI approved ("BSD")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
strong-build@1.0.3
Package uses a license that is not OSI approved ("Dual Artistic/StrongLoop")
Recommendation: Read and validate the license terms
via: strong-build@1.0.3
strong-control-channel@1.3.0
Package uses a license that is not OSI approved ("Dual Artistic/StrongLoop")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4 & others
strong-deploy@1.2.0
Package uses a license that is not OSI approved ("Dual Artistic/StrongLoop")
Recommendation: Read and validate the license terms
via: strong-deploy@1.2.0
strong-pm@1.7.4
Package uses a license that is not OSI approved ("Dual Artistic/StrongLoop")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
strong-service-install@1.1.3
Package uses a license that is not OSI approved ("Dual Artistic/StrongLoop")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
strong-supervisor@1.6.0
Package uses a license that is not OSI approved ("Dual Artistic/StrongLoop")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4 & others
strongloop@2.9.2
Package uses a license that is not OSI approved ("Dual Artistic/StrongLoop")
Recommendation: Read and validate the license terms
via: strongloop@2.9.2
loopback-datasource-juggler@1.7.1
Package uses a license that is not OSI approved ("Dual MIT/StrongLoop")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
loopback-explorer@1.8.0
Package uses a license that is not OSI approved ("Dual MIT/StrongLoop")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
loopback-workspace@2.6.0
Package uses a license that is not OSI approved ("Dual MIT/StrongLoop")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
loopback@1.10.0
Package uses a license that is not OSI approved ("Dual MIT/StrongLoop")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
strong-remoting@1.5.3
Package uses a license that is not OSI approved ("Dual MIT/StrongLoop")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
optimist@0.3.7
Package uses a license that is not OSI approved ("MIT/X11")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
optimist@0.5.2
Package uses a license that is not OSI approved ("MIT/X11")
Recommendation: Read and validate the license terms
via: optimist@0.5.2
optimist@0.6.1
Package uses a license that is not OSI approved ("MIT/X11")
Recommendation: Read and validate the license terms
via: loopback-sdk-angular-cli@1.2.0 & others
yargs@1.2.6
Package uses a license that is not OSI approved ("MIT/X11")
Recommendation: Read and validate the license terms
via: node-inspector@0.7.5
aws-sdk-apis@3.1.10
Package uses a license that is not OSI approved ("Apache 2.0")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
aws-sdk@2.0.5
Package uses a license that is not OSI approved ("Apache 2.0")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
revalidator@0.1.8
Package uses a license that is not OSI approved ("Apache 2.0")
Recommendation: Read and validate the license terms
via: prompt@0.2.14
css-select@1.0.0
Package uses a license that is not OSI approved ("BSD-like")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0
css-what@1.0.0
Package uses a license that is not OSI approved ("BSD-like")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0
entities@1.0.0
Package uses a license that is not OSI approved ("BSD-like")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0
strong-agent@1.6.4
Package uses a license that is not OSI approved ("StrongLoop")
Recommendation: Read and validate the license terms
via: strong-agent@1.6.4 & others
strong-mesh-models@3.1.0
Package uses a license that is not OSI approved ("StrongLoop")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
strong-trace@1.3.4
Package uses a license that is not OSI approved ("SEE LICENSE IN LICENSE.md")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4 & others
strongloop-license@1.5.2
Package uses a license that is not OSI approved ("SEE LICENSE IN LICENSE.md")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4 & others
bcryptjs@2.0.2
Package uses a license that is not OSI approved ("New-BSD, MIT")
Recommendation: Read and validate the license terms
via: loopback-workspace@2.6.0
btoa@1.1.1
Package uses a license that is not OSI approved ("Apache2")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
less@1.4.2
Package uses a license that is not OSI approved ("Apache v2")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
opener@1.3.0
Package uses a license that is not OSI approved ("WTFPL")
Recommendation: Read and validate the license terms
via: node-inspector@0.7.5
shelljs@0.3.0
Package uses a license that is not OSI approved ("BSD*")
Recommendation: Read and validate the license terms
via: strong-build@1.0.3 & others
spdx-exceptions@2.5.0
Package uses a license that is not OSI approved ("CC-BY-3.0")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0 & others
spdx-license-ids@3.0.17
Package uses a license that is not OSI approved ("CC0-1.0")
Recommendation: Read and validate the license terms
via: generator-loopback@1.25.0 & others
strong-fork-syslog@1.2.3
Package uses a license that is not OSI approved ("Simplified BSD License")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4 & others
swagger-client@2.0.36
Package uses a license that is not OSI approved ("apache 2.0")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
swagger-ui@2.0.24
Package uses a license that is not OSI approved ("Apache")
Recommendation: Read and validate the license terms
via: strong-pm@1.7.4
Collapse
Expand

Licenses

MIT
1055
N/A
66
ISC
63
Apache-2.0
55
BSD-3-Clause
33
BSD
29
BSD-2-Clause
26
Artistic-2.0
14
Dual Artistic/StrongLoop
7
Dual MIT/StrongLoop
5
MIT/X11
4
Apache 2.0
3
BSD-like
3
(MIT OR Apache-2.0)
2
(MIT OR GPL-2.0)
2
StrongLoop
2
SEE LICENSE IN LICENSE.md
2
(MIT OR CC0-1.0)
2
(Unlicense OR Apache-2.0)
1
BSD-3-Clause OR MIT
1
Python-2.0
1
New-BSD, MIT
1
Apache2
1
(MIT OR CC_by_3.0)
1
(MIT OR WTFPL)
1
(MIT OR Apache License, Ver...
1
(AFL-2.1 OR BSD-3-Clause)
1
Apache v2
1
WTFPL
1
(MIT OR GPL)
1
(BSD OR MIT OR Apache2)
1
(BSD-2-Clause OR MIT OR Apa...
1
BSD*
1
CC-BY-3.0
1
CC0-1.0
1
Simplified BSD License
1
apache 2.0
1
Apache
1
0BSD
1
Unlicense
1
(MIT OR Apache2)
1

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
1055 Packages, Including:
@babel/code-frame@7.23.5
@babel/helper-validator-identifier@7.22.20
@babel/highlight@7.23.4
@babel/runtime-corejs3@7.23.9
@mrmlnc/readdir-enhanced@2.2.1
@nodelib/fs.stat@1.1.3
@types/glob@7.2.0
@types/keyv@3.1.4
@types/minimatch@3.0.5
@types/minimatch@5.1.2
@types/node@10.17.60
@types/node@20.11.20
@types/normalize-package-data@2.4.4
@types/ramda@0.29.10
@types/responselike@1.0.3
accept-language@3.0.18
accepts@1.0.0
accepts@1.2.13
accepts@1.3.8
acorn-jsx@3.0.1
acorn@3.3.0
addressparser@0.3.2
addressparser@1.0.1
ajv@6.12.6
ansi-escapes@1.4.0
ansi-escapes@3.2.0
ansi-escapes@4.3.2
ansi-gray@0.1.1
ansi-regex@1.1.1
ansi-regex@2.1.1
ansi-regex@3.0.1
ansi-regex@5.0.1
ansi-styles@2.2.1
ansi-styles@3.2.1
ansi-styles@4.3.0
ansi-wrap@0.1.0
apache-crypt@1.1.2
apache-md5@1.0.6
archive-type@3.2.0
argparse@1.0.10
arr-diff@2.0.0
arr-diff@4.0.0
arr-flatten@1.1.0
arr-union@3.1.0
array-buffer-byte-length@1.0.1
array-differ@1.0.0
array-differ@3.0.0
array-find-index@1.0.2
array-flatten@1.1.1
array-from@2.1.1

N/A

N/A
66 Packages, Including:
JSONStream@0.8.0
asn1@0.1.11
assert-plus@0.1.5
aws-sign2@0.5.0
base64-js@0.0.2
browser-request@0.3.3
buffer-crc32@0.2.1
cli-color@0.2.3
cli-table@0.3.11
colors@0.6.2
combined-stream@0.0.7
commander@1.3.2
commander@2.1.0
cookie-signature@1.0.3
cookie@0.1.0
ctype@0.5.3
cycle@1.0.3
debug@0.7.4
debug@0.8.1
debug@1.0.5
delayed-stream@0.0.5
domhandler@2.3.0
domutils@1.4.3
domutils@1.5.1
duplex@1.0.0
ejs@1.0.0
es5-ext@0.9.2
escape-html@1.0.1
event-emitter@0.2.2
forEachAsync@2.2.1
forever-agent@0.5.2
fresh@0.2.0
handlebars@1.0.12
inherits@1.0.2
ini@1.1.0
jayson@1.1.3
mime@1.2.11
ms@0.7.1
msgpack-js@0.3.0
mux-demux@3.7.9
node-inspector@0.7.5
oauth-sign@0.3.0
options@0.0.6
pad-component@0.0.1
path-to-regexp@0.1.2
prompt@0.2.14
qs@0.1.0
qs@0.6.6
range-parser@0.0.4
send@0.1.4

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
63 Packages, Including:
abbrev@1.1.1
base64-url@1.2.1
block-stream@0.0.9
boolbase@1.0.0
chownr@1.1.4
cli-width@2.2.1
cli-width@3.0.0
color-support@1.1.3
dezalgo@1.0.4
fs.realpath@1.0.0
fstream@1.0.12
glob-parent@2.0.0
glob-parent@3.1.0
glob@5.0.15
glob@6.0.4
glob@7.2.3
graceful-fs@4.2.11
gulp-sourcemaps@1.6.0
har-schema@2.0.0
heapdump@0.3.15
hosted-git-info@2.8.9
inflight@1.0.6
inherits@2.0.4
ini@1.3.8
isexe@2.0.0
json-stringify-safe@5.0.1
lru-cache@2.7.3
lru-cache@4.1.5
lru-cache@6.0.0
minimatch@3.1.2
minimatch@5.1.6
minimatch@7.4.6
mute-stream@0.0.6
mute-stream@0.0.7
mute-stream@0.0.8
nopt@3.0.6
normalize-git-url@3.0.2
npm-normalize-package-bin@1.0.1
once@1.4.0
pseudomap@1.0.2
read-installed@4.0.3
read-package-json@2.1.2
read@1.0.7
readdir-scoped-modules@1.1.0
remove-trailing-separator@1.1.0
rimraf@2.6.3
rimraf@2.7.1
rimraf@3.0.2
sax@1.3.0
semver@5.7.2

Apache License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
use-patent-claims
place-warranty
Cannot
hold-liable
use-trademark
Must
include-copyright
include-license
state-changes
include-notice
55 Packages, Including:
@swagger-api/apidom-ast@0.95.0
@swagger-api/apidom-core@0.95.0
@swagger-api/apidom-error@0.95.0
@swagger-api/apidom-json-pointer@0.95.0
@swagger-api/apidom-ns-api-design-systems@0.95.0
@swagger-api/apidom-ns-asyncapi-2@0.95.0
@swagger-api/apidom-ns-json-schema-draft-4@0.95.0
@swagger-api/apidom-ns-json-schema-draft-6@0.95.0
@swagger-api/apidom-ns-json-schema-draft-7@0.95.0
@swagger-api/apidom-ns-openapi-2@0.95.0
@swagger-api/apidom-ns-openapi-3-0@0.95.0
@swagger-api/apidom-ns-openapi-3-1@0.95.0
@swagger-api/apidom-ns-workflows-1@0.95.0
@swagger-api/apidom-parser-adapter-api-design-systems-json@0.95.0
@swagger-api/apidom-parser-adapter-api-design-systems-yaml@0.95.0
@swagger-api/apidom-parser-adapter-asyncapi-json-2@0.95.0
@swagger-api/apidom-parser-adapter-asyncapi-yaml-2@0.95.0
@swagger-api/apidom-parser-adapter-json@0.95.0
@swagger-api/apidom-parser-adapter-openapi-json-2@0.95.0
@swagger-api/apidom-parser-adapter-openapi-json-3-0@0.95.0
@swagger-api/apidom-parser-adapter-openapi-json-3-1@0.95.0
@swagger-api/apidom-parser-adapter-openapi-yaml-2@0.95.0
@swagger-api/apidom-parser-adapter-openapi-yaml-3-0@0.95.0
@swagger-api/apidom-parser-adapter-openapi-yaml-3-1@0.95.0
@swagger-api/apidom-parser-adapter-workflows-json-1@0.95.0
@swagger-api/apidom-parser-adapter-workflows-yaml-1@0.95.0
@swagger-api/apidom-parser-adapter-yaml-1-2@0.95.0
@swagger-api/apidom-reference@0.95.0
aws-sign2@0.7.0
caseless@0.12.0
detect-libc@2.0.2
ejs@2.7.4
ejs@3.1.9
filelist@1.0.4
forever-agent@0.6.1
g11n-pipeline@2.0.6
human-signals@1.1.1
jake@10.8.7
js2xmlparser@1.0.0
js2xmlparser@2.0.2
oauth-sign@0.9.0
request@2.37.0
request@2.88.2
rx@4.1.0
rxjs@5.5.12
rxjs@6.6.7
short-unique-id@5.0.3
spdx-correct@3.2.0
strong-swagger-ui@21.0.2
swagger-client@3.25.3

BSD 3-Clause "New" or "Revised" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
use-trademark
hold-liable
Must
include-copyright
include-license
33 Packages, Including:
@sinonjs/commons@1.8.6
@sinonjs/formatio@2.0.0
@sinonjs/formatio@3.2.2
@sinonjs/samsam@3.3.3
bcrypt-pbkdf@1.0.2
charenc@0.0.2
crypt@0.0.2
diff@2.2.3
diff@3.5.0
diff@4.0.2
duplexer2@0.1.4
duplexer3@0.1.5
http-status@0.2.5
ieee754@1.2.1
lolex@2.7.5
lolex@5.1.2
md5@2.3.0
nise@1.5.3
qs@4.0.0
qs@6.11.0
qs@6.11.2
qs@6.5.3
ramda-adjunct@4.1.1
samsam@1.3.0
shelljs@0.7.8
shelljs@0.8.5
sinon@5.1.1
source-map@0.5.7
sprintf-js@1.0.3
sprintf-js@1.1.3
tough-cookie@2.5.0
tough-cookie@4.1.3
unix-crypt-td-js@1.1.4

BSD

Invalid
Not OSI Approved
29 Packages, Including:
boom@0.4.2
canonical-json@0.0.4
cpr@0.1.1
cryptiles@0.2.2
dotenv@0.2.8
duplexer2@0.0.2
escodegen-wallaby@1.6.43
esprima@1.2.5
estraverse@1.9.3
follow-redirects@0.0.3
glob-to-regexp@0.0.1
glob-to-regexp@0.3.0
glob@3.2.11
graceful-fs@1.1.14
graceful-fs@1.2.3
hawk@1.1.1
hoek@0.9.1
mute-stream@0.0.4
osenv@0.0.3
qs@1.2.2
semver@2.2.1
semver@2.3.2
showdown@0.3.1
sntp@0.2.4
source-map@0.1.43
source-map@0.2.0
stream-counter@0.2.0
tar@1.0.3
ycssmin@1.0.1

BSD 2-Clause "Simplified" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
hold-liable
Must
include-copyright
include-license
26 Packages, Including:
async-listener@0.6.10
continuation-local-storage@3.2.1
domelementtype@1.3.1
domelementtype@2.3.0
domhandler@2.4.2
domutils@1.7.0
emitter-listener@1.1.2
entities@1.1.2
entities@2.2.0
esprima@2.7.3
esprima@4.0.1
estraverse@4.3.0
esutils@2.0.3
isemail@1.2.0
normalize-package-data@2.5.0
nth-check@1.0.2
shimmer@1.2.1
uri-js@4.4.1
webidl-conversions@3.0.1
yeoman-assert@2.2.3
yeoman-environment@1.6.6
yeoman-environment@2.10.3
yeoman-generator@0.23.4
yeoman-generator@2.0.5
yeoman-generator@4.13.0
yosay@1.2.1

Artistic License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
use-trademark
hold-liable
Must
rename
state-changes
include-original
include-install-instructions
14 Packages, Including:
npm@1.4.29
strong-cluster-control@2.2.4
strong-globalize@2.10.0
strong-globalize@4.1.3
strong-log-transformer@1.0.6
strong-npm-ls@1.0.10
strong-registry@1.1.6
strong-remoting@2.36.1
strong-service-systemd@1.2.3
strong-service-upstart@1.1.3
strong-statsd@2.0.7
strong-tunnel@1.1.6
strong-url-defaults@1.2.3
strong-wait-till-listening@1.0.3

Dual Artistic/StrongLoop

Invalid
Not OSI Approved
7 Packages, Including:
strong-build@1.0.3
strong-control-channel@1.3.0
strong-deploy@1.2.0
strong-pm@1.7.4
strong-service-install@1.1.3
strong-supervisor@1.6.0
strongloop@2.9.2

Dual MIT/StrongLoop

Invalid
Not OSI Approved
5 Packages, Including:
loopback-datasource-juggler@1.7.1
loopback-explorer@1.8.0
loopback-workspace@2.6.0
loopback@1.10.0
strong-remoting@1.5.3

MIT/X11

Invalid
Not OSI Approved
4 Packages, Including:
optimist@0.3.7
optimist@0.5.2
optimist@0.6.1
yargs@1.2.6

Apache 2.0

Invalid
Not OSI Approved
3 Packages, Including:
aws-sdk-apis@3.1.10
aws-sdk@2.0.5
revalidator@0.1.8

BSD-like

Invalid
Not OSI Approved
3 Packages, Including:
css-select@1.0.0
css-what@1.0.0
entities@1.0.0

(MIT OR Apache-2.0)

Permissive
2 Packages, Including:
JSONStream@1.3.5
atob@2.1.2

(MIT OR GPL-2.0)

Permissive
2 Packages, Including:
node.extend@1.1.8
node.extend@2.0.3

StrongLoop

Invalid
Not OSI Approved
2 Packages, Including:
strong-agent@1.6.4
strong-mesh-models@3.1.0

SEE LICENSE IN LICENSE.md

Invalid
Not OSI Approved
2 Packages, Including:
strong-trace@1.3.4
strongloop-license@1.5.2

(MIT OR CC0-1.0)

Public Domain
2 Packages, Including:
type-fest@0.21.3
type-fest@0.6.0

(Unlicense OR Apache-2.0)

Public Domain
1 Packages, Including:
@sinonjs/text-encoding@0.7.2

BSD-3-Clause OR MIT

Permissive
1 Packages, Including:
amdefine@1.0.1

Python License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
use-trademark
hold-liable
Must
include-copyright
include-license
state-changes
1 Packages, Including:
argparse@2.0.1

New-BSD, MIT

Invalid
Not OSI Approved
1 Packages, Including:
bcryptjs@2.0.2

Apache2

Invalid
Not OSI Approved
1 Packages, Including:
btoa@1.1.1

(MIT OR CC_by_3.0)

Invalid
1 Packages, Including:
docular@0.6.6

(MIT OR WTFPL)

Permissive
1 Packages, Including:
expand-template@2.0.3

(MIT OR Apache License, Version 2.0)

Expression
1 Packages, Including:
fs.extra@1.2.1

(AFL-2.1 OR BSD-3-Clause)

Permissive
1 Packages, Including:
json-schema@0.4.0

Apache v2

Invalid
Not OSI Approved
1 Packages, Including:
less@1.4.2

Do What The F*ck You Want To Public License

Permissive
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
sublicense
distribute
modify
Cannot
Must
rename
1 Packages, Including:
opener@1.3.0

(MIT OR GPL)

Invalid
1 Packages, Including:
punycode@1.2.4

(BSD OR MIT OR Apache2)

Expression
1 Packages, Including:
rc@0.3.5

(BSD-2-Clause OR MIT OR Apache-2.0)

Expression
1 Packages, Including:
rc@1.2.8

BSD*

Invalid
Not OSI Approved
1 Packages, Including:
shelljs@0.3.0

Creative Commons Attribution 3.0 Unported

Uncategorized
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
Cannot
Must
1 Packages, Including:
spdx-exceptions@2.5.0

Creative Commons Zero v1.0 Universal

Public Domain
Not OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
Cannot
Must
1 Packages, Including:
spdx-license-ids@3.0.17

Simplified BSD License

Invalid
Not OSI Approved
1 Packages, Including:
strong-fork-syslog@1.2.3

apache 2.0

Invalid
Not OSI Approved
1 Packages, Including:
swagger-client@2.0.36

Apache

Invalid
Not OSI Approved
1 Packages, Including:
swagger-ui@2.0.24

BSD Zero Clause License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
include-copyright
include-license
include-original
Cannot
hold-liable
Must
1 Packages, Including:
tslib@1.14.1

The Unlicense

Public Domain
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
private-use
modify
Cannot
include-copyright
hold-liable
Must
1 Packages, Including:
tweetnacl@0.14.5

(MIT OR Apache2)

Invalid
1 Packages, Including:
walk@2.2.1
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Direct Dependencies

26
All Dependencies CSV
β“˜ This is a list of strongloop 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.
NameVersionSizeLicenseTypeVulnerabilities
async0.2.1015.4 kBMIT
prod
colors0.6.26.14 kBUNKNOWN
prod
1
cpr0.1.15.27 kBBSD
prod
6
3
debug0.7.44.11 kBUNKNOWN
prod peer
1
1
1
fs.extra1.2.17.22 kB(MIT OR Apache License, Version 2.0)
prod
2
4
1
generator-loopback1.25.0852.64 kBMIT
prod
19
42
17
14
inflection1.2.76.79 kBMIT
prod
ini1.1.04.78 kBUNKNOWN
prod
1
2
is20.0.1315.29 kBMIT
prod
json-file-plus1.0.65.75 kBMIT
prod
loopback-sdk-angular-cli1.2.06.94 kBMIT
prod
12
25
9
5
loopback-workspace2.6.023.59 kBDual MIT/StrongLoop
prod
26
51
15
17
mkdirp0.3.54.06 kBMIT
prod optional
1
node-inspector0.7.5922.27 kBUNKNOWN
prod
20
19
6
6
nopt3.0.610.07 kBISC
prod
npm1.4.291.71 MBArtistic-2.0
prod
5
1
optimist0.5.212.92 kBMIT/X11
prod
1
1
prompt0.2.1421.82 kBUNKNOWN
prod
4
2
1
1
read1.0.72.61 kBISC
prod
strong-agent1.6.4144.99 kBStrongLoop
prod
4
1
2
strong-build1.0.3243.51 kBDual Artistic/StrongLoop
prod
1
5
3
3
strong-deploy1.2.012.49 kBDual Artistic/StrongLoop
prod
4
1
2
strong-pm1.7.459.17 kBDual Artistic/StrongLoop
prod
34
77
27
29
strong-registry1.1.614.01 kBArtistic-2.0
prod
4
6
3
4
strong-supervisor1.6.045.43 kBDual Artistic/StrongLoop
prod
6
17
2
14
which1.0.92.23 kBISC
prod

Visualizations

Tree
Treemap

Recent Versions

Sandworm Dunes
Ready to start?

Scan your app for security vulnerabilities and license issues

Start Free With GitHub
Sandworm Open Source
Sandworm
Getting Started Issue Types Resolve Issues License Policies Sandworm Guard
Explore
Npm Package List Composer Package List Npm Categories List Npm Security Vulnerabilities Composer Security Vulnerabilities
Support
Sponsor Discuss Terms of Use Privacy Policy Security
More from Sandworm
Newsletter 𝕏 / Twitter 𝕏 / Twitter Security Alerts Knowledge Base Blog Contact