Generated on Apr 25, 2024 via pnpm

Npm

Home

video-react 0.10.7

Video-React is a web video player built from the ground up for an HTML5 world using React library.

react

video

video-react

Package summary

issues

licenses

Package created

2 Oct 2016

Version published

9 May 2018

Maintainers

Total deps

533

Direct deps

License

MIT

Issues

1 critical severity issue

critical

babel-traverse@6.26.0

Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code

Recommendation: None

via: jest@22.4.4 & others

Collapse

Expand

21 high severity issues

high

glob-parent@2.0.0

glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex

Recommendation: Upgrade to version 5.1.2 or later

via: jest@22.4.4 & others

merge@1.2.1

Prototype Pollution in merge

Recommendation: Upgrade to version 2.1.1 or later

via: jest@22.4.4 & others

json5@0.5.1

Prototype Pollution in JSON5 via Parse Method

Recommendation: Upgrade to version 1.0.2 or later

via: jest@22.4.4 & others

jsonify@0.0.1

Package uses an invalid SPDX license ("Public Domain")

Recommendation: Validate that the package complies with your license policy

via: jest@22.4.4 & others

core-js@2.6.12

Deprecated package

via: jest@22.4.4 & others

core-js@2.6.12

Package uses postinstall script: "node -e "try{require('./postinstall')}catch(e){}""

via: jest@22.4.4 & others

fsevents@1.2.13

Deprecated package

via: jest@22.4.4 & others

fsevents@1.2.13

Package uses install script: "node install.js"

via: jest@22.4.4 & others

har-validator@5.1.5

Deprecated package

via: jest@22.4.4 & others

left-pad@1.3.0

Deprecated package

via: jest@22.4.4 & others

react-dom@16.14.0

Deprecated package

via: react-dom@16.14.0

react@16.14.0

Deprecated package

via: react@16.14.0 & others

request-promise-native@1.0.9

Deprecated package

via: jest@22.4.4 & others

request@2.88.2

Deprecated package

via: jest@22.4.4 & others

resolve-url@0.2.1

Deprecated package

via: jest@22.4.4 & others

sane@2.5.2

Deprecated package

via: jest@22.4.4 & others

source-map-resolve@0.5.3

Deprecated package

via: jest@22.4.4 & others

source-map-url@0.4.1

Deprecated package

via: jest@22.4.4 & others

urix@0.1.0

Deprecated package

via: jest@22.4.4 & others

uuid@3.4.0

Deprecated package

via: jest@22.4.4 & others

w3c-hr-time@1.0.2

Deprecated package

via: jest@22.4.4 & others

Collapse

Expand

6 moderate severity issues

moderate

mem@1.1.0

Denial of Service in mem

Recommendation: Upgrade to version 4.0.0 or later

via: jest@22.4.4 & others

node-notifier@5.4.5

OS Command Injection in node-notifier

Recommendation: Upgrade to version 8.0.1 or later

via: jest@22.4.4 & others

yargs-parser@8.1.0

yargs-parser Vulnerable to Prototype Pollution

Recommendation: Upgrade to version 13.1.2 or later

via: jest@22.4.4 & others

jsdom@11.12.0

Insufficient Granularity of Access Control in JSDom

Recommendation: Upgrade to version 16.5.0 or later

via: jest@22.4.4 & others

tough-cookie@2.5.0

tough-cookie Prototype Pollution vulnerability

Recommendation: Upgrade to version 4.1.3 or later

via: jest@22.4.4 & others

request@2.88.2

Server-Side Request Forgery in Request

Recommendation: None

via: jest@22.4.4 & others

Collapse

Expand

4 low severity issues

low

braces@1.8.5

Regular Expression Denial of Service in braces

Recommendation: Upgrade to version 2.3.1 or later

via: jest@22.4.4 & others

braces@1.8.5

Regular Expression Denial of Service (ReDoS) in braces

Recommendation: Upgrade to version 2.3.1 or later

via: jest@22.4.4 & others

jsonify@0.0.1

Package uses a license that is not OSI approved ("Public Domain")

Recommendation: Read and validate the license terms

via: jest@22.4.4 & others

left-pad@1.3.0

Package uses a license that is not OSI approved ("WTFPL")

Recommendation: Read and validate the license terms

via: jest@22.4.4 & others

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

449 Packages, Including:

@babel/code-frame@7.24.2

@babel/helper-validator-identifier@7.22.20

@babel/highlight@7.24.2

@babel/runtime@7.24.4

acorn-globals@4.3.4

acorn-walk@6.2.0

acorn@5.7.4

acorn@6.4.2

ajv@6.12.6

ansi-escapes@3.2.0

ansi-regex@2.1.1

ansi-regex@3.0.1

ansi-styles@2.2.1

ansi-styles@3.2.1

append-transform@0.4.0

argparse@1.0.10

arr-diff@2.0.0

arr-diff@4.0.0

arr-flatten@1.1.0

arr-union@3.1.0

array-buffer-byte-length@1.0.1

array-equal@1.0.2

array-unique@0.2.1

array-unique@0.3.2

array.prototype.reduce@1.0.7

arraybuffer.prototype.slice@1.0.3

arrify@1.0.1

asn1@0.2.6

assert-plus@1.0.0

assign-symbols@1.0.0

astral-regex@1.0.0

async-limiter@1.0.1

async@2.6.4

asynckit@0.4.0

available-typed-arrays@1.0.7

aws4@1.12.0

babel-code-frame@6.26.0

babel-core@6.26.3

babel-generator@6.26.1

babel-helpers@6.24.1

babel-jest@22.4.4

babel-messages@6.23.0

babel-plugin-jest-hoist@22.4.4

babel-plugin-syntax-object-rest-spread@6.13.0

babel-preset-jest@22.4.4

babel-register@6.26.0

babel-runtime@6.26.0

babel-template@6.26.0

babel-traverse@6.26.0

babel-types@6.26.0

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

37 Packages, Including:

anymatch@2.0.0

capture-exit@1.2.0

cliui@4.1.0

fs.realpath@1.0.0

get-caller-file@1.0.3

glob-parent@2.0.0

glob@7.2.3

graceful-fs@4.2.11

har-schema@2.0.0

hosted-git-info@2.8.9

inflight@1.0.6

inherits@2.0.4

isexe@2.0.0

json-stringify-safe@5.0.1

lru-cache@4.1.5

minimatch@3.1.2

once@1.4.0

picocolors@1.0.0

pseudomap@1.0.2

remove-trailing-separator@1.1.0

request-promise-core@1.1.4

request-promise-native@1.0.9

require-main-filename@1.0.1

rimraf@2.7.1

sax@1.3.0

semver@5.7.2

set-blocking@2.0.0

signal-exit@3.0.7

stealthy-require@1.1.1

test-exclude@4.2.3

which-module@2.0.1

which@1.3.1

wrappy@1.0.2

write-file-atomic@2.4.3

y18n@3.2.2

yallist@2.1.2

yargs-parser@8.1.0

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

18 Packages, Including:

abab@2.0.6

babel-plugin-istanbul@4.1.6

bcrypt-pbkdf@1.0.2

diff@3.5.0

istanbul-api@1.3.7

istanbul-lib-coverage@1.2.1

istanbul-lib-hook@1.2.2

istanbul-lib-instrument@1.10.2

istanbul-lib-report@1.1.5

istanbul-lib-source-maps@1.2.6

istanbul-reports@1.5.1

makeerror@1.0.12

qs@6.5.3

source-map@0.5.7

source-map@0.6.1

sprintf-js@1.0.3

tmpl@1.0.5

tough-cookie@2.5.0

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

13 Packages, Including:

aws-sign2@0.7.0

bser@2.1.1

caseless@0.12.0

fb-watchman@2.0.2

forever-agent@0.6.1

oauth-sign@0.9.0

request@2.88.2

spdx-correct@3.2.0

tunnel-agent@0.6.0

validate-npm-package-license@3.0.4

walker@1.0.8

watch@0.18.0

xml-name-validator@3.0.0

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

9 Packages, Including:

browser-process-hrtime@1.0.0

escodegen@1.14.3

esprima@4.0.1

estraverse@4.3.0

esutils@2.0.3

normalize-package-data@2.5.0

uglify-js@3.17.4

uri-js@4.4.1

webidl-conversions@4.0.2

(MIT OR Apache-2.0)

Permissive

1 Packages, Including:

atob@2.1.2

(AFL-2.1 OR BSD-3-Clause)

Permissive

1 Packages, Including:

json-schema@0.4.0

Public Domain

Invalid

Not OSI Approved

1 Packages, Including:

jsonify@0.0.1

Do What The F*ck You Want To Public License

Permissive

Not OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

sublicense

distribute

modify

Cannot

Must

rename

1 Packages, Including:

left-pad@1.3.0

Creative Commons Attribution 3.0 Unported

Uncategorized

Not OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

Cannot

Must

1 Packages, Including:

spdx-exceptions@2.5.0

Creative Commons Zero v1.0 Universal

Public Domain

Not OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

Cannot

Must

1 Packages, Including:

spdx-license-ids@3.0.17

The Unlicense

Public Domain

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

private-use

modify

Cannot

include-copyright

hold-liable

Must

1 Packages, Including:

tweetnacl@0.14.5

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of video-react 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
classnames	2.5.1	8.46 kB	MIT	prod
jest-cli	22.4.4	47.85 kB	MIT	prod	1 19 6 4
jest	22.4.4	1.24 kB	MIT	prod	1 19 6 4
lodash.throttle	4.1.1	5.42 kB	MIT	prod
prop-types	15.8.1	22.12 kB	MIT	prod
react-dom	16.14.0	722.53 kB	MIT	prod peer	2
react	16.14.0	59.16 kB	MIT	prod peer	1
redux	4.2.1	33.92 kB	MIT	prod