Home
Docs
GitHub
Pricing
Blog
Log In

Run Sandworm Audit for your App

Get started
Hold on, we're currently generating a fresh version of this report
Generated on Apr 20, 2024 via pnpm

yui 3.18.1

YUI 3 Source
Package summary
Share
40
issues
9
critical severity
license
9
21
high severity
vulnerability
7
license
7
meta
7
3
moderate severity
vulnerability
3
7
low severity
license
7
6
licenses
12
MIT
9
N/A
7
BSD
4
other licenses
Apache-2.0
2
ISC
1
BSD-3-Clause
1
Package created
12 Dec 2011
Version published
22 Oct 2014
Maintainers
6
Total deps
32
Direct deps
1
License
UNKNOWN

Issues

40

9 critical severity issues

critical
Recommendation: Check the package code and files for license information
via: request@2.40.0
Recommendation: Check the package code and files for license information
via: request@2.40.0
Recommendation: Check the package code and files for license information
via: request@2.40.0
Recommendation: Check the package code and files for license information
via: request@2.40.0
Recommendation: Check the package code and files for license information
via: request@2.40.0
Recommendation: Check the package code and files for license information
via: request@2.40.0
Recommendation: Check the package code and files for license information
via: request@2.40.0
Recommendation: Check the package code and files for license information
via: request@2.40.0
Recommendation: Check the package code and files for license information
via: request@2.40.0
Collapse
Expand

21 high severity issues

high
Recommendation: Upgrade to version 6.0.4 or later
via: request@2.40.0
Recommendation: Upgrade to version 3.1.3 or later
via: request@2.40.0
Recommendation: Upgrade to version 1.4.1 or later
via: request@2.40.0
Recommendation: Upgrade to version 4.2.1 or later
via: request@2.40.0
Recommendation: Upgrade to version 9.0.1 or later
via: request@2.40.0
Recommendation: None
via: request@2.40.0
Recommendation: Upgrade to version 6.2.4 or later
via: request@2.40.0
Recommendation: Validate that the package complies with your license policy
via: request@2.40.0
Recommendation: Validate that the package complies with your license policy
via: request@2.40.0
Recommendation: Validate that the package complies with your license policy
via: request@2.40.0
Recommendation: Validate that the package complies with your license policy
via: request@2.40.0
Recommendation: Validate that the package complies with your license policy
via: request@2.40.0
Recommendation: Validate that the package complies with your license policy
via: request@2.40.0
Recommendation: Validate that the package complies with your license policy
via: yui@3.18.1
via: request@2.40.0
via: request@2.40.0
via: request@2.40.0
via: request@2.40.0
via: request@2.40.0
via: request@2.40.0
via: request@2.40.0
Collapse
Expand

3 moderate severity issues

moderate
Recommendation: Upgrade to version 0.6.0 or later
via: request@2.40.0
Recommendation: Upgrade to version 2.68.0 or later
via: request@2.40.0
Recommendation: None
via: request@2.40.0
Collapse
Expand

7 low severity issues

low
Recommendation: Read and validate the license terms
via: request@2.40.0
Recommendation: Read and validate the license terms
via: request@2.40.0
Recommendation: Read and validate the license terms
via: request@2.40.0
Recommendation: Read and validate the license terms
via: request@2.40.0
Recommendation: Read and validate the license terms
via: request@2.40.0
Recommendation: Read and validate the license terms
via: request@2.40.0
Recommendation: Read and validate the license terms
via: yui@3.18.1
Collapse
Expand

Licenses

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
12 Packages, Including:
async@0.9.2
form-data@0.1.4
http-signature@0.10.1
mime-types@1.0.2
node-uuid@1.4.8
psl@1.9.0
punycode@2.3.1
querystringify@2.2.0
requires-port@1.0.0
stringstream@0.0.6
universalify@0.2.0
url-parse@1.5.10

N/A

N/A
9 Packages, Including:
asn1@0.1.11
assert-plus@0.1.5
aws-sign2@0.5.0
combined-stream@0.0.7
ctype@0.5.3
delayed-stream@0.0.5
forever-agent@0.5.2
mime@1.2.11
oauth-sign@0.3.0

BSD

Invalid
Not OSI Approved
7 Packages, Including:
boom@0.4.2
cryptiles@0.2.2
hawk@1.1.1
hoek@0.9.1
qs@1.0.2
sntp@0.2.4
yui@3.18.1

Apache License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
use-patent-claims
place-warranty
Cannot
hold-liable
use-trademark
Must
include-copyright
include-license
state-changes
include-notice
2 Packages, Including:
request@2.40.0
tunnel-agent@0.4.3

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
json-stringify-safe@5.0.1

BSD 3-Clause "New" or "Revised" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
use-trademark
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
tough-cookie@4.1.3
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Direct Dependencies

1
All Dependencies CSV
β“˜ This is a list of yui 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.
NameVersionSizeLicenseTypeVulnerabilities
request2.40.062.39 kBApache-2.0
prod
9
20
3
6

Visualizations