mickelsonmichael / js-snackbar Goto Github PK
View Code? Open in Web Editor NEWA simple, jQuery free Snackbar (Toast) alert
Home Page: http://michaelmickelson.com/js-snackbar
License: MIT License
A simple, jQuery free Snackbar (Toast) alert
Home Page: http://michaelmickelson.com/js-snackbar
License: MIT License
Check if a string or buffer is SVG
Library home page: https://registry.npmjs.org/is-svg/-/is-svg-3.0.0.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/is-svg/package.json,js-snackbar/node_modules/is-svg/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
The is-svg package 2.1.0 through 4.2.1 for Node.js uses a regular expression that is vulnerable to Regular Expression Denial of Service (ReDoS). If an attacker provides a malicious string, is-svg will get stuck processing the input for a very long time.
Publish Date: 2021-03-12
URL: CVE-2021-28092
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28092
Release Date: 2021-03-12
Fix Resolution: v4.2.2
Step up your Open Source Security Game with WhiteSource here
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-8.2.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss/package.json,js-snackbar/node_modules/postcss/package.json
Dependency Hierarchy:
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json
Dependency Hierarchy:
Found in HEAD commit: 82b4bdf100c66805949a25007c739ee410d28d5b
Found in base branch: master
The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
Publish Date: 2021-04-12
URL: CVE-2021-23368
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368
Release Date: 2021-04-12
Fix Resolution: postcss -8.2.10
Step up your Open Source Security Game with WhiteSource here
Strips glob magic from a string to provide the parent directory path
Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/glob-parent/package.json,js-snackbar/node_modules/glob-parent/package.json
Dependency Hierarchy:
Extract the non-magic parent path from a glob string.
Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.1.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/chokidar/node_modules/glob-parent/package.json,js-snackbar/node_modules/chokidar/node_modules/glob-parent/package.json,js-snackbar/node_modules/fast-glob/node_modules/glob-parent/package.json,js-snackbar/node_modules/fast-glob/node_modules/glob-parent/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
Publish Date: 2021-06-03
URL: CVE-2020-28469
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28469
Release Date: 2021-06-03
Fix Resolution: glob-parent - 5.1.2
Step up your Open Source Security Game with WhiteSource here
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-8.2.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss/package.json,js-snackbar/node_modules/postcss/package.json
Dependency Hierarchy:
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /*\s* sourceMappingURL=(.*).
Publish Date: 2021-04-26
URL: CVE-2021-23382
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23382
Release Date: 2021-04-26
Fix Resolution: postcss - 8.2.13
Step up your Open Source Security Game with WhiteSource here
The "Try It Yourself" section of the demo site is really better suited to be at the bottom of the page, instead of between other potential features.
a CSS selector parser
Library home page: https://registry.npmjs.org/css-what/-/css-what-3.4.2.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/css-what/package.json,js-snackbar/node_modules/css-what/package.json
Dependency Hierarchy:
Found in HEAD commit: 5907d79b6a1d0acdc78422f8ebd462ef585ee119
Found in base branch: master
The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.
Publish Date: 2021-05-28
URL: CVE-2021-33587
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33587
Release Date: 2021-05-28
Fix Resolution: css-what - 5.0.1
Step up your Open Source Security Game with WhiteSource here
Parser and generator for CSS color strings
Library home page: https://registry.npmjs.org/color-string/-/color-string-1.5.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/color-string/package.json,js-snackbar/node_modules/color-string/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.
Publish Date: 2021-06-21
URL: CVE-2021-29060
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-257v-vj4p-3w2h
Release Date: 2021-06-21
Fix Resolution: color-string - 1.5.5
Step up your Open Source Security Game with WhiteSource here
a CSS selector parser
Library home page: https://registry.npmjs.org/css-what/-/css-what-3.4.2.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/css-what/package.json,js-snackbar/node_modules/css-what/package.json
Dependency Hierarchy:
Found in HEAD commit: 82b4bdf100c66805949a25007c739ee410d28d5b
Found in base branch: master
The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.
Publish Date: 2021-05-28
URL: CVE-2021-33587
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33587
Release Date: 2021-05-28
Fix Resolution: css-what - 5.0.1
Step up your Open Source Security Game with WhiteSource here
Check if a string or buffer is SVG
Library home page: https://registry.npmjs.org/is-svg/-/is-svg-3.0.0.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/is-svg/package.json,js-snackbar/node_modules/is-svg/package.json
Dependency Hierarchy:
Found in HEAD commit: 82b4bdf100c66805949a25007c739ee410d28d5b
Found in base branch: master
A vulnerability was discovered in IS-SVG version 4.3.1 and below where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG string.
Publish Date: 2021-06-21
URL: CVE-2021-29059
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
In Internet Explorer 11, there is an extra white space below each of the Snackbars. This was solved in Chrome by adding a vertical align bottom to the elements, but the fix doesn't seem to work for IE.
a CSS selector parser
Library home page: https://registry.npmjs.org/css-what/-/css-what-3.4.2.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/css-what/package.json,js-snackbar/node_modules/css-what/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
The css-what package 4.0.0 through 5.0.0 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to the size of the input.
Publish Date: 2021-05-28
URL: CVE-2021-33587
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33587
Release Date: 2021-05-28
Fix Resolution: css-what - 5.0.1
Step up your Open Source Security Game with WhiteSource here
Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset
Library home page: https://registry.npmjs.org/browserslist/-/browserslist-4.16.1.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/browserslist/package.json,js-snackbar/node_modules/browserslist/package.json
Dependency Hierarchy:
Found in HEAD commit: 82b4bdf100c66805949a25007c739ee410d28d5b
Found in base branch: master
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
Publish Date: 2021-04-28
URL: CVE-2021-23364
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23364
Release Date: 2021-04-28
Fix Resolution: browserslist - 4.16.5
Step up your Open Source Security Game with WhiteSource here
Lodash modular utilities.
Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/lodash/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
Lodash versions prior to 4.17.21 are vulnerable to Command Injection via the template function.
Publish Date: 2021-02-15
URL: CVE-2021-23337
Base Score Metrics:
Type: Upgrade version
Origin: lodash/lodash@3469357
Release Date: 2021-02-15
Fix Resolution: lodash - 4.17.21
Step up your Open Source Security Game with WhiteSource here
Node.js path.parse() ponyfill
Library home page: https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/path-parse/package.json,js-snackbar/node_modules/path-parse/package.json
Dependency Hierarchy:
Found in HEAD commit: 82b4bdf100c66805949a25007c739ee410d28d5b
Found in base branch: master
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
Publish Date: 2021-05-04
URL: CVE-2021-23343
Base Score Metrics:
Type: Upgrade version
Origin: jbgutierrez/path-parse#8
Release Date: 2021-05-04
Fix Resolution: path-parse - 1.0.7
Step up your Open Source Security Game with WhiteSource here
Node.js path.parse() ponyfill
Library home page: https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/path-parse/package.json,js-snackbar/node_modules/path-parse/package.json
Dependency Hierarchy:
Found in HEAD commit: c25d9b24a5d644736aa2011f659edbe951cbc638
Found in base branch: master
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
Publish Date: 2021-05-04
URL: CVE-2021-23343
Base Score Metrics:
Type: Upgrade version
Origin: jbgutierrez/path-parse#8
Release Date: 2021-05-04
Fix Resolution: path-parse - 1.0.7
Step up your Open Source Security Game with WhiteSource here
Parser and generator for CSS color strings
Library home page: https://registry.npmjs.org/color-string/-/color-string-1.5.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/color-string/package.json,js-snackbar/node_modules/color-string/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
Regular Expression Denial of Service (ReDoS) was found in color-string before 1.5.5.
Publish Date: 2021-03-12
URL: WS-2021-0152
Base Score Metrics:
Type: Upgrade version
Origin: https://github.com/Qix-/color-string/releases/tag/1.5.5
Release Date: 2021-03-12
Fix Resolution: color-string - 1.5.5
Step up your Open Source Security Game with WhiteSource here
Parser and generator for CSS color strings
Library home page: https://registry.npmjs.org/color-string/-/color-string-1.5.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/color-string/package.json,js-snackbar/node_modules/color-string/package.json
Dependency Hierarchy:
Found in HEAD commit: 82b4bdf100c66805949a25007c739ee410d28d5b
Found in base branch: master
Regular Expression Denial of Service (ReDoS) was found in color-string before 1.5.5.
Publish Date: 2021-03-12
URL: WS-2021-0152
Base Score Metrics:
Type: Upgrade version
Origin: https://github.com/Qix-/color-string/releases/tag/1.5.5
Release Date: 2021-03-12
Fix Resolution: color-string - 1.5.5
Step up your Open Source Security Game with WhiteSource here
Node.js path.parse() ponyfill
Library home page: https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/path-parse/package.json,js-snackbar/node_modules/path-parse/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
Publish Date: 2021-05-04
URL: CVE-2021-23343
Base Score Metrics:
Type: Upgrade version
Origin: jbgutierrez/path-parse#8
Release Date: 2021-05-04
Fix Resolution: path-parse - 1.0.7
Step up your Open Source Security Game with WhiteSource here
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-8.2.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss/package.json,js-snackbar/node_modules/postcss/package.json
Dependency Hierarchy:
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
Publish Date: 2021-04-12
URL: CVE-2021-23368
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368
Release Date: 2021-04-12
Fix Resolution: postcss -8.2.10
Step up your Open Source Security Game with WhiteSource here
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-8.2.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss/package.json
Dependency Hierarchy:
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json
Dependency Hierarchy:
Found in HEAD commit: 5907d79b6a1d0acdc78422f8ebd462ef585ee119
Found in base branch: master
The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
Publish Date: 2021-04-12
URL: CVE-2021-23368
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368
Release Date: 2021-04-12
Fix Resolution: postcss -8.2.10
Step up your Open Source Security Game with WhiteSource here
Strips glob magic from a string to provide the parent directory path
Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/glob-parent/package.json,js-snackbar/node_modules/glob-parent/package.json
Dependency Hierarchy:
Extract the non-magic parent path from a glob string.
Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.1.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/chokidar/node_modules/glob-parent/package.json,js-snackbar/node_modules/chokidar/node_modules/glob-parent/package.json,js-snackbar/node_modules/fast-glob/node_modules/glob-parent/package.json,js-snackbar/node_modules/fast-glob/node_modules/glob-parent/package.json
Dependency Hierarchy:
Found in HEAD commit: 82b4bdf100c66805949a25007c739ee410d28d5b
Found in base branch: master
Regular Expression Denial of Service (ReDoS) vulnerability was found in glob-parent before 5.1.2.
Publish Date: 2021-01-27
URL: WS-2021-0154
Base Score Metrics:
Type: Upgrade version
Origin: https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2
Release Date: 2021-01-27
Fix Resolution: glob-parent - 5.1.2
Step up your Open Source Security Game with WhiteSource here
Lodash modular utilities.
Library home page: https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/lodash/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
Publish Date: 2021-02-15
URL: CVE-2020-28500
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28500
Release Date: 2021-02-15
Fix Resolution: lodash-4.17.21
Step up your Open Source Security Game with WhiteSource here
Parser and generator for CSS color strings
Library home page: https://registry.npmjs.org/color-string/-/color-string-1.5.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/color-string/package.json,js-snackbar/node_modules/color-string/package.json
Dependency Hierarchy:
Found in HEAD commit: 5907d79b6a1d0acdc78422f8ebd462ef585ee119
Found in base branch: master
Regular Expression Denial of Service (ReDoS) was found in color-string before 1.5.5.
Publish Date: 2021-03-12
URL: WS-2021-0152
Base Score Metrics:
Type: Upgrade version
Origin: https://github.com/Qix-/color-string/releases/tag/1.5.5
Release Date: 2021-03-12
Fix Resolution: color-string - 1.5.5
Step up your Open Source Security Game with WhiteSource here
Check if a string or buffer is SVG
Library home page: https://registry.npmjs.org/is-svg/-/is-svg-3.0.0.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/is-svg/package.json,js-snackbar/node_modules/is-svg/package.json
Dependency Hierarchy:
Found in HEAD commit: 5907d79b6a1d0acdc78422f8ebd462ef585ee119
Found in base branch: master
A vulnerability was discovered in IS-SVG version 4.3.1 and below where a Regular Expression Denial of Service (ReDOS) occurs if the application is provided and checks a crafted invalid SVG string.
Publish Date: 2021-06-21
URL: CVE-2021-29059
Base Score Metrics:
Step up your Open Source Security Game with WhiteSource here
Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset
Library home page: https://registry.npmjs.org/browserslist/-/browserslist-4.16.1.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/browserslist/package.json,js-snackbar/node_modules/browserslist/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
Publish Date: 2021-04-28
URL: CVE-2021-23364
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23364
Release Date: 2021-04-28
Fix Resolution: browserslist - 4.16.5
Step up your Open Source Security Game with WhiteSource here
These would allow custom functions to run within the snackbar. For example an Undo button, or a custom dismiss button
Merging into the master
branch should require new build checks to be performed
Babel should transpile the JS into a more browser-friendly version in the /dist
directory, and both the transpiled JS and the CSS should have their minified versions updated. This will ensure that any conflicts in the dev
branch will be reconciled before release
Hi,
What could be the goal to display a notification with a timeout set to 0 as it will never be seen ?
As this value has no usability it could be equivalent to no timeout.
It will be easiest to use as we should have only one type of parameter to process.
In my case I have to add a test to replace 0 by false.
Most Toast component that I know are using 0 to prevent auto hiding.
JY
By default the target container should be the body, but if the user passes a target
option, initialize the snackbar into it. This will result in multiple instances of tooltips but there shouldn't be conflicts. Users should be able to create as many as they want
On my project the element is always in the given location from when i load the page.
If i scroll and call another element i can´t see it because its all the way up top. (Firefox, Chrome, Edge)
In picture 1 i called many elements while scrolled down. The first 4 aren´t visable at all, the 5th only half.
On your demo page it always is visable and dosn´t care about the scrolling.
Node.js path.parse() ponyfill
Library home page: https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/path-parse/package.json,js-snackbar/node_modules/path-parse/package.json
Dependency Hierarchy:
Found in HEAD commit: 5907d79b6a1d0acdc78422f8ebd462ef585ee119
Found in base branch: master
All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe regular expressions. ReDoS exhibits polynomial worst-case time complexity.
Publish Date: 2021-05-04
URL: CVE-2021-23343
Base Score Metrics:
Type: Upgrade version
Origin: jbgutierrez/path-parse#8
Release Date: 2021-05-04
Fix Resolution: path-parse - 1.0.7
Step up your Open Source Security Game with WhiteSource here
README states: "Simply call Snackbar()"
When it should be SnackBar().
Minor, but inexperienced users may struggle. A brief entry on how to install + an example would take this even further.
Thanks for an otherwise performant & easy to use library :)
When initializing a snackbar, one of the options should be a speed
option that will define how quickly the javascript or css animations will run
The documentation on the demo site for Actions is very sparse; the README.md has been updated with some additional usage information on the actions, and the site should be updated to reflect those changes.
Additionally, if possible, the Actions ability should be added to the "Try It Yourself" section
Kindly provide option to change positioning and add icon. If the position is top right corner then toasts should be stacked vertically downward and the latest toast should be at the top.
Parser and generator for CSS color strings
Library home page: https://registry.npmjs.org/color-string/-/color-string-1.5.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/color-string/package.json,js-snackbar/node_modules/color-string/package.json
Dependency Hierarchy:
Found in HEAD commit: 5907d79b6a1d0acdc78422f8ebd462ef585ee119
Found in base branch: master
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.
Publish Date: 2021-06-21
URL: CVE-2021-29060
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-257v-vj4p-3w2h
Release Date: 2021-06-21
Fix Resolution: color-string - 1.5.5
Step up your Open Source Security Game with WhiteSource here
Share target browsers between different front-end tools, like Autoprefixer, Stylelint and babel-env-preset
Library home page: https://registry.npmjs.org/browserslist/-/browserslist-4.16.1.tgz
Dependency Hierarchy:
Found in HEAD commit: 5907d79b6a1d0acdc78422f8ebd462ef585ee119
Found in base branch: master
The package browserslist from 4.0.0 and before 4.16.5 are vulnerable to Regular Expression Denial of Service (ReDoS) during parsing of queries.
Publish Date: 2021-04-28
URL: CVE-2021-23364
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23364
Release Date: 2021-04-28
Fix Resolution: browserslist - 4.16.5
Step up your Open Source Security Game with WhiteSource here
Hi,
To have fixed width snackbar you have to slightly modify the css:
JY
Hello!
I was trying out the js-snackbar library and was wondering if it is possible to add the use of html tags in my message. So that way I could use something like PHP Error:
Biep boep something wrong
Greetings,
Roy
Hi,
If status is null => Uncaught TypeError: Cannot read property 'toLowerCase' of null
If status is undefined => no error.
You should replace
status: userOptions?.status !== undefined ? userOptions.status.toLowerCase().trim() : "",
by
status: userOptions?.status ? userOptions.status.toLowerCase().trim() : "",
JY
Provides metadata and conversions from repository urls for Github, Bitbucket and Gitlab
Library home page: https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.8.tgz
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
The package hosted-git-info before 3.0.8 are vulnerable to Regular Expression Denial of Service (ReDoS) via regular expression shortcutMatch in the fromUrl function in index.js. The affected regular expression exhibits polynomial worst-case time complexity.
Publish Date: 2021-03-23
URL: CVE-2021-23362
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-43f8-2h32-f4cj
Release Date: 2021-03-23
Fix Resolution: hosted-git-info - 2.8.9,3.0.8
Step up your Open Source Security Game with WhiteSource here
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-8.2.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss/package.json,js-snackbar/node_modules/postcss/package.json
Dependency Hierarchy:
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json
Dependency Hierarchy:
Found in HEAD commit: c25d9b24a5d644736aa2011f659edbe951cbc638
Found in base branch: master
The package postcss from 7.0.0 and before 8.2.10 are vulnerable to Regular Expression Denial of Service (ReDoS) during source map parsing.
Publish Date: 2021-04-12
URL: CVE-2021-23368
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23368
Release Date: 2021-04-12
Fix Resolution: postcss -8.2.10
Step up your Open Source Security Game with WhiteSource here
Options should include:
Hi
Does it have Dispose method for use in my function btn?
Parser and generator for CSS color strings
Library home page: https://registry.npmjs.org/color-string/-/color-string-1.5.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/color-string/package.json,js-snackbar/node_modules/color-string/package.json
Dependency Hierarchy:
Found in HEAD commit: 82b4bdf100c66805949a25007c739ee410d28d5b
Found in base branch: master
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in Color-String version 1.5.5 and below which occurs when the application is provided and checks a crafted invalid HWB string.
Publish Date: 2021-06-21
URL: CVE-2021-29060
Base Score Metrics:
Type: Upgrade version
Origin: GHSA-257v-vj4p-3w2h
Release Date: 2021-06-21
Fix Resolution: color-string - 1.5.5
Step up your Open Source Security Game with WhiteSource here
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-8.2.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss/package.json
Dependency Hierarchy:
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json
Dependency Hierarchy:
Found in HEAD commit: 5907d79b6a1d0acdc78422f8ebd462ef585ee119
Found in base branch: master
The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /*\s* sourceMappingURL=(.*).
Publish Date: 2021-04-26
URL: CVE-2021-23382
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23382
Release Date: 2021-04-26
Fix Resolution: postcss - 8.2.13
Step up your Open Source Security Game with WhiteSource here
Did this
SnackBar({ message: "Something oppened... What could it be?", possition: "tr" })
but it always shows on the bottom right
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-8.2.4.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss/package.json,js-snackbar/node_modules/postcss/package.json
Dependency Hierarchy:
Tool for transforming styles with JS plugins
Library home page: https://registry.npmjs.org/postcss/-/postcss-7.0.35.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-display-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-svgo/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-preset-default/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-transforms/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-params/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-calc/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-overridden/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-colormin/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-string/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-convert-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-charset/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-positions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano-util-raw-cache/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-ordered-values/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-comments/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/stylehacks/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-empty/node_modules/postcss/package.json,js-snackbar/node_modules/css-declaration-sorter/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-reduce-initial/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-unique-selectors/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-url/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-timing-functions/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-repeat-style/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-rules/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-merge-longhand/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-unicode/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-normalize-whitespace/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-discard-duplicates/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-gradients/node_modules/postcss/package.json,js-snackbar/node_modules/cssnano/node_modules/postcss/package.json,js-snackbar/node_modules/postcss-minify-font-values/node_modules/postcss/package.json
Dependency Hierarchy:
Found in HEAD commit: 82b4bdf100c66805949a25007c739ee410d28d5b
Found in base branch: master
The package postcss before 8.2.13 are vulnerable to Regular Expression Denial of Service (ReDoS) via getAnnotationURL() and loadAnnotation() in lib/previous-map.js. The vulnerable regexes are caused mainly by the sub-pattern /*\s* sourceMappingURL=(.*).
Publish Date: 2021-04-26
URL: CVE-2021-23382
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23382
Release Date: 2021-04-26
Fix Resolution: postcss - 8.2.13
Step up your Open Source Security Game with WhiteSource here
Normalize a URL
Library home page: https://registry.npmjs.org/normalize-url/-/normalize-url-3.3.0.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/normalize-url/package.json,js-snackbar/node_modules/normalize-url/package.json
Dependency Hierarchy:
Found in HEAD commit: b35b12e4b75552332fefa13fbaab6aeafccb3a81
Found in base branch: master
The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression denial of service) issue because it has exponential performance for data: URLs.
Publish Date: 2021-05-24
URL: CVE-2021-33502
Base Score Metrics:
Type: Upgrade version
Origin: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-33502
Release Date: 2021-05-24
Fix Resolution: normalize-url - 4.5.1, 5.3.1, 6.0.1
Step up your Open Source Security Game with WhiteSource here
Strips glob magic from a string to provide the parent directory path
Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/glob-parent/package.json,js-snackbar/node_modules/glob-parent/package.json
Dependency Hierarchy:
Extract the non-magic parent path from a glob string.
Library home page: https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.1.tgz
Path to dependency file: js-snackbar/package.json
Path to vulnerable library: js-snackbar/node_modules/chokidar/node_modules/glob-parent/package.json,js-snackbar/node_modules/chokidar/node_modules/glob-parent/package.json,js-snackbar/node_modules/fast-glob/node_modules/glob-parent/package.json,js-snackbar/node_modules/fast-glob/node_modules/glob-parent/package.json
Dependency Hierarchy:
Found in HEAD commit: 5907d79b6a1d0acdc78422f8ebd462ef585ee119
Found in base branch: master
Regular Expression Denial of Service (ReDoS) vulnerability was found in glob-parent before 5.1.2.
Publish Date: 2021-01-27
URL: WS-2021-0154
Base Score Metrics:
Type: Upgrade version
Origin: https://github.com/gulpjs/glob-parent/releases/tag/v5.1.2
Release Date: 2021-01-27
Fix Resolution: glob-parent - 5.1.2
Step up your Open Source Security Game with WhiteSource here
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.