use-is-in-viewport
use-is-in-viewport copied to clipboard
zeusdeux
A react hook to find out if an element is in a given viewport with a simple api.
检测到 zeusdeux/use-is-in-viewport 一共引入了618个开源组件,存在21个漏洞 ``` 漏洞标题:serialize-javascript 代码问题漏洞 缺陷组件:[email protected] 漏洞编号:CVE-2020-7660 漏洞描述:Verizon serialize-javascript是美国威瑞森电信(Verizon)公司的一款支持将JavaScript序列化为 JSON超集的软件包。 serialize-javascript 3.1.0之前版本中存在代码问题漏洞。远程攻击者可借助index.js文件中的‘deleteFunctions’函数利用该漏洞注入任意代码。 国家漏洞库信息:https://www.cnvd.org.cn/flaw/show/CNVD-2020-53801 影响范围:(∞, 3.1.0) 最小修复版本:3.1.0 缺陷组件引入路径:[email protected]>[email protected]>[email protected]>[email protected] ``` 另外还有21个漏洞,详细报告:https://mofeisec.com/jr?p=i69115
Update react peer dep to include 17.x in preparation for npm 7 and its auto peer dep install default
Bumps [minimist](https://github.com/minimistjs/minimist) to 1.2.8 and updates ancestor dependencies [minimist](https://github.com/minimistjs/minimist), [cypress](https://github.com/cypress-io/cypress) and [mkdirp](https://github.com/isaacs/node-mkdirp). These dependencies need to be updated together. Updates `minimist` from 1.2.0 to 1.2.8 Changelog Sourced from minimist's changelog....
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1. Commits 2449650 Update mocha 560b2d8 Don't use regex to trim whitespace b1bdb92 Remove linting package zoo c20dc7e Cache 308 See full diff in compare...
Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. Release notes Sourced from json5's releases. v1.0.2 Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a...
Bumps [json5](https://github.com/json5/json5) to 2.2.3 and updates ancestor dependency [microbundle](https://github.com/developit/microbundle). These dependencies need to be updated together. Updates `json5` from 1.0.1 to 2.2.3 Release notes Sourced from json5's releases. v2.2.3 Fix:...
Bumps [qs](https://github.com/ljharb/qs) from 6.5.2 to 6.5.3. Changelog Sourced from qs's changelog. 6.5.3 [Fix] parse: ignore __proto__ keys (#428) [Fix] utils.merge: avoid a crash with a null target and a truthy...
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 1.4.0 to 1.4.2. Release notes Sourced from loader-utils's releases. v1.4.2 1.4.2 (2022-11-11) Bug Fixes ReDoS problem (#226) (17cbf8f) v1.4.1 1.4.1 (2022-11-07) Bug Fixes security problem (#220) (4504e34)...