npmpackage.info

Gathering detailed insights and metrics for confusing-browser-globals

Other packages similar to confusing-browser-globals

@types/confusing-browser-globals

1.0.3

TypeScript definitions for confusing-browser-globals

confusing-browser-globals-fresh

1.0.2

A list of browser globals that are often used by mistake instead of local variables

@duplotech/confusing-browser-globals

1.0.15

A list of browser globals that are often used by mistake instead of local variables

augle-confusing-browser-globals

1.0.8-0

A list of browser globals that are often used by mistake instead of local variables

Gathering detailed insights and metrics for confusing-browser-globals

confusing-browser-globals - 1.0.11 | npmpackage.info

confusing-browser-globals

Set up a modern web app by running one command.

1.0.11

103,365

MIT

JavaScript

3.78 kB

4.3

Installations

npm install confusing-browser-globals

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

16.13.0

NPM Version

lerna/4.0.0/node@v16.13.0+arm64 (darwin)

Pull Requests

Open

494

Total

4,335

Closed

1,892

Merged

1,949

Issues

Open

1,830

Total

8,401

Closed

6,571

Releases

v5.0.1

Updated on Apr 12, 2022

v5.0.0

Updated on Dec 14, 2021

v4.0.3

Updated on Feb 22, 2021

v4.0.2

Updated on Feb 03, 2021

v4.0.1

Updated on Nov 23, 2020

v4.0.0

Updated on Oct 23, 2020

View All 83 releases

Languages

JavaScript

Shell

CSS

HTML

AppleScript

TypeScript

SCSS

Sass

JavaScript (98.35%)

Shell (1.21%)

CSS (0.15%)

HTML (0.12%)

AppleScript (0.09%)

TypeScript (0.07%)

SCSS (0.02%)

Sass (0.01%)

Developer

facebook

Download Statistics

Total Downloads

Last Day

Last Week

Last Month

Last Year

GitHub Statistics

MIT License

103,365 Stars

2,819 Commits

27,032 Forks

1,900 Watchers

28 Branches

960 Contributors

Updated on Jul 16, 2025

Maintainers

View All 960 Contributors

Package Meta Information

Latest Version

1.0.11

Package Id

confusing-browser-globals@1.0.11

Unpacked Size

3.78 kB

Size

2.03 kB

File Count

NPM Version

lerna/4.0.0/node@v16.13.0+arm64 (darwin)

Node Version

16.13.0

Published on

Dec 14, 2021

Total Downloads

Cumulative downloads

Total Downloads

NaN

Last Day

NaN

Compared to previous day

Last Week

NaN

Compared to previous week

Last Month

NaN

Compared to previous month

Last Year

NaN

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dev Dependencies

jest

confusing-browser-globals

A curated list of browser globals that commonly cause confusion and are not recommended to use without an explicit window. qualifier.

Motivation

Some global variables in browser are likely to be used by people without the intent of using them as globals, such as status, name, event, etc.

For example:

1handleClick() { // missing `event` argument
2  this.setState({
3  	text: event.target.value // uses the `event` global: oops!
4  });
5}

This package exports a list of globals that are often used by mistake. You can feed this list to a static analysis tool like ESLint to prevent their usage without an explicit window. qualifier.

Installation

1npm install --save confusing-browser-globals

Usage

If you use Create React App, you don't need to configure anything, as this rule is already included in the default eslint-config-react-app preset.

If you maintain your own ESLint configuration, you can do this:

1const restrictedGlobals = require('confusing-browser-globals');
2
3module.exports = {
4  rules: {
5    'no-restricted-globals': ['error'].concat(restrictedGlobals),
6  },
7};

License

MIT

No vulnerabilities found.

10

Security-Policy

Determines if the project has published a security policy.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

10

License

Determines if the project has defined a license.

7

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

2

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 2

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-and-test.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/create-react-app/build-and-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-and-test.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/create-react-app/build-and-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-and-test.yml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/create-react-app/build-and-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/build-and-test.yml:48: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/create-react-app/build-and-test.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-base.yml:22: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/create-react-app/e2e-base.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/e2e-base.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/create-react-app/e2e-base.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:9: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/create-react-app/lint.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/lint.yml:10: update your workflow using https://app.stepsecurity.io/secureworkflow/facebook/create-react-app/lint.yml/main?enable=pin
Warn: npmCommand not pinned by hash: tasks/e2e-kitchensink-eject.sh:92
Warn: npmCommand not pinned by hash: tasks/e2e-kitchensink.sh:92
Warn: npmCommand not pinned by hash: tasks/e2e-old-node.sh:52
Warn: npmCommand not pinned by hash: .github/workflows/build-and-test.yml:57
Info: 0 out of 8 GitHub-owned GitHubAction dependencies pinned
Info: 4 out of 8 npmCommand dependencies pinned

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Fuzzing

Determines if the project uses fuzzing.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

93 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-h5c3-5r3r-rr8q
Warn: Project is vulnerable to: GHSA-rmvr-2pp2-xj38
Warn: Project is vulnerable to: GHSA-xx4v-prfh-6cgc
Warn: Project is vulnerable to: GHSA-c2jc-4fpr-4vhg
Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx
Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-7gc6-qh9x-w6h8
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-mf6x-hrgr-658f
Warn: Project is vulnerable to: GHSA-xrh7-m5pp-39r6
Warn: Project is vulnerable to: GHSA-rv95-896h-c2vc
Warn: Project is vulnerable to: GHSA-qw6h-vgh9-j6wx
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97
Warn: Project is vulnerable to: GHSA-rc47-6667-2j5j
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
Warn: Project is vulnerable to: GHSA-78xj-cgh5-2h22
Warn: Project is vulnerable to: GHSA-2p57-rm9w-gvfp
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw
Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-r683-j2x4-v87g
Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
Warn: Project is vulnerable to: GHSA-rp65-9cf3-cjxr
Warn: Project is vulnerable to: GHSA-3j8f-xvm3-ffx4
Warn: Project is vulnerable to: GHSA-4p35-cfcx-8653
Warn: Project is vulnerable to: GHSA-7f3x-x4pr-wqhj
Warn: Project is vulnerable to: GHSA-jpp7-7chh-cf67
Warn: Project is vulnerable to: GHSA-q6wq-5p59-983w
Warn: Project is vulnerable to: GHSA-j9fq-vwqv-2fm2
Warn: Project is vulnerable to: GHSA-pqw5-jmp5-px4v
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-rhx6-c78j-4q9w
Warn: Project is vulnerable to: GHSA-4cpg-3vgw-4877
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-3949-f494-cm99
Warn: Project is vulnerable to: GHSA-x7hr-w5r2-h6wg
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-gcx4-mw62-g8wm
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-4x5v-gmq8-25ch
Warn: Project is vulnerable to: GHSA-m6fv-jmcg-4jfg
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Warn: Project is vulnerable to: GHSA-cm22-4g7w-348p
Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9
Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh
Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36
Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-w5p7-h5w8-2hfq
Warn: Project is vulnerable to: GHSA-7p7h-4mm5-852v
Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
Warn: Project is vulnerable to: GHSA-hc6q-2mpp-qw7j
Warn: Project is vulnerable to: GHSA-4vvj-4cpr-p986
Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6
Warn: Project is vulnerable to: GHSA-4v9v-hfq4-rm2v
Warn: Project is vulnerable to: GHSA-9jgg-88mc-972h
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q
Warn: Project is vulnerable to: GHSA-h6q6-9hqw-rwfv
Warn: Project is vulnerable to: GHSA-5fg8-2547-mr8q
Warn: Project is vulnerable to: GHSA-crh6-fp67-6883

Score

4.3

/10

Last Scanned on 2025-07-07

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More