npmpackage.info

Gathering detailed insights and metrics for dropzone

Other packages similar to dropzone

react-dropzone

14.3.5

Simple HTML5 drag-drop zone with React.js

@types/dropzone

5.7.9

TypeScript definitions for dropzone

@mantine/dropzone

7.16.2

Dropzone component built with Mantine theme and components

vue2-dropzone

3.6.0

A wrapper around Dropzone.js for Vue 2

dropzone

Dropzone is an easy to use drag'n'drop library. It supports image previews and shows nice progress bars.

6.0.0-beta.2

18,187

NOASSERTION

JavaScript

11.27 kB

116,036,111 2.7

Installations

npm install dropzone

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

14.18.1

NPM Version

6.14.15 Score

99.3

Supply Chain

98.7

Quality

76.2

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

21

Total

263

Closed

163

Merged

79

Issues

Open

134

Total

1,856

Closed

1,722

Releases

Release v6.0.0-beta.2

v6.0.0-beta.2

Published on 29 Nov 2021

Release v6.0.0-beta.1

v6.0.0-beta.1

Published on 25 Oct 2021

Release v5.9.3

v5.9.3

Published on 21 Sept 2021

Release v5.9.2

v5.9.2

Published on 02 Apr 2021

Release v5.9.1

v5.9.1

Published on 02 Apr 2021

Release v5.9.0

v5.9.0

Published on 02 Apr 2021

View all 44 releases

Contributors

Unable to fetch Contributors

View all 70 contributors

Languages

JavaScript

SCSS

HTML

JavaScript (93.48%)

SCSS (3.74%)

HTML (2.79%)

Developer

dropzone

Download Statistics

Total Downloads

116,036,111

Last Day

104,150

Last Week

424,001

Last Month

1,897,414

Last Year

23,708,338

GitHub Statistics

18,187 Stars

1,100 Commits

3,288 Forks

394 Watching

7 Branches

70 Contributors

Bundle Size

36.40 kB

Minified

11.27 kB

Minified + Gzipped

Bundlephobia

Maintainers

Package Meta Information

Latest Version

6.0.0-beta.2

Package Id

dropzone@6.0.0-beta.2

Unpacked Size

916.27 kB

Size

229.90 kB

File Count

NPM Version

6.14.15

Node Version

14.18.1

Publised On

29 Nov 2021

Total Downloads

Cumulative downloads

Total Downloads

116,036,111

Last day

4.6%

104,150

Compared to previous day

Last week

-12.4%

424,001

Compared to previous week

Last month

2.5%

1,897,414

Compared to previous month

Last year

10.2%

23,708,338

Compared to previous year

Daily Downloads

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@swc/helpers just-extend

Dev Dependencies

@parcel/transformer-inline-string @parcel/transformer-sass chai cypress cypress-file-upload karma karma-chrome-launcher karma-mocha karma-sinon-chai karma-spec-reporter mocha mocha-headless-chrome node-static parcel sass sinon sinon-chai

Versions

Dropzone is a JavaScript library that turns any HTML element into a dropzone. This means that a user can drag and drop a file onto it, and Dropzone will display file previews and upload progress, and handle the upload for you via XHR.

It's fully configurable, can be styled according to your needs and is trusted by thousands.

Quickstart

Install:

1$ npm install --save dropzone
2# or with yarn:
3$ yarn add dropzone

Use as ES6 module (recommended):

1import { Dropzone } from "dropzone";
2const dropzone = new Dropzone("div#myId", { url: "/file/post" });

or use as CommonJS module:

1const { Dropzone } = require("dropzone");
2const dropzone = new Dropzone("div#myId", { url: "/file/post" });

???? Checkout our example implementations for different bundlers

Not using a package manager or bundler?

Use the standalone files like this:

1<script src="https://unpkg.com/dropzone@5/dist/min/dropzone.min.js"></script>
2<link
3  rel="stylesheet"
4  href="https://unpkg.com/dropzone@5/dist/min/dropzone.min.css"
5  type="text/css"
6/>
7
8<div class="my-dropzone"></div>
9
10<script>
11  // Dropzone has been added as a global variable.
12  const dropzone = new Dropzone("div.my-dropzone", { url: "/file/post" });
13</script>

???? Full documentation
⚙️ src/options.js for all available options

⚠️ NOTE: We are currently moving away from IE support to make the library more lightweight. If you don't care about IE but about size, you can already opt into 6.0.0-beta.1. Please make sure to pin the specific version since parts of the API might change slightly. You can always read about the changes in the CHANGELOG file.

Community

If you need support please use the discussions section or stackoverflow with the dropzone.js tag and not the GitHub issues tracker. Only post an issue here if you think you discovered a bug.

If you have a feature request or want to discuss something, please use the discussions as well.

⚠️ Please read the contributing guidelines before you start working on Dropzone!

Main features ✅

Beautiful by default
Image thumbnail previews. Simply register the callback thumbnail(file, data) and display the image wherever you like
High-DPI screen support
Multiple files and synchronous uploads
Progress updates
Support for large files
- Chunked uploads (upload large files in smaller chunks)
Support for Amazon S3 Multipart upload
Complete theming. The look and feel of Dropzone is just the default theme. You can define everything yourself by overwriting the default event listeners.
Browser image resizing (resize the images before you upload them to your server)
Well tested

MIT License

See LICENSE file

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

9

License

Determines if the project has defined a license.

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Info: 0 out of 10 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 5 third-party GitHubAction dependencies pinned

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

60 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-273r-mgr4-v34f
Warn: Project is vulnerable to: GHSA-r7qp-cfhv-p84w
Warn: Project is vulnerable to: GHSA-q9mw-68c2-j6m5
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-7x7c-qm48-pq9c
Warn: Project is vulnerable to: GHSA-rc3x-jf5g-xvc5
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-82v2-mx6x-wq7q
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-7hpj-7hhx-2fgx
Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
Warn: Project is vulnerable to: GHSA-5g97-whc9-8g7j
Warn: Project is vulnerable to: GHSA-8r4g-cg4m-x23c
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
Warn: Project is vulnerable to: GHSA-qm95-pgcg-qqfq
Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

2.7

/10

Last Scanned on 2025-01-27

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More