npmpackage.info

Gathering detailed insights and metrics for dropzone

Other packages similar to dropzone

react-dropzone

14.3.8

Simple HTML5 drag-drop zone with React.js

@types/dropzone

5.7.9

TypeScript definitions for dropzone

@mantine/dropzone

8.1.2

Dropzone component built with Mantine theme and components

vue2-dropzone

3.6.0

A wrapper around Dropzone.js for Vue 2

Gathering detailed insights and metrics for dropzone

dropzone - 6.0.0-beta.2 | npmpackage.info

dropzone

Dropzone is an easy to use drag'n'drop library. It supports image previews and shows nice progress bars.

6.0.0-beta.2

18,303

NOASSERTION

JavaScript

11.27 kB

125,271,868 2.7

Installations

npm install dropzone

Developer Guide

BETA

Typescript

No

Module System

CommonJS

Node Version

14.18.1

NPM Version

6.14.15 Score

99.2

Supply Chain

98.7

Quality

76.2

Maintenance

100

Vulnerability

100

License

Pull Requests

Open

22

Total

264

Closed

163

Merged

79

Issues

Open

136

Total

1,861

Closed

1,725

Releases

Release v6.0.0-beta.2

v6.0.0-beta.2

Updated on Nov 29, 2021

Release v6.0.0-beta.1

v6.0.0-beta.1

Updated on Oct 25, 2021

Release v5.9.3

v5.9.3

Updated on Sep 21, 2021

Release v5.9.2

v5.9.2

Updated on Apr 02, 2021

Release v5.9.1

v5.9.1

Updated on Apr 02, 2021

Release v5.9.0

v5.9.0

Updated on Apr 02, 2021

View All 44 releases

Languages

JavaScript

SCSS

HTML

JavaScript (93.48%)

SCSS (3.74%)

HTML (2.79%)

Developer

dropzone

Download Statistics

Total Downloads

125,271,868

Last Day

17,652

Last Week

457,317

Last Month

2,116,114

Last Year

25,339,738

GitHub Statistics

NOASSERTION License

18,303 Stars

1,100 Commits

3,296 Forks

390 Watchers

7 Branches

69 Contributors

Updated on Jul 02, 2025

Bundle Size

36.40 kB

Minified

11.27 kB

Minified + Gzipped

Bundlephobia

Maintainers

View All 69 Contributors

Package Meta Information

Latest Version

6.0.0-beta.2

Package Id

dropzone@6.0.0-beta.2

Unpacked Size

916.27 kB

Size

229.90 kB

File Count

NPM Version

6.14.15

Node Version

14.18.1

Published on

Nov 29, 2021

Total Downloads

Cumulative downloads

Total Downloads

125,271,868

Last Day

6.2%

17,652

Compared to previous day

Last Week

-14.5%

457,317

Compared to previous week

Last Month

-7.2%

2,116,114

Compared to previous month

Last Year

18.4%

25,339,738

Compared to previous year

Weekly Downloads

Monthly Downloads

Yearly Downloads

Dependencies

@swc/helpers just-extend

Dev Dependencies

@parcel/transformer-inline-string @parcel/transformer-sass chai cypress cypress-file-upload karma karma-chrome-launcher karma-mocha karma-sinon-chai karma-spec-reporter mocha mocha-headless-chrome node-static parcel sass sinon sinon-chai

Dropzone is a JavaScript library that turns any HTML element into a dropzone. This means that a user can drag and drop a file onto it, and Dropzone will display file previews and upload progress, and handle the upload for you via XHR.

It's fully configurable, can be styled according to your needs and is trusted by thousands.

Quickstart

Install:

1$ npm install --save dropzone
2# or with yarn:
3$ yarn add dropzone

Use as ES6 module (recommended):

1import { Dropzone } from "dropzone";
2const dropzone = new Dropzone("div#myId", { url: "/file/post" });

or use as CommonJS module:

1const { Dropzone } = require("dropzone");
2const dropzone = new Dropzone("div#myId", { url: "/file/post" });

???? Checkout our example implementations for different bundlers

Not using a package manager or bundler?

Use the standalone files like this:

1<script src="https://unpkg.com/dropzone@5/dist/min/dropzone.min.js"></script>
2<link
3  rel="stylesheet"
4  href="https://unpkg.com/dropzone@5/dist/min/dropzone.min.css"
5  type="text/css"
6/>
7
8<div class="my-dropzone"></div>
9
10<script>
11  // Dropzone has been added as a global variable.
12  const dropzone = new Dropzone("div.my-dropzone", { url: "/file/post" });
13</script>

???? Full documentation
⚙️ src/options.js for all available options

⚠️ NOTE: We are currently moving away from IE support to make the library more lightweight. If you don't care about IE but about size, you can already opt into 6.0.0-beta.1. Please make sure to pin the specific version since parts of the API might change slightly. You can always read about the changes in the CHANGELOG file.

Community

If you need support please use the discussions section or stackoverflow with the dropzone.js tag and not the GitHub issues tracker. Only post an issue here if you think you discovered a bug.

If you have a feature request or want to discuss something, please use the discussions as well.

⚠️ Please read the contributing guidelines before you start working on Dropzone!

Main features ✅

Beautiful by default
Image thumbnail previews. Simply register the callback thumbnail(file, data) and display the image wherever you like
High-DPI screen support
Multiple files and synchronous uploads
Progress updates
Support for large files
- Chunked uploads (upload large files in smaller chunks)
Support for Amazon S3 Multipart upload
Complete theming. The look and feel of Dropzone is just the default theme. You can define everything yourself by overwriting the default event listeners.
Browser image resizing (resize the images before you upload them to your server)
Well tested

MIT License

See LICENSE file

No vulnerabilities found.

10

Dangerous-Workflow

Determines if the project's GitHub Action workflows avoid dangerous patterns.

10

Binary-Artifacts

Determines if the project has generated executable (binary) artifacts in the source repository.

9

License

Determines if the project has defined a license.

2

Code-Review

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

0

Maintained

Determines if the project is "actively maintained".

0

Token-Permissions

Determines if the project's workflows follow the principle of least privilege.

0

CII-Best-Practices

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

0

Pinned-Dependencies

Determines if the project has declared and pinned the dependencies of its build process.

Reason

dependency not pinned by hash detected -- score normalized to 0

Details

Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:69: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:71: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:76: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:87: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:89: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:97: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:108: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:125: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:132: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:36: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Warn: third-party GitHubAction not pinned by hash: .github/workflows/test-and-release.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/dropzone/dropzone/test-and-release.yml/main?enable=pin
Info: 0 out of 10 GitHub-owned GitHubAction dependencies pinned
Info: 0 out of 5 third-party GitHubAction dependencies pinned

0

Security-Policy

Determines if the project has published a security policy.

0

Fuzzing

Determines if the project uses fuzzing.

0

Signed-Releases

Determines if the project cryptographically signs release artifacts.

0

SAST

Determines if the project uses static code analysis.

0

Vulnerabilities

Determines if the project has open, known unfixed vulnerabilities.

Reason

71 existing vulnerabilities detected

Details

Warn: Project is vulnerable to: GHSA-968p-4wvh-cqc8
Warn: Project is vulnerable to: GHSA-67hx-6x53-jw92
Warn: Project is vulnerable to: GHSA-p8p7-x288-28g6
Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25
Warn: Project is vulnerable to: GHSA-xq7p-g2vc-g82p
Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7
Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw
Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg
Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw
Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x
Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275
Warn: Project is vulnerable to: GHSA-phwq-j96m-2c2q
Warn: Project is vulnerable to: GHSA-ghr5-ch3p-vcr6
Warn: Project is vulnerable to: GHSA-434g-2637-qmqr
Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m
Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw
Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p
Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747
Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh
Warn: Project is vulnerable to: GHSA-273r-mgr4-v34f
Warn: Project is vulnerable to: GHSA-r7qp-cfhv-p84w
Warn: Project is vulnerable to: GHSA-q9mw-68c2-j6m5
Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q
Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c
Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc
Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp
Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5
Warn: Project is vulnerable to: GHSA-c7qv-q95q-8v27
Warn: Project is vulnerable to: GHSA-4www-5p9h-95mh
Warn: Project is vulnerable to: GHSA-9gqv-wp59-fq42
Warn: Project is vulnerable to: GHSA-896r-f27r-55mw
Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h
Warn: Project is vulnerable to: GHSA-7x7c-qm48-pq9c
Warn: Project is vulnerable to: GHSA-rc3x-jf5g-xvc5
Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq
Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488
Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g
Warn: Project is vulnerable to: GHSA-82v2-mx6x-wq7q
Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv
Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
Warn: Project is vulnerable to: GHSA-7hpj-7hhx-2fgx
Warn: Project is vulnerable to: GHSA-qrpm-p2h7-hrv2
Warn: Project is vulnerable to: GHSA-mwcw-c2x4-8c55
Warn: Project is vulnerable to: GHSA-5rrq-pxf6-6jx5
Warn: Project is vulnerable to: GHSA-8fr3-hfg3-gpgp
Warn: Project is vulnerable to: GHSA-gf8q-jrpm-jvxq
Warn: Project is vulnerable to: GHSA-2r2c-g63r-vccr
Warn: Project is vulnerable to: GHSA-cfm4-qjh2-4765
Warn: Project is vulnerable to: GHSA-x4jg-mjrx-434g
Warn: Project is vulnerable to: GHSA-5g97-whc9-8g7j
Warn: Project is vulnerable to: GHSA-8r4g-cg4m-x23c
Warn: Project is vulnerable to: GHSA-9wv6-86v2-598j
Warn: Project is vulnerable to: GHSA-h7cp-r72f-jxh6
Warn: Project is vulnerable to: GHSA-v62p-rq8g-8h59
Warn: Project is vulnerable to: GHSA-566m-qj78-rww5
Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j
Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw
Warn: Project is vulnerable to: GHSA-76p7-773f-r4q5
Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj
Warn: Project is vulnerable to: GHSA-qm95-pgcg-qqfq
Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9
Warn: Project is vulnerable to: GHSA-pq67-2wwv-3xjx
Warn: Project is vulnerable to: GHSA-8cj5-5rvv-wf4v
Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc
Warn: Project is vulnerable to: GHSA-72xf-g2v4-qvf3
Warn: Project is vulnerable to: GHSA-fhg7-m89q-25r3
Warn: Project is vulnerable to: GHSA-j8xg-fqg3-53r7
Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Score

2.7

/10

Last Scanned on 2025-06-30

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

Learn More