Gathering detailed insights and metrics for lodash
Gathering detailed insights and metrics for lodash
Gathering detailed insights and metrics for lodash
Gathering detailed insights and metrics for lodash
A modern JavaScript utility library delivering modularity, performance, & extras.
npm install lodash
Typescript
Module System
Node Version
NPM Version
JavaScript (97.22%)
HTML (2.24%)
EJS (0.53%)
Total Downloads
14,398,045,167
Last Day
8,919,152
Last Week
54,465,073
Last Month
181,165,892
Last Year
2,680,666,058
60,053 Stars
7,666 Commits
7,050 Forks
828 Watching
7 Branches
302 Contributors
Minified
Minified + Gzipped
Latest Version
4.17.21
Package Id
lodash@4.17.21
Size
311.49 kB
NPM Version
6.14.11
Node Version
14.15.5
Publised On
20 Feb 2021
Cumulative downloads
Total Downloads
Last day
-6.1%
8,919,152
Compared to previous day
Last week
3.2%
54,465,073
Compared to previous week
Last month
-27.5%
181,165,892
Compared to previous month
Last year
7.4%
2,680,666,058
Compared to previous year
No dependencies detected.
The Lodash library exported as Node.js modules.
Using npm:
1$ npm i -g npm 2$ npm i --save lodash
In Node.js:
1// Load the full build. 2var _ = require('lodash'); 3// Load the core build. 4var _ = require('lodash/core'); 5// Load the FP build for immutable auto-curried iteratee-first data-last methods. 6var fp = require('lodash/fp'); 7 8// Load method categories. 9var array = require('lodash/array'); 10var object = require('lodash/fp/object'); 11 12// Cherry-pick methods for smaller browserify/rollup/webpack bundles. 13var at = require('lodash/at'); 14var curryN = require('lodash/fp/curryN');
See the package source for more details.
Note:
Install n_ for Lodash use in the Node.js < 6 REPL.
Tested in Chrome 74-75, Firefox 66-67, IE 11, Edge 18, Safari 11-12, & Node.js 8-12.
Automated browser & CI test runs are available.
Stable Version
1
9.1/10
Summary
Prototype Pollution in lodash
Affected Versions
< 4.17.12
Patched Versions
4.17.12
3
7.2/10
Summary
Command Injection in lodash
Affected Versions
< 4.17.21
Patched Versions
4.17.21
0/10
Summary
Prototype Pollution in lodash
Affected Versions
< 4.17.11
Patched Versions
4.17.11
7.4/10
Summary
Prototype Pollution in lodash
Affected Versions
>= 3.7.0, < 4.17.19
Patched Versions
4.17.19
3
6.5/10
Summary
Prototype Pollution in lodash
Affected Versions
< 4.17.5
Patched Versions
4.17.5
5.3/10
Summary
Regular Expression Denial of Service (ReDoS) in lodash
Affected Versions
< 4.17.21
Patched Versions
4.17.21
0/10
Summary
Regular Expression Denial of Service (ReDoS) in lodash
Affected Versions
< 4.17.11
Patched Versions
4.17.11
Reason
security policy file detected
Details
Reason
no binaries found in the repo
Reason
project is fuzzed
Details
Reason
license file detected
Details
Reason
1 commit(s) and 8 issue activity found in the last 90 days -- score normalized to 7
Reason
Found 8/30 approved changesets -- score normalized to 2
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Reason
91 existing vulnerabilities detected
Details
Score
Last Scanned on 2025-01-13
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More