bower

1.8.2

The browser package manager

License

Maintainers

vladikoff
desandro
satazor
wibblymat
paulirish
sheerun
sindresorhus

Keywords

bower

Dependencies

0 deps 0 devDeps

high

Scripts mismatch

metadata

This package has inconsistent scripts in the tarball's package.json

high

Typosquat

• suggested alternative 1

cybersquatting

low

Deprecated

This Bower version has SECURITY BUG THAT ALLOWS TO WRITE TO ARBITRARY FILE ON YOUR COMPUTER when you install malicious package. Please upgrade Bower to at least version 1.8.8 if you don't want to get hacked. More info: https://snyk.io/blog/severe-security-vulnerability-in-bowers-zip-archive-extraction/

Advisories

Dependencies

This version does not use dependencies.

Behavioural monitoring and security for npm packages

Monitor every change in your dependency tree and automatically block malicious packages from entering your codebase. Safeguard your projects by using lstn in GitHub.

Learn more Get started for free