a browser detector

Related tags

Miscellaneous javascript browser user-agent-parser browser-detection useragent useragentparser device-detection os-detection detect-browsers browser-detector
Overview

Bowser

A small, fast and rich-API browser/platform/engine detector for both browser and node.

  • Small. Use plain ES5-version which is ~4.8kB gzipped.
  • Optimized. Use only those parsers you need — it doesn't do useless work.
  • Multi-platform. It's browser- and node-ready, so you can use it in any environment.

Don't hesitate to support the project on Github or OpenCollective if you like it ❤️ Also, contributors are always welcome!

Financial Contributors on Open Collective Build Status Greenkeeper badge Coverage Status Downloads

Contents

Overview

The library is made to help to detect what browser your user has and gives you a convenient API to filter the users somehow depending on their browsers. Check it out on this page: https://bowser-js.github.io/bowser-online/.

⚠️ Version 2.0 breaking changes ⚠️

Version 2.0 has drastically changed the API. All available methods are on the docs page.

For legacy code, check out the 1.x branch and install it through npm install [email protected].

Use cases

First of all, require the library. This is a UMD Module, so it will work for AMD, TypeScript, ES6, and CommonJS module systems.

const Bowser = require("bowser"); // CommonJS

import * as Bowser from "bowser"; // TypeScript

import Bowser from "bowser"; // ES6 (and TypeScript with --esModuleInterop enabled)

By default, the exported version is the ES5 transpiled version, which do not include any polyfills.

In case you don't use your own babel-polyfill you may need to have pre-built bundle with all needed polyfills. So, for you it's suitable to require bowser like this: require('bowser/bundled'). As the result, you get a ES5 version of bowser with babel-polyfill bundled together.

You may need to use the source files, so they will be available in the package as well.

Browser props detection

Often we need to pick users' browser properties such as the name, the version, the rendering engine and so on. Here is an example how to do it with Bowser:

const browser = Bowser.getParser(window.navigator.userAgent);

console.log(`The current browser name is "${browser.getBrowserName()}"`);
// The current browser name is "Internet Explorer"

or

const browser = Bowser.getParser(window.navigator.userAgent);
console.log(browser.getBrowser());

// outputs
{
  name: "Internet Explorer"
  version: "11.0"
}

or

console.log(Bowser.parse(window.navigator.userAgent));

// outputs
{
  browser: {
    name: "Internet Explorer"
    version: "11.0"
  },
  os: {
    name: "Windows"
    version: "NT 6.3"
    versionName: "8.1"
  },
  platform: {
    type: "desktop"
  },
  engine: {
    name: "Trident"
    version: "7.0"
  }
}

Filtering browsers

You could want to filter some particular browsers to provide any special support for them or make any workarounds. It could look like this:

const browser = Bowser.getParser(window.navigator.userAgent);
const isValidBrowser = browser.satisfies({
  // declare browsers per OS
  windows: {
    "internet explorer": ">10",
  },
  macos: {
    safari: ">10.1"
  },

  // per platform (mobile, desktop or tablet)
  mobile: {
    safari: '>=9',
    'android browser': '>3.10'
  },

  // or in general
  chrome: "~20.1.1432",
  firefox: ">31",
  opera: ">=22",

  // also supports equality operator
  chrome: "=20.1.1432", // will match particular build only

  // and loose-equality operator
  chrome: "~20",        // will match any 20.* sub-version
  chrome: "~20.1"       // will match any 20.1.* sub-version (20.1.19 as well as 20.1.12.42-alpha.1)
});

Settings for any particular OS or platform has more priority and redefines settings of standalone browsers. Thus, you can define OS or platform specific rules and they will have more priority in the end.

More of API and possibilities you will find in the docs folder.

Browser names for .satisfies()

By default you are supposed to use the full browser name for .satisfies. But, there's a short way to define a browser using short aliases. The full list of aliases can be found in the file.

Similar Projects

  • Kong - A C# port of Bowser.

Contributors

Code Contributors

This project exists thanks to all the people who contribute. [Contribute].

Financial Contributors

Become a financial contributor and help us sustain our community. [Contribute]

Individuals

Organizations

Support this project with your organization. Your logo will show up here with a link to your website. [Contribute]

License

Licensed as MIT. All rights not explicitly granted in the MIT license are reserved. See the included LICENSE file for more details.

Comments
  • Jest not working with 2.0.0-alpha.2

    Jest not working with 2.0.0-alpha.2

    Hello,

    In order to get the fix from Google phones I upgraded to 2.0.0-alpha.2 but now I face an other issue. My unit tests are failing when I test a shallow rendering of a component which imports my utils functions wich import bowser. If I switch back to the 2.0.0-alpha.1 everything is ok...

    I use :

    • Jest 22.4.3
    • Enzyme 3.3.0
    • React 16.3.1

    Here is the Jest's error stacktrace :

    Test suite failed to run
    /.../fe-react/node_modules/bowser/src/bowser.js:7
    import Parser from './parser';
    ^^^^^^

    SyntaxError: Unexpected token import

       8 |    */
       9 |   static isTabletOrAbove() {
    > 10 |     if (!window) { return false; }
      11 |     const browser = bowser.getParser(window.navigator.userAgent);
      12 |     return browser && (browser.is('tablet') || browser.is('mobile'));
      13 |   }

      at ScriptTransformer._transformAndBuildScript (node_modules/jest-runtime/build/script_transformer.js:316:17)
      at Object.<anonymous> (src/shared/util/device.js:10:15)

    My Jest transformer configuration is configured to ignore node_modules as follow :

     "jest": {
    "collectCoverageFrom": [
      "src/**/*.{js,jsx,mjs}"
    ],
    "setupFiles": [
      "<rootDir>/jest/polyfills.js",
      "<rootDir>/src/setupTests.js"
    ],
    "testMatch": [
      "<rootDir>/src/**/__tests__/**/*.{js,jsx,mjs}",
      "<rootDir>/src/**/?(*.)(spec|test).{js,jsx,mjs}"
    ],
    "testEnvironment": "jsdom",
    "testURL": "http://localhost",
    "transform": {
      "^.+\\.(js|jsx|mjs)$": "<rootDir>/node_modules/babel-jest",
      "^.+\\.css$": "<rootDir>/jest/cssTransform.js",
      "^(?!.*\\.(js|jsx|mjs|css|json)$)": "<rootDir>/jest/fileTransform.js"
    },
    "transformIgnorePatterns": [
      "[/\\\\]node_modules[/\\\\].+\\.(js|jsx|mjs)$"
    ],

    so I'm not really understanding what happens there

    opened by anthonyvialleton 26
  • IE11 on Windows 8.1 can cause `tablet` to be true

    IE11 on Windows 8.1 can cause `tablet` to be true

    Checking for mobile and tablet can potentially cause false positives on certain Windows 8 devices (in our case a Asus X551M but users reported issues from MS Surface's as well).

    We did not catch this using the MS provided VM's.

    I realize that this is not technically a bug in bowser but I wanted to put this out there in case anybody else runs into the same issue.

    To get around this we are now doing the following:

    if ((bowser.tablet || bowser.mobile) && !bowser.msie) { etc }
    opened by pmilla1606 25
  • An in-range update of babel7 is breaking the build 🚨

    An in-range update of babel7 is breaking the build 🚨

    There have been updates to the babel7 monorepo:

      • The devDependency @babel/cli was updated from 7.7.7 to 7.8.0.

    🚨 View failing branch.

    This version is covered by your current version range and after updating it in your project the build failed.

    This monorepo update includes releases of one or more dependencies which all belong to the babel7 group definition.

    babel7 is a devDependency of this project. It might not break your production code or affect downstream projects, but probably breaks your build or test tools, which may prevent deploying or publishing.

    Status Details
    • continuous-integration/travis-ci/push: The Travis CI build could not complete due to an error (Details).
    • build (12.x): There are 1 failures, 0 warnings, and 0 notices.
    FAQ and help

    There is a collection of frequently asked questions. If those don’t help, you can always ask the humans behind Greenkeeper.

    Your Greenkeeper Bot :palm_tree:

    greenkeeper 
    opened by greenkeeper[bot] 19
  • Android flags overlap with browser and os

    Android flags overlap with browser and os

    Hello,

    I would suggest to have different flags names for the os and browser in order to avoid overlap, or prefix them.

    It happen that on a code like the following:

    // Detect browser
if (bowser.android) {
 //...
} else if (bowser.chrome) {
 // ..
} } else if (bowser.firefox) {
 // ..
}

    If an user is coming from an android device doesn't matter if it is using Firefox, Chrome or any other browser, the first if always will be true, because the same flag name is used to detect the browser (android native) and the os (android).

    If the changes are accepted I could make the changes and do a PR.

    Thanks, J.

    opened by xavadu 15
  • Incompatibility with Internet Explorer 11 : SCRIPT438: Object doesn't support property or method 'find'

    Incompatibility with Internet Explorer 11 : SCRIPT438: Object doesn't support property or method 'find'

    Hello,

    It seems that bowser v2.5.3 and even v2.6.1 is not compatible with Internet Explorer 11.

    You can simply reproduce the problem with the following line: var browser = bowser.getParser(window.navigator.userAgent);

    I have the following error message int he console: SCRIPT438: Object doesn't support property or method 'find' es5.js (1,6915)

    It works correctly with Edge, Chrome, Firefox.

    Are you able to reproduce it?

    Thanks in advance and have a nice day.

    opened by slolo2000 14
  • New 2.0 version is coming

    New 2.0 version is coming

    Hi, guys. The new version is on its way. I'm gonna publish a branch with the code. So, now there is a possibility to add some new features in it. If you have some ideas, feel free to propose them here 😺

    opened by lancedikson 14
  • Types definition for v2

    Types definition for v2

    I was trying to create types definition for this lib, as I need them in a TS+Webpack project and with the intent of creating later a pull request (as types are missing and last issue got opened over 3 months ago).

    I created the following typings, and it reflects the provided documentation. But when applying it to an app, I encounter a series of complications.

    One of them is: we know that Bowser class is the one that gets exported. At least examples say this. But if I do both

    import bowser from 'bowser'
import * as bowser from 'bowser'

    I cannot access both new Bowser or Bowser.getParser (and, so, to all the parser methods).

    If I want to make it work, I have to do:

    import * as bowser from "bowser";

    So, what does the transpiled version export? It should be the same, but it seems to be not equal. Thank you.

    EDIT: If I have typings imported with

    /// <reference path="typings/bowser.d.ts" />

    (yes, I have a specific folder), but the typings below are not commented, I get this error:

    Module '"bowser"' resolves to a non-module entity and cannot be imported using this construct. [2497]

    ========

    This is the type definition that one corrected may be pushed if you want.

    // Type definitions for Bowser v2
// Project: https://github.com/lancedikson/bowser
// Definitions by: Alexander P. Cerutti <https://github.com/alexandercerutti>

declare module "bowser" {
	/**
	 * Bowser class.
	 * Keep it simple as much as it can be.
	 * It's supposed to work with collections of {@link Parser} instances
	 * rather then solve one-instance problems.
	 * All the one-instance stuff is located in Parser class.
	 */
	class Bowser {
		constructor();

		/**
		 * Creates a {@link module:parser:Parser} instance
		 *
		 * @param {String} UA UserAgent string
		 * @param {Boolean} [skipParsing=false] same as skipParsing for {@link Parser}
		 * @returns {Parser}
		 * @throws {Error} when UA is not a String
		 *
		 * @example
		 * const parser = Bowser.getParser(window.navigator.userAgent);
		 * const result = parser.getResult();
		 */
		static getParser(UA: string, skipParsing?: boolean): Parser

		/**
		 * Creates a {@link Parser} instance and runs {@link Parser.getResult} immediately
		 *
		 * @param UA
		 * @return {ParsedResult}
		 *
		 * @example
		 * const result = Bowser.parse(window.navigator.userAgent);
		 */
		static parse(UA: string): Parser.ParsedResult
	}

	/**
	 * The main class that arranges the whole parsing process.
	 */

	class Parser {
		constructor(UA: string, skipParsing?: boolean);

		/**
		 * Get parsed browser object
		 * @return {Parser.BrowserDetails} Browser's details
		 */

		getBrowser(): Parser.BrowserDetails;

		/**
		 * Get browser's name
		 * @return {String} Browser's name or an empty string
		 */

		getBrowserName(): string;

		/**
		 * Get browser's version
		 * @return {String} version of browser
		 */

		getBrowserVersion(): string;

		/**
		 * Get OS
		 * @return {Parser.OSDetails} - OS Details
		 *
		 * @example
		 * this.getOS(); // {
		 * //	 name: 'macOS',
		 * //	 version: '10.11.12',
		 * // }
		 */

		getOS(): Parser.OSDetails;

		/**
		 * Get OS name
		 * @param {Boolean} [toLowerCase] return lower-cased value
		 * @return {String} name of the OS — macOS, Windows, Linux, etc.
		 */

		getOSName(toLowerCase?: boolean): string;

		/**
		 * Get OS version
		 * @return {String} full version with dots ('10.11.12', '5.6', etc)
		 */

		getOSVersion(): string;

		/**
		 * Get parsed platform
		 * @returns {Parser.PlatformDetails}
		 */

		getPlatform(): Parser.PlatformDetails;

		/**
		 * Get platform name
		 * @param {boolean} toLowerCase
		 */

		getPlatformType(toLowerCase?: boolean): string;

		/**
		 * Get parsed engine
		 * @returns {Parser.EngineDetails}
		 */

		getEngine(): Parser.EngineDetails;

		/**
		 * Get parsed result
		 * @return {Parser.ParsedResult}
		 */

		getResult(): Parser.ParsedResult;

		/**
		 * Get UserAgent string of current Parser instance
		 * @return {String} User-Agent String of the current <Parser> object
		 */

		getUA(): string;

		/**
		 * Is anything? Check if the browser is called "anything",
		 * the OS called "anything" or the platform called "anything"
		 * @param {String} anything
		 * @returns {Boolean}
		 */

		is(anything: any): boolean;

		/**
		 * Parse full information about the browser
		 */

		parse(): void;

		/**
		 * Get parsed browser object
		 * @returns {Parser.BrowserDetails}
		 */

		parseBrowser(): Parser.BrowserDetails;

		/**
		 * Get parsed engine
		 * @returns {Parser.EngineDetails}
		 */

		parseEngine(): Parser.EngineDetails;

		/**
		 * Parse OS and save it to this.parsedResult.os
		 * @returns {Parser.OSDetails}
		 */

		parseOS(): Parser.OSDetails;

		/**
		 * Get parsed platform
		 * @returns {Parser.PlatformDetails}
		 */

		parsePlatform(): Parser.PlatformDetails;

		/**
		 * Check if parsed browser matches certain conditions
		 *
		 * @param {Parser.checkTree} checkTree It's one or two layered object,
		 * which can include a platform or an OS on the first layer
		 * and should have browsers specs on the bottom-laying layer
		 *
		 * @returns {Boolean|undefined} Whether the browser satisfies the set conditions or not.
		 * Returns `undefined` when the browser is no described in the checkTree object.
		 *
		 * @example
		 * const browser = new Bowser(UA);
		 * if (browser.check({chrome: '>118.01.1322' }))
		 * // or with os
		 * if (browser.check({windows: { chrome: '>118.01.1322' } }))
		 * // or with platforms
		 * if (browser.check({desktop: { chrome: '>118.01.1322' } }))
		 */

		satisfies(checkTree: Parser.checkTree): boolean | undefined;

		/**
		 * Check if any of the given values satifies `.is(anything)`
		 * @param {string[]} anythings
		 * @returns {boolean} true if at least one condition is satisfied, false otherwise.
		 */

		some(anythings: string[]): boolean | undefined;

		/**
		 * Test a UA string for a regexp
		 * @param regex
		 * @returns {boolean} true if the regex matches the UA, false otherwise.
		 */

		test(regex: RegExp): boolean
	}

	namespace Parser {
		interface ParsedResult {
			browser: Details;
			os: OSDetails;
			platform: PlatformDetails;
			engine: Details;
		}

		interface Details {
			name?: string;
			version?: Array<{index: number, input: string} | boolean | string | any>;
		}

		interface OSDetails extends Details {
			versionName?: string;
		}

		interface PlatformDetails {
			type?: string;
			vendor?: string;
			model?: string;
		}

		type BrowserDetails = Details;
		type EngineDetails = Details;

		interface checkTree {
			[key: string]: any;
		}
	}

	class Utils {
		/**
		 * Get first matched item for a string
		 * @param {RegExp} regexp
		 * @param {String} ua
		 * @return {Array|{index: number, input: string}|*|boolean|string}
		 */
		static getFirstMatch(regexp: RegExp, ua: string): Array<{index: number, input: string} | boolean | string | any>;
		/**
		 * Get second matched item for a string
		 * @param regexp
		 * @param {String} ua
		 * @return {Array|{index: number, input: string}|*|boolean|string}
		 */
		static getSecondMatch(regexp: RegExp, ua: string): Array<{index: number, input: string} | boolean | string | any>;
		
		/**
		 * Match a regexp and return a constant or undefined
		 * @param {RegExp} regexp
		 * @param {String} ua
		 * @param {*} _const Any const that will be returned if regexp matches the string
		 * @return {*}
		 */
		static matchAndReturnConst(regexp: RegExp, ua: string, _const: any): any | undefined;
		
		/**
		 * Retrieves Windows commercial name from NT Core version name
		 * @param {string} version
		 * @returns {string | undefined}
		 */
		static getWindowsVersionName(version: string): string | undefined;
		
		/**
		 * Get version precisions count
		 *
		 * @example
		 *	 getVersionPrecision("1.10.3") // 3
		 *
		 * @param {string} version
		 * @return {number}
		 */
		static getVersionPrecision(version: string): number
		
		/**
		 * Calculate browser version weight
		 *
		 * @example
		 *	 compareVersions('1.10.2.1',	'1.8.2.1.90')	// 1
		 *	 compareVersions('1.010.2.1', '1.09.2.1.90');	// 1
		 *	 compareVersions('1.10.2.1',	'1.10.2.1');	// 0
		 *	 compareVersions('1.10.2.1',	'1.0800.2');	// -1
		 *	 compareVersions('1.10.2.1',	'1.10',	true);	// 0
		 *
		 * @param {String} versionA versions versions to compare
		 * @param {String} versionB versions versions to compare
		 * @param {boolean} [isLoose] enable loose comparison
		 * @return {Number} comparison result: -1 when versionA is lower,
		 * 1 when versionA is bigger, 0 when both equal
		 */
		static compareVersions(versionA: string, versionB: string, isLoose?: boolean): number;
		
		/**
		 * Array::map polyfill
		 *
		 * @param	{Array} arr
		 * @param	{Function} iterator
		 * @return {Array}
		 */
		static map(arr: Array<any>, iterator: Function): Array<any>
	}

	export = Bowser;
}
    opened by alexandercerutti 13
  • AMD build broken in 1.4.4

    AMD build broken in 1.4.4

    When I use rjs optimizer with bowser v1.4.4, my compiled JS gives me Uncaught ReferenceError: Bowser is not defined. It works fine with v1.4.3. I'm guessing that there's an AMD issue in the AMD fix?

    opened by radiolips 13
  • Google Search App detection

    Google Search App detection

    I recently discovered an official Google Search App which is a web browser different than Safari or Google Chrome. This browser has some strange webview behaviour (i noticed some bugs with viewport dimensions). I would like to detect it with bowser, could it be considered as a browser flag (i suggest 'gsa') ? It's only reported as a webkit. It would be easy to regex match /GSA/.

    window.navigator.userAgent of the browser is: Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_3 like Mac OS X) AppleWebKit/602.1.50 (KHTML, like Gecko) GSA/34.1.167176684 Mobile/14G60 Safari/602.1

    detection help needed 
    opened by ArTiSTiX 12
  • IE11: Object doesn't support property or method 'find'

    IE11: Object doesn't support property or method 'find'

    Bowser version: "bowser": "2.0.0-beta.3"

    The error occurs on bowser.getParser(window.navigator.userAgent)

    window.navigator.userAgent of the browser is: "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko"

    question 
    opened by JPStrydom 11

  • "Bowser.getParser is not a function" on v2.5.1

    Hi!

    First of all, thank you for this great package. Appreciate all the work that goes into maintaining this project.

    I've noticed after upgrading to v2.5.1 the following issue:

    // throws an error saying "Browser.getParser is not a function"
const browser = Bowser.getParser(userAgent)

    However, v2.4.0 seems to works with no issues.

    My environment:

    • macOS v10.14.5
    • node v10.16.0

    Here's a reproducible example that breaks:

    • https://repl.it/@devflag/FavoriteBelovedOperation

    Please let me know if there's any other information that's needed.

    Thank you!

    opened by goto1 10
  • chore(deps): bump json5 from 1.0.1 to 1.0.2

    chore(deps): bump json5 from 1.0.1 to 1.0.2

    Bumps json5 from 1.0.1 to 1.0.2.

    Release notes

    Sourced from json5's releases.

    v1.0.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)
    Changelog

    Sourced from json5's changelog.

    Unreleased [code, diff]

    v2.2.3 [code, diff]

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

    v2.1.2 [code, diff]

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump express from 4.16.4 to 4.18.2

    chore(deps): bump express from 4.16.4 to 4.18.2

    Bumps express from 4.16.4 to 4.18.2.

    Release notes

    Sourced from express's releases.

    4.18.2

    4.18.1

    • Fix hanging on large stack of sync routes

    4.18.0

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.18.2 / 2022-10-08

    4.18.1 / 2022-04-29

    • Fix hanging on large stack of sync routes

    4.18.0 / 2022-04-25

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2

    chore(deps): bump decode-uri-component from 0.2.0 to 0.2.2

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump engine.io and socket.io

    chore(deps): bump engine.io and socket.io

    Bumps engine.io and socket.io. These dependencies needed to be updated together. Updates engine.io from 3.4.0 to 3.6.1

    Release notes

    Sourced from engine.io's releases.

    3.6.1

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    Error: read ECONNRESET
    at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
Emitted 'error' event on Socket instance at:
    at emitErrorNT (internal/streams/destroy.js:106:8)
    at emitErrorCloseNT (internal/streams/destroy.js:74:3)
    at processTicksAndRejections (internal/process/task_queues.js:80:21) {
  errno: -104,
  code: 'ECONNRESET',
  syscall: 'read'
}

    Please upgrade as soon as possible.

    Bug Fixes

    • catch errors when destroying invalid upgrades (83c4071)

    3.6.0

    Bug Fixes

    • add extension in the package.json main entry (#608) (3ad0567)
    • do not reset the ping timer after upgrade (1f5d469)

    Features

    • decrease the default value of maxHttpBufferSize (58e274c)

    This change reduces the default value from 100 mb to a more sane 1 mb.

    This helps protect the server against denial of service attacks by malicious clients sending huge amounts of data.

    See also: https://github.com/advisories/GHSA-j4f2-536g-r55m

    • increase the default value of pingTimeout (f55a79a)

    Links

    ... (truncated)

    Changelog

    Sourced from engine.io's changelog.

    3.6.1 (2022-11-20)

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    Error: read ECONNRESET
    at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
Emitted 'error' event on Socket instance at:
    at emitErrorNT (internal/streams/destroy.js:106:8)
    at emitErrorCloseNT (internal/streams/destroy.js:74:3)
    at processTicksAndRejections (internal/process/task_queues.js:80:21) {
  errno: -104,
  code: 'ECONNRESET',
  syscall: 'read'
}

    Please upgrade as soon as possible.

    Bug Fixes

    • catch errors when destroying invalid upgrades (83c4071)

    6.2.1 (2022-11-20)

    :warning: This release contains an important security fix :warning:

    A malicious client could send a specially crafted HTTP request, triggering an uncaught exception and killing the Node.js process:

    Error: read ECONNRESET
    at TCP.onStreamRead (internal/stream_base_commons.js:209:20)
Emitted 'error' event on Socket instance at:
    at emitErrorNT (internal/streams/destroy.js:106:8)
    at emitErrorCloseNT (internal/streams/destroy.js:74:3)
    at processTicksAndRejections (internal/process/task_queues.js:80:21) {
  errno: -104,
  code: 'ECONNRESET',
  syscall: 'read'
}

    Please upgrade as soon as possible.

    Bug Fixes

    ... (truncated)

    Commits
    • 67a3a87 chore(release): 3.6.1
    • 83c4071 fix: catch errors when destroying invalid upgrades
    • f62f265 chore(release): 3.6.0
    • f55a79a feat: increase the default value of pingTimeout
    • 1f5d469 fix: do not reset the ping timer after upgrade
    • 3ad0567 fix: add extension in the package.json main entry (#608)
    • 58e274c feat: decrease the default value of maxHttpBufferSize
    • b9dee7b chore(release): 3.5.0
    • 19cc582 feat: add support for all cookie options
    • 5ad2736 feat: disable perMessageDeflate by default
    • Additional commits viewable in compare view

    Updates socket.io from 2.3.0 to 2.5.0

    Release notes

    Sourced from socket.io's releases.

    2.5.0

    :warning: WARNING :warning:

    The default value of the maxHttpBufferSize option has been decreased from 100 MB to 1 MB, in order to prevent attacks by denial of service.

    Security advisory: https://github.com/advisories/GHSA-j4f2-536g-r55m

    Bug Fixes

    • fix race condition in dynamic namespaces (05e1278)
    • ignore packet received after disconnection (22d4bdf)
    • only set 'connected' to true after middleware execution (226cc16)
    • prevent the socket from joining a room after disconnection (f223178)

    Links:

    2.4.1

    This release reverts the breaking change introduced in 2.4.0 (https://github.com/socketio/socket.io/commit/f78a575f66ab693c3ea96ea88429ddb1a44c86c7).

    If you are using Socket.IO v2, you should explicitly allow/disallow cross-origin requests:

    • without CORS (server and client are served from the same domain):
    const io = require("socket.io")(httpServer, {
  allowRequest: (req, callback) => {
    callback(null, req.headers.origin === undefined); // cross-origin requests will not be allowed
  }
});
    • with CORS (server and client are served from distinct domains):
    io.origins(["http://localhost:3000"]); // for local development
io.origins(["https://example.com"]);

    In any case, please consider upgrading to Socket.IO v3, where this security issue is now fixed (CORS is disabled by default).

    Reverts

    • fix(security): do not allow all origins by default (a169050)

    Links:

    ... (truncated)

    Changelog

    Sourced from socket.io's changelog.

    2.5.0 (2022-06-26)

    Bug Fixes

    • fix race condition in dynamic namespaces (05e1278)
    • ignore packet received after disconnection (22d4bdf)
    • only set 'connected' to true after middleware execution (226cc16)
    • prevent the socket from joining a room after disconnection (f223178)

    4.5.1 (2022-05-17)

    Bug Fixes

    • forward the local flag to the adapter when using fetchSockets() (30430f0)
    • typings: add HTTPS server to accepted types (#4351) (9b43c91)

    4.5.0 (2022-04-23)

    Bug Fixes

    • typings: ensure compatibility with TypeScript 3.x (#4259) (02c87a8)

    Features

    • add support for catch-all listeners for outgoing packets (531104d)

    This is similar to onAny(), but for outgoing packets.

    Syntax:

    socket.onAnyOutgoing((event, ...args) => {
  console.log(event);
});
    • broadcast and expect multiple acks (8b20457)

    Syntax:

    io.timeout(1000).emit("some-event", (err, responses) => {
</tr></table>

    ... (truncated)

    Commits
    • baa6804 chore(release): 2.5.0
    • f223178 fix: prevent the socket from joining a room after disconnection
    • 226cc16 fix: only set 'connected' to true after middleware execution
    • 05e1278 fix: fix race condition in dynamic namespaces
    • 22d4bdf fix: ignore packet received after disconnection
    • dfded53 chore: update engine.io version to 3.6.0
    • e6b8697 chore(release): 2.4.1
    • a169050 revert: fix(security): do not allow all origins by default
    • 873fdc5 chore(release): 2.4.0
    • f78a575 fix(security): do not allow all origins by default
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump loader-utils from 1.2.3 to 1.4.2

    chore(deps): bump loader-utils from 1.2.3 to 1.4.2

    Bumps loader-utils from 1.2.3 to 1.4.2.

    Release notes

    Sourced from loader-utils's releases.

    v1.4.2

    1.4.2 (2022-11-11)

    Bug Fixes

    v1.4.1

    1.4.1 (2022-11-07)

    Bug Fixes

    v1.4.0

    1.4.0 (2020-02-19)

    Features

    • the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

    v1.3.0

    1.3.0 (2020-02-19)

    Features

    • support the [query] template for the interpolatedName method (#162) (469eeba)
    Changelog

    Sourced from loader-utils's changelog.

    1.4.2 (2022-11-11)

    Bug Fixes

    1.4.1 (2022-11-07)

    Bug Fixes

    1.4.0 (2020-02-19)

    Features

    • the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

    1.3.0 (2020-02-19)

    Features

    • support the [query] template for the interpolatedName method (#162) (469eeba)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • chore(deps): bump socket.io-parser from 3.3.0 to 3.3.3

    chore(deps): bump socket.io-parser from 3.3.0 to 3.3.3

    Bumps socket.io-parser from 3.3.0 to 3.3.3.

    Release notes

    Sourced from socket.io-parser's releases.

    3.3.2

    Bug Fixes

    • prevent DoS (OOM) via massive packets (#95) (89197a0)

    Links

    3.3.1

    Links

    Changelog

    Sourced from socket.io-parser's changelog.

    3.3.3 (2022-11-09)

    Bug Fixes

    • check the format of the index of each attachment (fb21e42)

    3.4.2 (2022-11-09)

    Bug Fixes

    • check the format of the index of each attachment (04d23ce)

    4.2.1 (2022-06-27)

    Bug Fixes

    • check the format of the index of each attachment (b5d0cb7)

    4.0.5 (2022-06-27)

    Bug Fixes

    • check the format of the index of each attachment (b559f05)

    4.2.0 (2022-04-17)

    Features

    • allow the usage of custom replacer and reviver (#112) (b08bc1a)

    4.1.2 (2022-02-17)

    Bug Fixes

    ... (truncated)

    Commits
    • cd11e38 chore(release): 3.3.3
    • fb21e42 fix: check the format of the index of each attachment
    • 3b0a392 chore(release): 3.3.2
    • 89197a0 fix: prevent DoS (OOM) via massive packets (#95)
    • 25ca624 chore(release): 3.3.1
    • b51b39b test: use Node.js 10 for the browser tests
    • 4184e46 chore: bump component-emitter dependency
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(2.10.0)
Owner
Denis Demchenko
CTO at @videoly
Denis Demchenko
GitHub
Browser fingerprinting library with the highest accuracy and stability.

FingerprintJS is a browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them. Unlike cookies a

FingerprintJS 18.1k Dec 31, 2022
Gmail-like client-side drafts and bit more. Plugin developed to save html forms data to LocalStorage to restore them after browser crashes, tabs closings and other disasters.

Sisyphus Plugin developed to save html forms data to LocalStorage to restore them after browser crashes, tabs closings and other disasters. Descriptio

Alexander Kaupanin 2k Dec 8, 2022
A Featureful File Browser for Cockpit

Cockpit Navigator A Featureful File System Browser for Cockpit - remotely browse, manage, edit, upload, and download files on your server through your

45Drives 226 Dec 27, 2022
SiJago - GraphQL Client for Browser and Node.js

SiJago is GraphQL Client for Browser and Node.js, You can write request GraphQL schema using JavaScript Object Style, Why i create this tools, Because for reducing typo when writing GraphQL schema using HTTP client like Axios, Fetch or GraphQL client using Apollo and also to simplify calling the GraphQL schema easy to understand for human.

Restu Wahyu Saputra 7 Mar 13, 2022
a browser detector

Bowser A small, fast and rich-API browser/platform/engine detector for both browser and node. Small. Use plain ES5-version which is ~4.8kB gzipped. Op

Denis Demchenko 5.2k Jan 2, 2023
Zero dependency profanity detector.

@cnakazawa/profane Zero dependency profanity detector based on Swearjar and Profane. Note: Some examples may contain offensive language for illustrati

Christoph Nakazawa 11 Dec 28, 2022
Browser compilation library – an asset pipeline for applications that run in the browser

Broccoli A fast, reliable asset pipeline, supporting constant-time rebuilds and compact build definitions. Comparable to the Rails asset pipeline in s

Broccoli 3.3k Dec 30, 2022
A lightweight extension to automatically detect and provide verbose warnings for embedded iframe elements in order to protect against Browser-In-The-Browser (BITB) attacks.

Enhanced iFrame Protection - Browser Extension Enhanced iFrame Protection (EIP) is a lightweight extension to automatically detect and provide verbose

odacavo 16 Dec 24, 2022
Browser In The Browser (BITB) Templates

BITB Browser templates for Browser In The Browser (BITB) attack. More information: https://mrd0x.com/browser-in-the-browser-phishing-attack/ Usage Eac

mrd0x 2.5k Jan 5, 2023
Browser In The Browser (BITB) attack is a sophisticated phishing and hard to detect.

BITB Browser In The Browser (BITB) attack is a sophisticated phishing and hard to detect. Goto: ?? MacOS-Chrome-DarkMode ?? MacOS-Chrome-LightMode ??

Lục Thiên Phong 18 Dec 4, 2022
UAParser.js - Detect Browser, Engine, OS, CPU, and Device type/model from User-Agent data. Supports browser & node.js environment.

UAParser.js JavaScript library to detect Browser, Engine, OS, CPU, and Device type/model from User-Agent data with relatively small footprint (~17KB m

Faisal Salman 7.4k Jan 4, 2023
Detect browser, and render view according to the detected browser type.

react-browser-detector Detect browser, and render view according to the detected browser type. Installation To install, you can use npm or yarn: npm i

kirillsaint 5 Jul 13, 2022
make ie browser like a morden browser main for ie6~ie8,

ieBetter.js It's created for IE6-IE8. Why need this? Modern browsers are so powerfull. For some small project, there is no any reason to include a lar

zhangxinxu 796 Dec 19, 2022
🍿 A cross-browser library of CSS animations. As easy to use as an easy thing.

Animate.css If you need the old docs - v3.x.x and under - you can find it here. Just-add-water CSS animation Installation Install with npm: npm instal

Animate.css 76.7k Dec 30, 2022
:dizzy: TransitionEnd is an agnostic and cross-browser library to work with transitionend event.

TransitionEnd TransitionEnd is an agnostic and cross-browser library to work with event transitionend. Browser Support 1.0+ ✔ 4.0+ ✔ 10+ ✔ 10.5 ✔ 3.2+

Evandro Leopoldino Gonçalves 95 Dec 21, 2022
JavaScript package manager - using a browser-focused and RequireJS compatible repository

****NOTE: this project is no longer active and not recommended for use. It is left here for reference. **** Jam was created at a time before Bower and

Caolan McMahon 1.5k Dec 10, 2022
Apache ECharts is a powerful, interactive charting and data visualization library for browser

Apache ECharts Apache ECharts is a free, powerful charting and visualization library offering an easy way of adding intuitive, interactive, and highly

The Apache Software Foundation 53.8k Jan 9, 2023
The Swiss Army Knife of Vector Graphics Scripting – Scriptographer ported to JavaScript and the browser, using HTML5 Canvas. Created by @lehni & @puckey

Paper.js - The Swiss Army Knife of Vector Graphics Scripting If you want to work with Paper.js, simply download the latest "stable" version from http:

Paper.js 13.5k Dec 30, 2022
A plugin for the jQuery javascript library to generate small sparkline charts directly in the browser

jQuery Sparklines This jQuery plugin makes it easy to generate a number of different types of sparklines directly in the browser, using online a line

Gareth Watts 1.2k Jan 4, 2023
Reusable JavaScript library for creating sketchy/hand-drawn styled charts in the browser.

roughViz.js is a reusable JavaScript library for creating sketchy/hand-drawn styled charts in the browser, based on D3v5, roughjs, and handy. Why? Use

Jared Wilber 6.4k Jan 4, 2023