Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

bootstrap

Ecosystem:
npm
Package URL:
pkg:npm/bootstrap
Total PRs:
4,160 Dependabot PRs
Latest PR:
8 days ago
Unique Repositories:
2,193 repositories
Unique Repos (30 days):
5 repositories
Security Advisories
Bootstrap Cross-site Scripting vulnerability
GHSA-7mvr-5x2g-wfc8 CVE-2018-14042 MODERATE published almost 8 years ago • updated about 3 hours ago
In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is s...
Bootstrap Vulnerable to Cross-Site Scripting in its Popover and Tooltip Components
GHSA-q58r-hwc8-rm9j CVE-2025-1647 MODERATE published about 1 year ago • updated 21 days ago
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting ...
Bootstrap Cross-site Scripting vulnerability
GHSA-pj7m-g53m-7638 CVE-2018-14041 MODERATE published almost 8 years ago • updated about 3 hours ago
In Bootstrap 4.x before 4.1.2, XSS is possible in the data-target property of scrollspy. This is similar to CVE-2018-14042.
XSS vulnerability that affects bootstrap
GHSA-3mgp-fx93-9xv5 CVE-2018-20676 MODERATE published over 7 years ago • updated 4 days ago
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Bootstrap Cross-site Scripting vulnerability
GHSA-4p24-vmcr-4gqj CVE-2016-10735 MODERATE published over 7 years ago • updated about 3 hours ago
In Bootstrap 2.x from 2.0.4, 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute. Note that this is a d...
View all 9 advisories
Recent PRs
RSS Feed
Bump the npm_and_yarn group across 1 directory with 15 updates

lisaross/auth0-react-samples #1

3.3.7 → 5.0.0 Major PR
Open 8 days ago 1 comment
lisaross
npm: bump bootstrap from 5.1.1 to 5.3.8 in /client

Skitionek/mycelium #292

5.1.1 → 5.3.8 Minor PR
Open 21 days ago 2 comments
Skitionek
Bump the npm_and_yarn group across 1 directory with 21 updates

oaqoe-DWQ/TeamVision #1

3.3.7 → 5.0.0 Major PR
Closed 24 days ago 1 comment
oaqoe-DWQ
Bump the npm_and_yarn group across 2 directories with 22 updates

robertsn808/opensource-casino-v10-fixed #21

3.4.1 → 5.0.0 Major PR
Closed about 1 month ago 1 comment
robertsn808
chore(deps): bump the npm-minor group across 1 directory with 20 updates

Dashtid/portfolio-site #93

5.3.3 → 5.3.8 Patch PR
Closed about 1 month ago 2 comments
Dashtid
deps(web)(deps): Bump the patch group in /web with 2 updates

crockpotveggies/execlaw #5

5.3.3 → 5.3.8 Patch PR
Open about 1 month ago 2 comments
crockpotveggies
chore(deps): bump the npm-minor group across 1 directory with 16 updates

Dashtid/portfolio-site #83

5.3.3 → 5.3.8 Patch PR
Closed about 2 months ago 2 comments
Dashtid
Bump bootstrap from 5.3.6 to 5.3.8

ivechalapu/generator-jhipster-7.x_maintenance #25

5.3.6 → 5.3.8 Patch PR
Open about 2 months ago 1 comment
ivechalapu
Bump the patch-updates group across 1 directory with 2 updates

codejoncode/jonathan-updated-portfolio #6

5.3.7 → 5.3.8 Patch PR
Open about 2 months ago 1 comment
codejoncode
Bump bootstrap from 5.3.7 to 5.3.8 in the patch-updates group

codejoncode/jonathan-updated-portfolio #1

5.3.7 → 5.3.8 Patch PR
Open 2 months ago 1 comment
codejoncode
chore(deps): bump bootstrap from 5.3.2 to 5.3.8

m4rv4x/mxgpt #9

5.3.2 → 5.3.8 Patch PR
Open 2 months ago 1 comment
m4rv4x
Bump bootstrap from 4.1.3 to 5.0.0

christsantiris/ethereum-todo-list #18

4.1.3 → 5.0.0 Major PR
Closed 2 months ago 1 comment
christsantiris
Bump bootstrap from 5.3.3 to 5.3.8

kalaiselvi-dev/analytics-avenue-dashboard #8

5.3.3 → 5.3.8 Patch PR
Open 2 months ago 2 comments
kalaiselvi-dev
build(deps): bump the minor-and-patch group across 1 directory with 13 updates

CircuitVerse/CircuitVerse #7263

5.3.3 → 5.3.8 Patch PR
Open 2 months ago 2 comments
CircuitVerse
build(deps): bump the npm_and_yarn group across 2 directories with 27 updates

nvrsummit/nixpkgs #1

3.4.1 → 5.0.0 Major PR
Closed 2 months ago 1 comment
nvrsummit
chore(deps): bump bootstrap from 4.6.0 to 5.3.8

fleetyards/fleetyards #3574

4.6.0 → 5.3.8 Major PR
Closed 3 months ago 3 comments
fleetyards
chore(deps): bump the npm_and_yarn group across 1 directory with 20 updates

cf5146/PttChrome #12

3.4.1 → 5.0.0 Major PR
Closed 3 months ago 3 comments
cf5146
Bump bootstrap and @types/bootstrap in /src/OrchardCore.Modules/OrchardCore.Workflows

xkproject/Orchard2 #236

4.6.1 → 5.3.8 Major PR
Open 3 months ago 1 comment
xkproject
Bump bootstrap from 5.1.3 to 5.3.8 in /src/OrchardCore.Modules/OrchardCore.Setup

xkproject/Orchard2 #233

5.1.3 → 5.3.8 Minor PR
Open 3 months ago 1 comment
xkproject
Bump bootstrap from 4.6.1 to 5.3.8 in /src/OrchardCore.Themes/TheAdmin

xkproject/Orchard2 #231

4.6.1 → 5.3.8 Major PR
Open 3 months ago 1 comment
xkproject
Bump bootstrap from 4.6.1 to 5.3.8 in /src/OrchardCore.Modules/OrchardCore.Markdown

xkproject/Orchard2 #232

4.6.1 → 5.3.8 Major PR
Open 3 months ago 1 comment
xkproject
chore(deps): bump the all-dependencies group with 30 updates

amigobrewbrew/polytopiacalculatorfirebase-public #112

5.3.5 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
amigobrewbrew
Bump bootstrap from 5.0.0 to 5.3.8 in /web

codeafix/orgnetsim #67

5.0.0 → 5.3.8 Minor PR
Closed 3 months ago 1 comment
codeafix
Bump the npm_and_yarn group across 2 directories with 14 updates

UbuntuEvangelist/casino #2

3.4.1 → 5.0.0 Major PR
Closed 3 months ago 1 comment
UbuntuEvangelist
Bump bootstrap from 4.6.2 to 5.0.0 in /ACS-Frontend in the npm_and_yarn group across 1 directory

YSRKEN/AerialCombatSimulator #70

4.6.2 → 5.0.0 Major PR
Closed 3 months ago 2 comments
YSRKEN
Bump the npm_and_yarn group across 1 directory with 11 updates

YSRKEN/AerialCombatSimulator #68

4.6.2 → 5.0.0 Major PR
Closed 3 months ago 1 comment
YSRKEN
build(deps): bump the npm_and_yarn group across 3 directories with 3 updates

UB-Mannheim/cocalc #2

3.4.1 → 5.0.0 Major PR
Closed 3 months ago 1 comment
UB-Mannheim
Bump bootstrap from 5.3.2 to 5.3.8

kmihalj/StrelicarskiKlub #8

5.3.2 → 5.3.8 Patch PR
Open 3 months ago 1 comment
kmihalj
Bump the npm_and_yarn group across 1 directory with 5 updates

anonim-01/djangogirls #2

3.4.1 → 5.0.0 Major PR
Open 4 months ago 1 comment
anonim-01
Bump the npm_and_yarn group across 2 directories with 25 updates

robertsn808/opensource-casino-v10-fixed #9

3.4.1 → 5.0.0 Major PR
Closed 4 months ago 1 comment
robertsn808
Bump the npm_and_yarn group across 2 directories with 24 updates

robertsn808/opensource-casino-v10-fixed #7

3.4.1 → 5.0.0 Major PR
Closed 4 months ago 1 comment
robertsn808
Bump the npm_and_yarn group across 4 directories with 18 updates

YoutacRandS-VA/mautic #10

3.4.1 → 5.0.0 Major PR
Open 4 months ago 1 comment
YoutacRandS-VA
Bump bootstrap from 5.3.0-alpha1 to 5.3.8 in /tabby-core

xiaoyu-work/ATerm #10

5.3.0-alpha1 → 5.3.8 Patch PR
Closed 4 months ago 2 comments
xiaoyu-work
chore(deps): bump bootstrap from 5.3.6 to 5.3.8 in /BlueBerry24.Web

abdulhamidshahade/BlueBerry24 #12

5.3.6 → 5.3.8 Patch PR
Open 4 months ago 2 comments
abdulhamidshahade
Bump bootstrap from 5.3.0 to 5.3.8

ahmad-ali-kamal/Smart_Inventory_Product_Calculator_App #6

5.3.0 → 5.3.8 Patch PR
Closed 4 months ago 1 comment
ahmad-ali-kamal
chore(deps): bump the bootstrap group in /ui with 2 updates

prymitive/karma #6500

5.2.3 → 5.3.8 Minor PR
Closed 4 months ago 1 comment
prymitive
build(deps): bump the minor-and-patch group across 1 directory with 11 updates

CircuitVerse/CircuitVerse #6786

5.3.3 → 5.3.8 Patch PR
Open 5 months ago 3 comments
CircuitVerse
chore(deps): bump the npm_and_yarn group across 2 directories with 3 updates

herodevs/cli #464

3.1.1 → 5.0.0 Major PR
Closed 5 months ago 1 comment
herodevs
Bump the all-ui-deps group across 1 directory with 80 updates

craftercms/studio-ui #4775

5.3.7 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
craftercms
Bump the all-ui-deps group across 1 directory with 79 updates

craftercms/studio-ui #4770

5.3.7 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
craftercms
Bump the frontend-production group across 1 directory with 21 updates

crt25/collimator #462

5.3.3 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
crt25
build(deps): bump bootstrap from 3.4.1 to 5.3.8 in /webapps/frontend

operaton/operaton #2205

3.4.1 → 5.3.8 Major PR
Closed 5 months ago 2 comments
operaton
Bump the all-ui-deps group across 1 directory with 77 updates

craftercms/studio-ui #4765

5.3.7 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
craftercms
Bump bootstrap from 3.4.1 to 5.0.0 in the npm_and_yarn group across 1 directory

AKJUS/blackbox-log-viewer #54

3.4.1 → 5.0.0 Major PR
Open 5 months ago 4 comments
AKJUS
Bump the npm_and_yarn group across 1 directory with 2 updates

bettysteger/showmaniac #6

3.4.1 → 5.0.0 Major PR
Open 5 months ago 2 comments
bettysteger
Bump the all-ui-deps group across 1 directory with 76 updates

craftercms/studio-ui #4760

5.3.7 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
craftercms
Bump bootstrap from 4.6.2 to 5.3.8

Edirom/ViFE-website #89

4.6.2 → 5.3.8 Major PR
Closed 5 months ago 2 comments
Edirom
Bump the all-ui-deps group across 1 directory with 77 updates

craftercms/studio-ui #4754

5.3.7 → 5.3.8 Patch PR
Open 5 months ago 1 comment
craftercms
Bump the npm_and_yarn group across 1 directory with 6 updates

injust/mitmproxy #2

3.4.1 → 5.0.0 Major PR
Closed 5 months ago 1 comment
injust
Bump the npm-dependencies group across 1 directory with 27 updates

SamYuan1990/Probe #270

5.3.3 → 5.3.8 Patch PR
Closed 5 months ago 1 comment
SamYuan1990
Package Details
Name: bootstrap
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/bootstrap
JSON API: View JSON
Security Advisories

9

Active advisories
MODERATE 9
View All npm Advisories
Package Information
Description:

The most popular front-end framework for developing responsive, mobile first projects on the web.

Repository: https://github.com/twbs/bootstrap
Homepage: https://getbootstrap.com/
Latest Release: 5.3.6
about 1 year ago
Dependent Repos: 874,564
Dependent Packages: 17,952
Downloads: 20,752,506
Ranking: Top 0.0383% by dependent repos Top 0.0595% by downloads Top 0.0059% by dependent pkgs
PR Status
Open 2,017 (48.5%)
Merged 780 (18.8%)
Closed 980 (23.6%)
PR Types
Major 856 (20.6%)
Minor 351 (8.4%)
Patch 2,566 (61.7%)
Removal 2 (0.0%)