Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

bootstrap

Ecosystem:
npm
Package URL:
pkg:npm/bootstrap
Total PRs:
4,120 Dependabot PRs
Latest PR:
9 days ago
Unique Repositories:
2,168 repositories
Unique Repos (30 days):
7 repositories
Security Advisories
Bootstrap Cross-Site Scripting (XSS) vulnerability for data-* attributes
GHSA-vxmc-5x29-h64v CVE-2024-6485 MODERATE published over 1 year ago • updated 1 day ago
A security vulnerability has been discovered in bootstrap that could enable Cross-Site Scripting (XSS) attacks. The vulnerability is associated wit...
Bootstrap Cross-site Scripting vulnerability
GHSA-7mvr-5x2g-wfc8 CVE-2018-14042 MODERATE published over 7 years ago • updated about 16 hours ago
In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is s...
Bootstrap Vulnerable to Cross-Site Scripting in its Popover and Tooltip Components
GHSA-q58r-hwc8-rm9j CVE-2025-1647 MODERATE published 10 months ago • updated about 14 hours ago
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting ...
Bootstrap vulnerable to Cross-Site Scripting (XSS)
GHSA-3wqf-4x89-9g79 CVE-2018-14040 MODERATE published almost 4 years ago • updated about 17 hours ago
In Bootstrap starting in version 2.3.0 and prior to 3.4.0, as well as 4.x before 4.1.2, XSS is possible in the collapse data-parent attribute.
bootstrap Cross-site Scripting vulnerability
GHSA-ph58-4vrj-w6hr CVE-2018-20677 MODERATE published about 7 years ago • updated 2 days ago
In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
View all 10 advisories
Recent PRs
RSS Feed
Bump the npm_and_yarn group across 1 directory with 5 updates

anonim-01/djangogirls #2

3.4.1 → 5.0.0 Major PR
Open 9 days ago 1 comment
anonim-01
Bump the npm_and_yarn group across 2 directories with 25 updates

robertsn808/opensource-casino-v10-fixed #9

3.4.1 → 5.0.0 Major PR
Closed 13 days ago 1 comment
robertsn808
Bump the npm_and_yarn group across 2 directories with 24 updates

robertsn808/opensource-casino-v10-fixed #7

3.4.1 → 5.0.0 Major PR
Closed 16 days ago 1 comment
robertsn808
Bump the npm_and_yarn group across 4 directories with 18 updates

YoutacRandS-VA/mautic #10

3.4.1 → 5.0.0 Major PR
Open 18 days ago 1 comment
YoutacRandS-VA
Bump bootstrap from 5.3.0-alpha1 to 5.3.8 in /tabby-core

xiaoyu-work/ATerm #10

5.3.0-alpha1 → 5.3.8 Patch PR
Closed 19 days ago 2 comments
xiaoyu-work
chore(deps): bump bootstrap from 5.3.6 to 5.3.8 in /BlueBerry24.Web

abdulhamidshahade/BlueBerry24 #12

5.3.6 → 5.3.8 Patch PR
Open 22 days ago 2 comments
abdulhamidshahade
Bump bootstrap from 5.3.0 to 5.3.8

ahmad-ali-kamal/Smart_Inventory_Product_Calculator_App #6

5.3.0 → 5.3.8 Patch PR
Closed 26 days ago 1 comment
ahmad-ali-kamal
chore(deps): bump the bootstrap group in /ui with 2 updates

prymitive/karma #6500

5.2.3 → 5.3.8 Minor PR
Closed about 1 month ago 1 comment
prymitive
build(deps): bump the minor-and-patch group across 1 directory with 11 updates

CircuitVerse/CircuitVerse #6786

5.3.3 → 5.3.8 Patch PR
Open about 1 month ago 3 comments
CircuitVerse
chore(deps): bump the npm_and_yarn group across 2 directories with 3 updates

herodevs/cli #464

3.1.1 → 5.0.0 Major PR
Closed about 1 month ago 1 comment
herodevs
Bump the all-ui-deps group across 1 directory with 80 updates

craftercms/studio-ui #4775

5.3.7 → 5.3.8 Patch PR
Closed about 1 month ago 2 comments
craftercms
Bump the all-ui-deps group across 1 directory with 79 updates

craftercms/studio-ui #4770

5.3.7 → 5.3.8 Patch PR
Closed about 1 month ago 2 comments
craftercms
Bump the frontend-production group across 1 directory with 21 updates

crt25/collimator #462

5.3.3 → 5.3.8 Patch PR
Closed about 1 month ago 2 comments
crt25
build(deps): bump bootstrap from 3.4.1 to 5.3.8 in /webapps/frontend

operaton/operaton #2205

3.4.1 → 5.3.8 Major PR
Closed about 1 month ago 2 comments
operaton
Bump the all-ui-deps group across 1 directory with 77 updates

craftercms/studio-ui #4765

5.3.7 → 5.3.8 Patch PR
Closed about 1 month ago 2 comments
craftercms
Bump the npm_and_yarn group across 1 directory with 2 updates

bettysteger/showmaniac #6

3.4.1 → 5.0.0 Major PR
Open about 2 months ago 2 comments
bettysteger
Bump the all-ui-deps group across 1 directory with 76 updates

craftercms/studio-ui #4760

5.3.7 → 5.3.8 Patch PR
Closed about 2 months ago 2 comments
craftercms
Bump bootstrap from 4.6.2 to 5.3.8

Edirom/ViFE-website #89

4.6.2 → 5.3.8 Major PR
Closed about 2 months ago 2 comments
Edirom
Bump the all-ui-deps group across 1 directory with 77 updates

craftercms/studio-ui #4754

5.3.7 → 5.3.8 Patch PR
Open about 2 months ago 1 comment
craftercms
Bump the npm_and_yarn group across 1 directory with 6 updates

injust/mitmproxy #2

3.4.1 → 5.0.0 Major PR
Closed about 2 months ago 1 comment
injust
Bump the npm-dependencies group across 1 directory with 27 updates

SamYuan1990/Probe #270

5.3.3 → 5.3.8 Patch PR
Closed about 2 months ago 1 comment
SamYuan1990
front: bump bootstrap from 4.3.1 to 5.3.8 in /front

OpenRailAssociation/osrd #14707

4.3.1 → 5.3.8 Major PR
Closed about 2 months ago 4 comments
OpenRailAssociation
Bump the frontend-production group across 1 directory with 19 updates

crt25/collimator #454

5.3.3 → 5.3.8 Patch PR
Closed about 2 months ago 1 comment
crt25
Bump the npm_and_yarn group across 2 directories with 4 updates

Mika3578/Medusa #20

3.4.1 → 5.0.0 Major PR
Closed about 2 months ago 2 comments
Mika3578
chore(deps): bump the npm_and_yarn group across 1 directory with 21 updates

cf5146/PttChrome #1

3.4.1 → 5.0.0 Major PR
Open 2 months ago 1 comment
cf5146
Bump the patterns group across 1 directory with 29 updates

Metaller000/mongo-express #36

5.3.3 → 5.3.8 Patch PR
Closed 2 months ago 1 comment
Metaller000
Bump bootstrap from 5.3.7 to 5.3.8

FactoryOptic/documentation #450

5.3.7 → 5.3.8 Patch PR
Open 2 months ago 2 comments
FactoryOptic
chore(deps): bump the npm_and_yarn group across 2 directories with 3 updates

herodevs/cli #458

3.1.1 → 5.0.0 Major PR
Closed 2 months ago 1 comment
herodevs
build(deps): bump the minor-and-patch group across 1 directory with 11 updates

CircuitVerse/CircuitVerse #6549

5.3.3 → 5.3.8 Patch PR
Open 2 months ago 3 comments
CircuitVerse
Bump the all-patch-minor group across 1 directory with 109 updates

eddelbuettel/PrairieLearn #1569

5.3.6 → 5.3.8 Patch PR
Closed 2 months ago 1 comment
eddelbuettel
security(deps): bump bootstrap from 5.1.3 to 5.3.8

userlip/warcmachine #7

5.1.3 → 5.3.8 Minor PR
Open 2 months ago 3 comments
userlip
Bump the npm_and_yarn group across 1 directory with 5 updates

NoClueMike/mitmproxy #2

3.4.1 → 5.0.0 Major PR
Closed 2 months ago 1 comment
NoClueMike
Bump bootstrap from 5.3.6 to 5.3.8

manyfold3d/manyfold #5207

5.3.6 → 5.3.8 Patch PR
Open 3 months ago 2 comments
manyfold3d
chore(deps): bump bootstrap from 5.3.3 to 5.3.8 in the production-dependencies group

mpbarbosa/monitora_vagas #14

5.3.3 → 5.3.8 Patch PR
Closed 3 months ago 2 comments
mpbarbosa
fix(deps): bump the minorandpatch group across 1 directory with 10 updates

KohlbacherLab/homepage #249

5.3.5 → 5.3.8 Patch PR
Open 3 months ago 2 comments
KohlbacherLab
Bump the development-dependencies group across 1 directory with 10 updates

gifhuppp/icons #159

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
gifhuppp
Bump the npm_and_yarn group across 1 directory with 3 updates

ONSdigital/sdc-responses-dashboard #196

3.4.1 → 5.0.0 Major PR
Open 3 months ago 8 comments
ONSdigital
Bump the jsx-minor group across 1 directory with 9 updates

zheme1024/jupyterhub #17

5.3.6 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
zheme1024
NPM-dependencies: Bump the npm-updates group across 3 directories with 16 updates

Harvester57/keysas #22

5.3.5 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
Harvester57
Bump bootstrap from 5.1.3 to 5.3.8

RMITLibrary/rmit-ui #329

5.1.3 → 5.3.8 Minor PR
Closed 3 months ago 3 comments
RMITLibrary
Bump the npm_and_yarn group across 1 directory with 4 updates

otvorenesudy/otvorenesudy-prokuratura #42

4.0.0 → 5.0.0 Major PR
Open 3 months ago 5 comments
otvorenesudy
fix(deps): bump the minorandpatch group with 35 updates

authup/authup #2751

5.3.7 → 5.3.8 Patch PR
Closed 3 months ago 3 comments
authup
DEPENDABOT VERSION UPDATES: Bump bootstrap from 5.3.1 to 5.3.8 in /frontend

qqwayne/mona-demo-20251125 #4

5.3.1 → 5.3.8 Patch PR
Open 4 months ago 1 comment
qqwayne
Bump bootstrap from 5.1.3 to 5.3.8

VardaPanchal005/Portfolio #48

5.1.3 → 5.3.8 Minor PR
Open 4 months ago 2 comments
VardaPanchal005
deps(deps-dev): bump bootstrap from 5.3.5 to 5.3.8 in /Mwh.Sample.Web

markhazleton/SampleMvcCRUD #41

5.3.5 → 5.3.8 Patch PR
Closed 4 months ago 5 comments
markhazleton
Bump the all-npm group across 1 directory with 21 updates

sakamata-ch/SakamataFontProject-Website #151

5.3.3 → 5.3.8 Patch PR
Closed 4 months ago 4 comments
sakamata-ch
web: bump bootstrap from 4.6.2 to 5.3.8 in /web

goauthentik/authentik #18248

4.6.2 → 5.3.8 Major PR
Open 4 months ago 5 comments
goauthentik
chore(deps): bump bootstrap from 3.1.1 to 5.0.0 in /e2e/fixtures/npm/simple in the npm_and_yarn group across 1 directory

herodevs/cli #421

3.1.1 → 5.0.0 Major PR
Closed 4 months ago 1 comment
herodevs
chore(deps-dev): bump bootstrap from 4.6.2 to 5.3.8

tdamsma/yeptrainingen #476

4.6.2 → 5.3.8 Major PR
Open 4 months ago 2 comments
tdamsma
Bump the all-updates group across 1 directory with 22 updates

brandonladen/My_Digital_Portfolio #16

5.3.6 → 5.3.8 Patch PR
Open 4 months ago 1 comment
brandonladen
Package Details
Name: bootstrap
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/bootstrap
JSON API: View JSON
Security Advisories

10

Active advisories
MODERATE 10
View All npm Advisories
Package Information
Description:

The most popular front-end framework for developing responsive, mobile first projects on the web.

Repository: https://github.com/twbs/bootstrap
Homepage: https://getbootstrap.com/
Latest Release: 5.3.6
10 months ago
Dependent Repos: 874,564
Dependent Packages: 17,952
Downloads: 20,752,506
Ranking: Top 0.0383% by dependent repos Top 0.0595% by downloads Top 0.0059% by dependent pkgs
PR Status
Open 2,002 (48.6%)
Merged 780 (18.9%)
Closed 955 (23.2%)
PR Types
Removal 2 (0.0%)
Minor 343 (8.3%)
Major 836 (20.3%)
Patch 2,554 (62.0%)