Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

bootstrap

Ecosystem:
npm
Package URL:
pkg:npm/bootstrap
Total PRs:
4,161 Dependabot PRs
Latest PR:
about 3 hours ago
Unique Repositories:
2,194 repositories
Unique Repos (30 days):
4 repositories
Security Advisories
Bootstrap Cross-site Scripting vulnerability
GHSA-7mvr-5x2g-wfc8 CVE-2018-14042 MODERATE published almost 8 years ago • updated about 4 hours ago
In Bootstrap starting in version 2.3.0 and prior to versions 3.4.0 and 4.1.2, XSS is possible in the data-container property of tooltip. This is s...
Bootstrap Vulnerable to Cross-Site Scripting in its Popover and Tooltip Components
GHSA-q58r-hwc8-rm9j CVE-2025-1647 MODERATE published about 1 year ago • updated 21 days ago
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting ...
Bootstrap Cross-site Scripting vulnerability
GHSA-pj7m-g53m-7638 CVE-2018-14041 MODERATE published almost 8 years ago • updated about 4 hours ago
In Bootstrap 4.x before 4.1.2, XSS is possible in the data-target property of scrollspy. This is similar to CVE-2018-14042.
XSS vulnerability that affects bootstrap
GHSA-3mgp-fx93-9xv5 CVE-2018-20676 MODERATE published over 7 years ago • updated 4 days ago
In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
Bootstrap Cross-site Scripting vulnerability
GHSA-4p24-vmcr-4gqj CVE-2016-10735 MODERATE published over 7 years ago • updated about 4 hours ago
In Bootstrap 2.x from 2.0.4, 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute. Note that this is a d...
View all 9 advisories
Recent PRs (filtered by: Patch PRs )
RSS Feed Clear filter
chore(deps): bump the npm-minor group across 1 directory with 20 updates

Dashtid/portfolio-site #93

5.3.3 → 5.3.8 Patch PR
Closed about 1 month ago 2 comments
Dashtid
deps(web)(deps): Bump the patch group in /web with 2 updates

crockpotveggies/execlaw #5

5.3.3 → 5.3.8 Patch PR
Open about 1 month ago 2 comments
crockpotveggies
chore(deps): bump the npm-minor group across 1 directory with 16 updates

Dashtid/portfolio-site #83

5.3.3 → 5.3.8 Patch PR
Closed about 2 months ago 2 comments
Dashtid
Bump bootstrap from 5.3.6 to 5.3.8

ivechalapu/generator-jhipster-7.x_maintenance #25

5.3.6 → 5.3.8 Patch PR
Open about 2 months ago 1 comment
ivechalapu
Bump the patch-updates group across 1 directory with 2 updates

codejoncode/jonathan-updated-portfolio #6

5.3.7 → 5.3.8 Patch PR
Open about 2 months ago 1 comment
codejoncode
Bump bootstrap from 5.3.7 to 5.3.8 in the patch-updates group

codejoncode/jonathan-updated-portfolio #1

5.3.7 → 5.3.8 Patch PR
Open 2 months ago 1 comment
codejoncode
chore(deps): bump bootstrap from 5.3.2 to 5.3.8

m4rv4x/mxgpt #9

5.3.2 → 5.3.8 Patch PR
Open 2 months ago 1 comment
m4rv4x
Bump bootstrap from 5.3.3 to 5.3.8

kalaiselvi-dev/analytics-avenue-dashboard #8

5.3.3 → 5.3.8 Patch PR
Open 2 months ago 2 comments
kalaiselvi-dev
build(deps): bump the minor-and-patch group across 1 directory with 13 updates

CircuitVerse/CircuitVerse #7263

5.3.3 → 5.3.8 Patch PR
Open 2 months ago 2 comments
CircuitVerse
chore(deps): bump the all-dependencies group with 30 updates

amigobrewbrew/polytopiacalculatorfirebase-public #112

5.3.5 → 5.3.8 Patch PR
Closed 3 months ago 1 comment
amigobrewbrew
Bump bootstrap from 5.3.2 to 5.3.8

kmihalj/StrelicarskiKlub #8

5.3.2 → 5.3.8 Patch PR
Open 3 months ago 1 comment
kmihalj
Bump bootstrap from 5.3.0-alpha1 to 5.3.8 in /tabby-core

xiaoyu-work/ATerm #10

5.3.0-alpha1 → 5.3.8 Patch PR
Closed 4 months ago 2 comments
xiaoyu-work
chore(deps): bump bootstrap from 5.3.6 to 5.3.8 in /BlueBerry24.Web

abdulhamidshahade/BlueBerry24 #12

5.3.6 → 5.3.8 Patch PR
Open 4 months ago 2 comments
abdulhamidshahade
Bump bootstrap from 5.3.0 to 5.3.8

ahmad-ali-kamal/Smart_Inventory_Product_Calculator_App #6

5.3.0 → 5.3.8 Patch PR
Closed 4 months ago 1 comment
ahmad-ali-kamal
build(deps): bump the minor-and-patch group across 1 directory with 11 updates

CircuitVerse/CircuitVerse #6786

5.3.3 → 5.3.8 Patch PR
Open 5 months ago 3 comments
CircuitVerse
Bump the all-ui-deps group across 1 directory with 80 updates

craftercms/studio-ui #4775

5.3.7 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
craftercms
Bump the all-ui-deps group across 1 directory with 79 updates

craftercms/studio-ui #4770

5.3.7 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
craftercms
Bump the frontend-production group across 1 directory with 21 updates

crt25/collimator #462

5.3.3 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
crt25
Bump the all-ui-deps group across 1 directory with 77 updates

craftercms/studio-ui #4765

5.3.7 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
craftercms
Bump the all-ui-deps group across 1 directory with 76 updates

craftercms/studio-ui #4760

5.3.7 → 5.3.8 Patch PR
Closed 5 months ago 2 comments
craftercms
Bump the all-ui-deps group across 1 directory with 77 updates

craftercms/studio-ui #4754

5.3.7 → 5.3.8 Patch PR
Open 5 months ago 1 comment
craftercms
Bump the npm-dependencies group across 1 directory with 27 updates

SamYuan1990/Probe #270

5.3.3 → 5.3.8 Patch PR
Closed 5 months ago 1 comment
SamYuan1990
Bump the frontend-production group across 1 directory with 19 updates

crt25/collimator #454

5.3.3 → 5.3.8 Patch PR
Closed 5 months ago 1 comment
crt25
Bump the patterns group across 1 directory with 29 updates

Metaller000/mongo-express #36

5.3.3 → 5.3.8 Patch PR
Closed 5 months ago 1 comment
Metaller000
Bump bootstrap from 5.3.7 to 5.3.8

FactoryOptic/documentation #450

5.3.7 → 5.3.8 Patch PR
Open 5 months ago 4 comments
FactoryOptic
build(deps): bump the minor-and-patch group across 1 directory with 11 updates

CircuitVerse/CircuitVerse #6549

5.3.3 → 5.3.8 Patch PR
Open 6 months ago 3 comments
CircuitVerse
Bump the all-patch-minor group across 1 directory with 109 updates

eddelbuettel/PrairieLearn #1569

5.3.6 → 5.3.8 Patch PR
Closed 6 months ago 1 comment
eddelbuettel
Bump bootstrap from 5.3.6 to 5.3.8

manyfold3d/manyfold #5207

5.3.6 → 5.3.8 Patch PR
Open 6 months ago 2 comments
manyfold3d
chore(deps): bump bootstrap from 5.3.3 to 5.3.8 in the production-dependencies group

mpbarbosa/monitora_vagas #14

5.3.3 → 5.3.8 Patch PR
Closed 6 months ago 2 comments
mpbarbosa
fix(deps): bump the minorandpatch group across 1 directory with 10 updates

KohlbacherLab/homepage #249

5.3.5 → 5.3.8 Patch PR
Open 6 months ago 2 comments
KohlbacherLab
Bump the development-dependencies group across 1 directory with 10 updates

gifhuppp/icons #159

5.3.7 → 5.3.8 Patch PR
Closed 7 months ago 1 comment
gifhuppp
Bump the jsx-minor group across 1 directory with 9 updates

zheme1024/jupyterhub #17

5.3.6 → 5.3.8 Patch PR
Closed 7 months ago 1 comment
zheme1024
NPM-dependencies: Bump the npm-updates group across 3 directories with 16 updates

Harvester57/keysas #22

5.3.5 → 5.3.8 Patch PR
Closed 7 months ago 1 comment
Harvester57
fix(deps): bump the minorandpatch group with 35 updates

authup/authup #2751

5.3.7 → 5.3.8 Patch PR
Closed 7 months ago 3 comments
authup
DEPENDABOT VERSION UPDATES: Bump bootstrap from 5.3.1 to 5.3.8 in /frontend

qqwayne/mona-demo-20251125 #4

5.3.1 → 5.3.8 Patch PR
Open 7 months ago 1 comment
qqwayne
deps(deps-dev): bump bootstrap from 5.3.5 to 5.3.8 in /Mwh.Sample.Web

markhazleton/SampleMvcCRUD #41

5.3.5 → 5.3.8 Patch PR
Closed 7 months ago 5 comments
markhazleton
Bump the all-npm group across 1 directory with 21 updates

sakamata-ch/SakamataFontProject-Website #151

5.3.3 → 5.3.8 Patch PR
Closed 7 months ago 4 comments
sakamata-ch
Bump the all-updates group across 1 directory with 22 updates

brandonladen/My_Digital_Portfolio #16

5.3.6 → 5.3.8 Patch PR
Open 7 months ago 1 comment
brandonladen
DEPENDABOT VERSION UPDATES: Bump bootstrap from 5.3.1 to 5.3.8 in /frontend

im-sandbox-williamtinfomagnus/mona-demo #1

5.3.1 → 5.3.8 Patch PR
Open 7 months ago 2 comments
im-sandbox-williamtinfomagnus
build(deps): bump bootstrap from 5.3.3 to 5.3.8

Lucs1590/Personal_Site #574

5.3.3 → 5.3.8 Patch PR
Open 7 months ago 2 comments
Lucs1590
Bump bootstrap from 5.3.7 to 5.3.8

aserto-dev/topaz-console #115

5.3.7 → 5.3.8 Patch PR
Open 7 months ago 1 comment
aserto-dev
Bump bootstrap from 5.3.3 to 5.3.8

Gaurav-vats-12/finance_manager #197

5.3.3 → 5.3.8 Patch PR
Open 7 months ago 2 comments
Gaurav-vats-12
Bump the all-ui-deps group across 1 directory with 69 updates

craftercms/studio-ui #4699

5.3.7 → 5.3.8 Patch PR
Open 7 months ago 1 comment
craftercms
Bump the all-ui-deps group across 1 directory with 68 updates

craftercms/studio-ui #4695

5.3.7 → 5.3.8 Patch PR
Open 8 months ago 1 comment
craftercms
Bump bootstrap from 5.3.7 to 5.3.8

JonnyIvan24/admin-lte-2025B #7

5.3.7 → 5.3.8 Patch PR
Open 8 months ago 2 comments
JonnyIvan24
Bump the sub-major group with 14 updates

PolicyEngine/policyengine-app #2793

5.3.7 → 5.3.8 Patch PR
Open 8 months ago 1 comment
PolicyEngine
chore(deps-dev): bump the development-dependencies group across 1 directory with 32 updates

LouisBarranqueiro/reapop #582

5.3.7 → 5.3.8 Patch PR
Closed 8 months ago 1 comment
LouisBarranqueiro
fix(deps): bump the minorandpatch group across 1 directory with 17 updates

tada5hi/vuecs #1458

5.3.5 → 5.3.8 Patch PR
Open 8 months ago 2 comments
tada5hi
fix(deps): bump the minorandpatch group across 1 directory with 17 updates

dnpm-dip/portal #1119

5.3.7 → 5.3.8 Patch PR
Closed 8 months ago 1 comment
dnpm-dip
build(deps): bump the minor-and-patch group across 1 directory with 9 updates

CircuitVerse/CircuitVerse #6317

5.3.3 → 5.3.8 Patch PR
Closed 8 months ago 3 comments
CircuitVerse
Package Details
Name: bootstrap
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/bootstrap
JSON API: View JSON
Security Advisories

9

Active advisories
MODERATE 9
View All npm Advisories
Package Information
Description:

The most popular front-end framework for developing responsive, mobile first projects on the web.

Repository: https://github.com/twbs/bootstrap
Homepage: https://getbootstrap.com/
Latest Release: 5.3.6
about 1 year ago
Dependent Repos: 874,564
Dependent Packages: 17,952
Downloads: 20,752,506
Ranking: Top 0.0383% by dependent repos Top 0.0595% by downloads Top 0.0059% by dependent pkgs
PR Status
Open 2,017 (48.5%)
Merged 780 (18.8%)
Closed 980 (23.6%)
PR Types
Major 856 (20.6%)
Minor 351 (8.4%)
Patch 2,566 (61.7%)
Removal 2 (0.0%)