{"package":"github.com/alist-org/alist/v3","ecosystem":"go","latest_version":"v3.60.0","description":"🗂️A file list/WebDAV program that supports multiple storages, powered by Gin and Solidjs. / 一个支持多存储的文件列表/WebDAV程序，使用 Gin 和 Solidjs。","license":"AGPL-3.0","license_risk":"network_copyleft","commercial_use_notes":"AGPL-3.0: blocks closed-source SaaS — network use = distribution. Requires source disclosure to users.","homepage":"https://pkg.go.dev/github.com/alist-org/alist/v3","repository":"https://github.com/alist-org/alist/v3","downloads_weekly":49354,"health":{"score":88,"risk":"low","breakdown":{"maintenance":25,"popularity":10,"security":25,"maturity":15,"community":13},"deprecated":false,"max_score":100},"vulnerabilities":{"count":0,"critical":0,"high":0,"medium":0,"low":0,"details":[]},"versions":{"latest":"v3.60.0","total_count":98,"recent":["v3.20.0","v3.30.0","v3.17.0","v3.20.1","v3.45.0","v3.36.0","v3.58.0","v3.16.3","v3.14.0","v3.39.0","v3.9.2","v3.15.0","v3.9.0","v3.37.2","v3.52.0","v3.37.3","v3.57.0","v3.21.0","v3.0.2","v3.25.0"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":187,"first_published":null,"last_published":"2026-04-20T01:17:25Z","dependencies_count":0,"dependencies":[]},"bundle":null,"typescript":null,"known_issues":{"bugs_count":12,"bugs_severity":{"high":3,"medium":7,"critical":2},"status_breakdown":{"fixed":10,"open":2},"link":"/api/bugs/go/github.com/alist-org/alist/v3?version=v3.60.0","scope":"version","details":[{"title":"Alist vulnerable to Path Traversal in multiple file operation handlers","severity":"high","status":"fixed","affected_version":null,"fixed_version":"3.57.0","url":"https://github.com/AlistGo/alist/security/advisories/GHSA-x4q4-7phh-42j9"},{"title":"alist Incorrect Access Control vulnerability","severity":"high","status":"open","affected_version":null,"fixed_version":null,"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-33498"},{"title":"AList vulnerable to Improper Preservation of Permissions","severity":"high","status":"fixed","affected_version":null,"fixed_version":"3.5.1","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-45968"},{"title":"Alist vulnerable to Path Traversal in multiple file operation handlers in github.com/alist-org/alist","severity":"medium","status":"fixed","affected_version":null,"fixed_version":"3.57.0","url":"https://github.com/AlistGo/alist/security/advisories/GHSA-x4q4-7phh-42j9"},{"title":"Alist has Insecure TLS Config in github.com/alist-org/alist","severity":"medium","status":"fixed","affected_version":null,"fixed_version":"3.57.0","url":"https://github.com/AlistGo/alist/security/advisories/GHSA-8jmm-3xwx-w974"}]},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"v3.60.0","version_hint":null,"summary":"github.com/alist-org/alist/v3@v3.60.0 is safe to use (health: 88/100)"},"version_scoped":null,"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false}}