{"package":"github.com/jackc/pgx/v4","ecosystem":"go","latest_version":"v4.18.3","description":"PostgreSQL driver and toolkit for Go","license":"MIT","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://pkg.go.dev/github.com/jackc/pgx/v4","repository":"https://github.com/jackc/pgx/v4","downloads_weekly":13712,"health":{"score":60,"risk":"moderate","breakdown":{"maintenance":0,"popularity":10,"security":25,"maturity":12,"community":13},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":0,"low":1,"details":[{"vuln_id":"GHSA-j88v-2chj-qfwx","severity":"low","summary":"pgx: SQL Injection via placeholder confusion with dollar quoted string literals","affected_versions":"<5.9.2|<=4.18.3|<=3.6.2","fixed_version":"5.9.2","source":"osv","published_at":"2026-04-22T20:46:51Z"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"v4.18.3","total_count":41,"recent":["v4.14.1","v4.5.0","v4.6.0","v4.12.0","v4.9.2","v4.1.0","v4.10.0","v4.10.1","v4.13.0","v4.9.1","v4.18.3","v4.16.0","v4.14.0","v4.16.1","v4.18.2","v4.2.0","v4.7.1","v4.7.2","v4.17.1","v4.4.1"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":383,"first_published":null,"last_published":"2024-03-09T18:15:53Z","dependencies_count":0,"dependencies":[]},"github_stats":{"stars":13718,"forks":1019,"open_issues":248,"is_archived":false,"pushed_at":"2026-04-25T19:26:52Z","subscribers_count":99},"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"v4.18.3","version_hint":"Update to >= 5.9.2 to fix known vulnerabilities","summary":"github.com/jackc/pgx/v4@v4.18.3 is safe to use (health: 60/100)"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":723,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":null,"last_release_days_ago":780,"avg_days_between_releases":null,"release_velocity":"stale"}}