{"package":"@backstage/core-components","ecosystem":"npm","latest_version":"0.18.9","description":"Core components used by Backstage plugins and apps","license":"Apache-2.0","homepage":"https://backstage.io","repository":"https://github.com/backstage/backstage","downloads_weekly":293413,"health":{"score":81,"risk":"low","breakdown":{"maintenance":25,"popularity":14,"security":23,"maturity":15,"community":4},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":1,"low":0,"details":[{"vuln_id":"CVE-2023-25571","severity":"medium","summary":"Cross site scripting Vulnerability in backstage Software Catalog","affected_versions":">=0","fixed_version":"1.7.2","source":"osv","published_at":"2023-02-14T21:35:10Z","in_kev":false,"epss_prob":0.0071,"epss_percentile":0.72258,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"0.18.9","total_count":1542,"recent":["0.0.0-nightly-20260402031519","0.0.0-nightly-20260403031518","0.0.0-nightly-20260404031350","0.0.0-nightly-20260405031735","0.0.0-nightly-20260406031922","0.0.0-nightly-20260407031731","0.18.9-next.1","0.0.0-nightly-20260408031702","0.0.0-nightly-20260409031723","0.0.0-nightly-20260410031841","0.0.0-nightly-20260411031533","0.0.0-nightly-20260413031937","0.0.0-nightly-20260414031820","0.18.9","0.0.0-nightly-20260416031834","0.0.0-nightly-20260417031854","0.0.0-nightly-20260418031715","0.0.0-nightly-20260419031625","0.0.0-nightly-20260420031813","0.0.0-nightly-20260421031647"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":3,"first_published":"2021-06-01T16:14:19.134Z","last_published":"2026-04-14T17:27:14.050Z","dependencies_count":42,"dependencies":["qs","zod","lodash","parse5","d3-zoom","js-yaml","d3-shape","linkifyjs","pluralize","react-use","ansi-regex","classnames","rehype-raw","remark-gfm","rc-progress","d3-selection","react-helmet","react-window","@date-io/core","linkify-react","@dagrejs/dagre","react-markdown","zen-observable","react-hook-form","rehype-sanitize","@backstage/theme","@material-ui/lab","@react-hookz/web","react-idle-timer","react-sparklines","@backstage/config","@backstage/errors","@material-ui/core","react-full-screen","@material-ui/icons","@material-table/core","@testing-library/react","@types/react-sparklines","react-syntax-highlighter","@backstage/version-bridge","@backstage/core-plugin-api","react-virtualized-auto-sizer"]},"bundle":null,"typescript":{"score":10,"has_types":true,"types_source":"bundled","types_package":null},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"recommendation":{"action":"safe_to_use","issues":[],"use_version":"0.18.9","version_hint":"Update to >= 1.7.2 to fix known vulnerabilities","summary":"@backstage/core-components@0.18.9 is safe to use (health: 81/100)"},"requested_version":null,"_cache":"miss","_response_ms":1188,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false}}