{"package":"@nx/eslint","ecosystem":"npm","latest_version":"22.6.5","description":"The ESLint plugin for Nx contains executors, generators and utilities used for linting JavaScript/TypeScript projects within an Nx workspace.","license":"MIT","homepage":"https://nx.dev","repository":"https://github.com/nrwl/nx","downloads_weekly":3386835,"health":{"score":95,"risk":"low","breakdown":{"maintenance":25,"popularity":17,"security":25,"maturity":15,"community":13},"deprecated":false,"max_score":100},"vulnerabilities":{"count":2,"critical":0,"high":0,"medium":0,"low":2,"details":[{"vuln_id":"CVE-2025-10894","severity":"unknown","summary":"Malicious versions of Nx were published","affected_versions":null,"fixed_version":null,"source":"osv","published_at":"2025-08-27T16:42:47Z","in_kev":false,"epss_prob":0.0009,"epss_percentile":0.25317,"threat_tier":"theoretical"},{"vuln_id":"CVE-2025-10894","severity":"unknown","summary":"Malicious code in @nx/eslint (npm)","affected_versions":null,"fixed_version":null,"source":"osv","published_at":"2025-08-27T23:12:13Z","in_kev":false,"epss_prob":0.0009,"epss_percentile":0.25317,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"22.6.5","total_count":1620,"recent":["22.7.0-beta.7","22.7.0-pr.33655.d8f5d50","22.7.0-canary.20260331-63a8f27","22.7.0-beta.8","22.7.0-beta.9","22.7.0-pr.33655.2b96277","22.6.4","22.7.0-beta.10","22.7.0-pr.34823.636be20","22.7.0-canary.20260403-8d35b8a","22.7.0-canary.20260407-794e0b4","22.7.0-canary.20260407-918193a","22.7.0-beta.11","22.7.0-beta.12","22.6.5","22.7.0-beta.13","22.7.0-beta.14","22.7.0-beta.15","21.6.11","22.7.0-canary.20260417-8f47bf2"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":5,"first_published":"2023-10-17T05:46:32.568Z","last_published":"2026-04-10T14:39:19.908Z","dependencies_count":5,"dependencies":["tslib","@nx/js","semver","@nx/devkit","typescript"]},"bundle":null,"typescript":{"score":10,"has_types":true,"types_source":"bundled","types_package":null},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"recommendation":{"action":"safe_to_use","issues":[],"use_version":"22.6.5","version_hint":null,"summary":"@nx/eslint@22.6.5 is safe to use (health: 95/100)"},"requested_version":null,"_cache":"miss","_response_ms":1249,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false,"advisory_id":"MAL-2025-41438","summary":"Malicious code in @nx/eslint (npm)","action":"review_advisory","downloads_weekly_at_check":3386835,"note":"Advisory MAL-2025-41438 flags this name but the package has 3,386,835 weekly downloads — likely a false positive or a withdrawn advisory. Verify on OSV.dev before treating as malicious."},"scorecard":{"available":false},"quality":{"available":false}}