{"package":"@posthog/nextjs-config","ecosystem":"npm","latest_version":"1.9.16","description":"NextJS configuration helper for Posthog 🦔","license":"MIT","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://github.com/PostHog/posthog-js#readme","repository":"https://github.com/PostHog/posthog-js","downloads_weekly":140285,"health":{"score":87,"risk":"low","breakdown":{"maintenance":25,"popularity":14,"security":25,"maturity":15,"community":8},"deprecated":false,"max_score":100},"vulnerabilities":{"count":0,"critical":0,"high":0,"medium":0,"low":0,"details":[]},"versions":{"latest":"1.9.16","total_count":82,"recent":["1.8.26","1.8.27","1.8.28","1.9.0","1.9.1","1.9.2","1.9.3","1.9.4","1.9.5","1.9.6","1.9.7","1.9.8","1.9.9","1.9.10","1.9.11","1.9.12","1.9.13","1.9.14","1.9.15","1.9.16"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":17,"first_published":"2025-06-25T12:42:00.771Z","last_published":"2026-05-01T13:46:17.364Z","dependencies_count":4,"dependencies":["@posthog/cli","semver","@posthog/plugin-utils","@posthog/webpack-plugin"]},"github_stats":{"stars":541,"forks":249,"open_issues":171,"is_archived":false,"pushed_at":"2026-05-02T07:13:29+00:00"},"bundle":null,"typescript":{"score":10,"has_types":true,"types_source":"bundled","types_package":null},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"1.9.16","version_hint":null,"summary":"@posthog/nextjs-config@1.9.16 is safe to use (health: 87/100)"},"version_scoped":null,"_meta":{"endpoint":"check","tier":"full","philosophy":"DepScope is free. Use the cheapest endpoint that answers your real question.","cheaper_alternatives":[{"endpoint":"/api/exists/npm/%40posthog%2Fnextjs-config","tokens_estimated":12,"use_when":"you only need to know if the package exists (hallucination guard)"},{"endpoint":"/api/health/npm/%40posthog%2Fnextjs-config","tokens_estimated":80,"use_when":"you only need a 0-100 score for go/no-go (>=70 = safe)"},{"endpoint":"/api/prompt/npm/%40posthog%2Fnextjs-config","tokens_estimated":280,"use_when":"you want a plain-text LLM-friendly brief instead of JSON"},{"endpoint":"POST /api/check_bulk","tokens_estimated":60,"use_when":"you have 5+ packages to check; sends one round-trip instead of N"}],"docs":"https://depscope.dev/integrate","hint_bulk":"You've called /api/check 61 times in 60s. Save bandwidth + tokens with POST /api/check_bulk (1 round-trip for N pkgs)."},"requested_version":null,"_cache":"miss","_response_ms":1050,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false,"advisory_id":"MAL-2025-190887","summary":"Malicious code in @posthog/nextjs-config (npm)","action":"use_with_caution","affected_versions":["1.5.1"],"latest_version_safe":true,"note":"Advisory MAL-2025-190887: versions 1.5.1 are compromised. Current latest (1.9.16) is NOT affected — safe to install. Avoid the listed versions."},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":312,"last_release_days_ago":2,"avg_days_between_releases":16,"release_velocity":"active"}}