{"package":"@posthog/nextjs-config","ecosystem":"npm","latest_version":"1.9.68","description":"NextJS configuration helper for Posthog 🦔","license":"MIT","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://github.com/PostHog/posthog-js#readme","repository":"https://github.com/PostHog/posthog-js","downloads_weekly":287444,"health":{"score":87,"risk":"low","breakdown":{"maintenance":25,"popularity":14,"security":25,"maturity":15,"community":8,"popularity_floor":0},"deprecated":false,"max_score":100},"vulnerabilities":{"count":0,"critical":0,"high":0,"medium":0,"low":0,"details":[]},"versions":{"latest":"1.9.68","total_count":134,"recent":["1.9.49","1.9.50","1.9.51","1.9.52","1.9.53","1.9.54","1.9.55","1.9.56","1.9.57","1.9.58","1.9.59","1.9.60","1.9.61","1.9.62","1.9.63","1.9.64","1.9.65","1.9.66","1.9.67","1.9.68"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":22,"first_published":"2025-06-25T12:42:00.771Z","last_published":"2026-06-16T15:04:27.036Z","dependencies_count":4,"dependencies":["@posthog/cli","semver","@posthog/plugin-utils","@posthog/webpack-plugin"]},"github_stats":{"stars":553,"forks":274,"open_issues":214,"is_archived":false,"pushed_at":"2026-06-19T05:23:45Z","subscribers_count":15},"bundle":null,"typescript":{"score":10,"has_types":true,"types_source":"bundled","types_package":null},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"1.9.68","version_hint":null,"summary":"@posthog/nextjs-config@1.9.68 is safe to use (health: 87/100)"},"version_scoped":null,"_meta":{"endpoint":"check","tier":"full","philosophy":"DepScope is free. Use the cheapest endpoint that answers your real question.","cheaper_alternatives":[{"endpoint":"/api/exists/npm/%40posthog%2Fnextjs-config","tokens_estimated":12,"use_when":"you only need to know if the package exists (hallucination guard)"},{"endpoint":"/api/health/npm/%40posthog%2Fnextjs-config","tokens_estimated":80,"use_when":"you only need a 0-100 score for go/no-go (>=70 = safe)"},{"endpoint":"/api/prompt/npm/%40posthog%2Fnextjs-config","tokens_estimated":280,"use_when":"you want a plain-text LLM-friendly brief instead of JSON"},{"endpoint":"POST /api/check_bulk","tokens_estimated":60,"use_when":"you have 5+ packages to check; sends one round-trip instead of N"}],"docs":"https://depscope.dev/integrate","hint_bulk":"You've called /api/check 15 times in 60s. Save bandwidth + tokens with POST /api/check_bulk (1 round-trip for N pkgs)."},"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false,"advisory_id":"MAL-2025-190887","summary":"Malicious code in @posthog/nextjs-config (npm)","action":"use_with_caution","affected_versions":["1.5.1"],"latest_version_safe":true,"note":"Advisory MAL-2025-190887: versions 1.5.1 are compromised. Current latest (1.9.68) is NOT affected — safe to install. Avoid the listed versions."},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":358,"last_release_days_ago":2,"avg_days_between_releases":19,"release_velocity":"active"}}