{"package":"hoek","ecosystem":"npm","latest_version":"6.1.3","description":"General purpose node utilities","license":"SEE LICENSE IN LICENSE.md","license_risk":"unknown","commercial_use_notes":"verify manually — license not parseable / not declared.","homepage":"https://github.com/hapijs/hoek#readme","repository":"https://github.com/hapijs/hoek","downloads_weekly":2868298,"health":{"score":45,"risk":"high","breakdown":{"maintenance":15,"popularity":17,"security":20,"maturity":15,"community":8},"deprecated":true,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":1,"medium":0,"low":0,"details":[{"vuln_id":"CVE-2020-36604","severity":"high","summary":"hoek subject to prototype pollution via the clone function.","affected_versions":"<8.5.1|>=9.0.0,<9.0.3|<=6.1.3","fixed_version":"9.0.3","source":"osv","published_at":"2022-09-25T00:00:27Z","in_kev":false,"epss_prob":0.01047,"epss_percentile":0.78005,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"6.1.3","total_count":116,"recent":["4.0.1","4.0.2","4.1.0","4.1.1","4.2.0","5.0.0","5.0.1","5.0.2","5.0.3","4.2.1","5.0.4","6.0.0","6.0.1","6.0.2","6.0.3","6.0.4","6.1.1","6.1.2","6.1.3","4.3.1"]},"metadata":{"deprecated":true,"deprecated_message":"This module has moved and is now available at @hapi/hoek. Please update your dependencies as this version is no longer maintained an may contain bugs and security issues.","maintainers_count":5,"first_published":"2012-09-16T17:20:24.700Z","last_published":"2019-03-27T00:32:16.115Z","dependencies_count":0,"dependencies":[]},"github_stats":{"stars":483,"forks":178,"open_issues":3,"is_archived":false,"pushed_at":"2026-02-25T07:24:45+00:00"},"bundle":{"size_kb":10.9,"gzip_kb":4.1,"dependency_count":0,"has_js_module":false,"has_side_effects":true,"scoped":false,"source":"bundlephobia"},"typescript":{"score":7,"has_types":true,"types_source":"definitely-typed","types_package":"@types/hoek"},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"find_alternative","issues":["Moderate health score (45/100) — verify manually","1 high severity vulnerabilities","Package is deprecated"],"use_version":"6.1.3","version_hint":"Update to >= 9.0.3 to fix known vulnerabilities","summary":"hoek is deprecated — find an alternative","alternatives":[{"name":"@hapi/hoek","reason":"Deprecation notice: use @hapi/hoek","builtin":false}]},"version_scoped":null,"_meta":{"endpoint":"check","tier":"full","philosophy":"DepScope is free. Use the cheapest endpoint that answers your real question.","cheaper_alternatives":[{"endpoint":"/api/exists/npm/hoek","tokens_estimated":12,"use_when":"you only need to know if the package exists (hallucination guard)"},{"endpoint":"/api/health/npm/hoek","tokens_estimated":80,"use_when":"you only need a 0-100 score for go/no-go (>=70 = safe)"},{"endpoint":"/api/prompt/npm/hoek","tokens_estimated":280,"use_when":"you want a plain-text LLM-friendly brief instead of JSON"},{"endpoint":"POST /api/check_bulk","tokens_estimated":60,"use_when":"you have 5+ packages to check; sends one round-trip instead of N"}],"docs":"https://depscope.dev/integrate","hint_bulk":"You've called /api/check 6 times in 60s. Save bandwidth + tokens with POST /api/check_bulk (1 round-trip for N pkgs)."},"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":true,"criticality_score":null,"criticality_tier":null,"velocity_pct":null,"velocity_trend":null,"publish_security":"signed"},"alternatives_link":{"url":"/api/alternatives/npm/hoek","count":1},"version_history_summary":{"total_versions":20,"first_release_age_days":5019,"last_release_days_ago":2636,"avg_days_between_releases":264,"release_velocity":"stale"}}