{"package":"nanotar","ecosystem":"npm","latest_version":"0.3.0","description":"Tiny and fast Tar utils for any JavaScript runtime!","license":"MIT","homepage":"https://github.com/unjs/nanotar#readme","repository":"https://github.com/unjs/nanotar","downloads_weekly":1208751,"health":{"score":70,"risk":"moderate","breakdown":{"maintenance":20,"popularity":17,"security":25,"maturity":6,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":0,"low":1,"details":[{"vuln_id":"CVE-2025-69874","severity":"unknown","summary":"nanotar is vulnerable to path traversal in parseTar() and parseTarGzip()","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2026-02-11T18:31:30Z","in_kev":false,"epss_prob":0.00121,"epss_percentile":0.31045,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"0.3.0","total_count":5,"recent":["0.0.0","0.1.1","0.2.0","0.3.0","0.2.1"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":"2023-12-09T00:17:49.087Z","last_published":"2026-02-11T22:54:51.267Z","dependencies_count":0,"dependencies":[]},"bundle":{"size_kb":4.0,"gzip_kb":1.8,"dependency_count":0,"has_js_module":"./dist/index.mjs","has_side_effects":false,"scoped":false,"source":"bundlephobia"},"typescript":{"score":10,"has_types":true,"types_source":"bundled","types_package":null},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"recommendation":{"action":"safe_to_use","issues":[],"use_version":"0.3.0","version_hint":null,"summary":"nanotar@0.3.0 is safe to use (health: 70/100)"},"requested_version":null,"_cache":"miss","_response_ms":845,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false}}