{"package":"pkg","ecosystem":"npm","latest_version":"5.8.1","description":"Package your Node.js project into an executable","license":"MIT","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://github.com/vercel/pkg#readme","repository":"https://github.com/vercel/pkg","downloads_weekly":245728,"health":{"score":54,"risk":"high","breakdown":{"maintenance":0,"popularity":14,"security":23,"maturity":15,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":1,"critical":0,"high":0,"medium":1,"low":0,"details":[{"vuln_id":"CVE-2024-24828","severity":"medium","summary":"Pkg Local Privilege Escalation","affected_versions":"<=5.8.1","fixed_version":null,"source":"osv","published_at":"2024-02-09T15:20:27Z","in_kev":false,"epss_prob":0.00123,"epss_percentile":0.31052,"threat_tier":"theoretical"}],"actively_exploited_count":0,"likely_exploited_count":0},"versions":{"latest":"5.8.1","total_count":97,"recent":["4.4.9","4.5.0","4.5.1","5.0.0","5.1.0","5.2.0","5.2.1","5.3.0","5.3.1","5.3.2","5.3.3","5.4.0","5.4.1","5.5.0","5.5.1","5.5.2","5.6.0","5.7.0","5.8.0","5.8.1"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":"2012-08-28T11:59:19.842Z","last_published":"2023-03-08T01:20:24.948Z","dependencies_count":14,"dependencies":["@babel/generator","@babel/parser","@babel/types","chalk","fs-extra","globby","into-stream","is-core-module","minimist","multistream","pkg-fetch","prebuild-install","resolve","stream-meter"]},"github_stats":null,"bundle":null,"typescript":{"score":10,"has_types":true,"types_source":"bundled","types_package":null},"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"5.8.1","version_hint":null,"summary":"pkg@5.8.1 is safe to use (health: 54/100)"},"version_scoped":null,"requested_version":null,"_cache":"miss","_response_ms":874,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":4993,"last_release_days_ago":1150,"avg_days_between_releases":263,"release_velocity":"stale"}}