Is github.com/goreleaser/nfpm safe to use?

github.com/goreleaser/nfpm has 1 known vulnerabilities on the latest version (v1.10.3). DepScope rates its health at 46/100 (high risk).

What is the latest version of github.com/goreleaser/nfpm?

The latest version of github.com/goreleaser/nfpm is v1.10.3, released 2020-12-09.

Yes. github.com/goreleaser/nfpm has 1 known vulnerabilities. See depscope.dev/pkg/go/github.com/goreleaser/nfpm for details.

No, github.com/goreleaser/nfpm is actively maintained. Latest release: v1.10.3 (2020-12-09).

DepScope has no curated alternatives for github.com/goreleaser/nfpm at this time.

github.com/goreleaser/nfpm is licensed under MIT.

govv1.10.3

nFPM is Not FPM - a simple deb, rpm, apk, ipk, and arch linux packager written in Go

License MITpermissive73 versions89 maintainers0 deps2,535 weekly dl

/ 100

Health

update required

github.com/goreleaser/[email protected] has vulnerabilities — update to latest

Update to >= 2.29.0 to fix known vulnerabilities

Health breakdown0 – 100

0/25

maintenance

6/20

popularity

20/25

security

15/15

maturity

5/15

community

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2023-32698	nfpm has incorrect default permissions	2.29.0

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/go/github.com/goreleaser/nfpm

Last updated · 2020-12-09T18:28:30Z