Is @alexbinary/object-deep-assign safe to use?

@alexbinary/object-deep-assign has 1 known vulnerabilities on the latest version (1.0.11). DepScope rates its health at 37/100 (critical risk).

What is the latest version of @alexbinary/object-deep-assign?

The latest version of @alexbinary/object-deep-assign is 1.0.11, released 2017-01-20.

Yes. @alexbinary/object-deep-assign has 1 known vulnerabilities. See depscope.dev/pkg/npm/@alexbinary/object-deep-assign for details.

No, @alexbinary/object-deep-assign is actively maintained. Latest release: 1.0.11 (2017-01-20).

Popular alternatives to @alexbinary/object-deep-assign in npm include: debug, lru-cache, string-width, commander, glob.

@alexbinary/object-deep-assign is licensed under MIT.

npmv1.0.11

Like `Object.assign()` but deep 😱

License MITpermissive10 versions1 maintainers0 deps

/ 100

Health

use with caution

@alexbinary/[email protected] low health (37/100) — consider alternatives

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

23/25

security

12/15

maturity

2/15

community

Vulnerabilities

1 medium

Advisories (1)

Severity	ID	Summary	Fixed in
medium	CVE-2024-36582	object-deep-assign Prototype Pollution	—

🌟

0/10untyped

No type definitions available

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@alexbinary/object-deep-assign