Is @asyncapi/modelina safe to use?

@asyncapi/modelina has no known vulnerabilities on the latest version (5.10.1). DepScope rates its health at 54/100 (high risk).

What is the latest version of @asyncapi/modelina?

The latest version of @asyncapi/modelina is 5.10.1, released 2025-10-19.

Does @asyncapi/modelina have known vulnerabilities?

No known vulnerabilities on the latest version of @asyncapi/modelina.

Is @asyncapi/modelina deprecated?

No, @asyncapi/modelina is actively maintained. Latest release: 5.10.1 (2025-10-19).

What are alternatives to @asyncapi/modelina?

Popular alternatives to @asyncapi/modelina in npm include: debug, lru-cache, string-width, commander, picomatch.

What license does @asyncapi/modelina use?

@asyncapi/modelina is licensed under Apache-2.0.

@asyncapi/modelina

npmv5.10.1

Library for generating data models based on inputs such as AsyncAPI, OpenAPI, JSON Schema, XSD, or Avro documents

License Apache-2.0permissive403 versions3 maintainers10 deps

git://github.com/asyncapi/modelina

/ 100

Health

do not use

Do not install. Package is flagged as malicious (advisory MAL-2025-190638).

Health breakdown0 – 100

10/25

maintenance

0/20

popularity

25/25

security

15/15

maturity

4/15

community

Vulnerabilities

none known

Bundle & TypeScript

🌟

TypeScript

10/10typed

bundled

⚠ Malicious package

This package is flagged as malicious by the OpenSSF/OSV community feed. Do not install.

Advisory: MAL-2025-190638 — Malicious code in @asyncapi/modelina (npm)

Health History

Dependency Tree

License Audit

Dependencies (10)

js-yaml alterschema change-case openapi-types fast-xml-parser @asyncapi/parser @asyncapi/multi-parser typescript-json-schema @apidevtools/swagger-parser @apidevtools/json-schema-ref-parser

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@asyncapi/modelina