Is @tryghost/members-csv safe to use?

@tryghost/members-csv has 1 known vulnerabilities on the latest version (2.0.7). DepScope rates its health at 60/100 (moderate risk).

What is the latest version of @tryghost/members-csv?

The latest version of @tryghost/members-csv is 2.0.7, released 2026-04-27.

Does @tryghost/members-csv have known vulnerabilities?

Yes. @tryghost/members-csv has 1 known vulnerabilities. See depscope.dev/pkg/npm/@tryghost/members-csv for details.

Is @tryghost/members-csv deprecated?

No, @tryghost/members-csv is actively maintained. Latest release: 2.0.7 (2026-04-27).

What are alternatives to @tryghost/members-csv?

Popular alternatives to @tryghost/members-csv in npm include: semver, ansi-styles, minimatch, debug, brace-expansion.

What license does @tryghost/members-csv use?

@tryghost/members-csv is licensed under MIT.

@tryghost/members-csv

npmv2.0.7

There are 2 parts to this package: CSV to JSON serialization and JSON to CSV serialization. The module exposes 2 methods to fulfil these: `parse` and `unparse` respectively.

License MITpermissive52 versions30 maintainers4 deps6,723 weekly dl

TryGhost/SDK

/ 100

Health

update required

@tryghost/[email protected] has vulnerabilities — update to latest

Update to >= 5.82.0 to fix known vulnerabilities

Moderate health score (60/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

25/25

maintenance

6/20

popularity

20/25

security

15/15

maturity

5/15

community

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	BIT-ghost-2024-34448	Ghost allows CSV Injection during member CSV export	5.82.0

Bundle & TypeScript

🌟

TypeScript

0/10untyped

No type definitions available

Health History

Dependency Tree

License Audit

Dependencies (4)

fs-extra lodash papaparse pump

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@tryghost/members-csv