Is buffer-from safe to use?

buffer-from has no known vulnerabilities on the latest version (1.1.2). DepScope rates its health at 59/100 (high risk).

What is the latest version of buffer-from?

The latest version of buffer-from is 1.1.2, released 2021-07-29.

Does buffer-from have known vulnerabilities?

No known vulnerabilities on the latest version of buffer-from.

Is buffer-from deprecated?

No, buffer-from is actively maintained. Latest release: 1.1.2 (2021-07-29).

What are alternatives to buffer-from?

Popular alternatives to buffer-from in npm include: ?, semver, debug, ansi-styles, minimatch.

What license does buffer-from use?

buffer-from is licensed under MIT.

buffer-from

npmv1.1.2

A [ponyfill](https://ponyfill.com) for `Buffer.from`, uses native implementation if available.

License MITpermissive7 versions1 maintainers0 deps82,530,063 weekly dl

LinusU/buffer-from

/ 100

Health

use with caution

[email protected] low health (59/100) — consider alternatives

Moderate health score (59/100) — verify manually

Health breakdown0 – 100

0/25

maintenance

20/20

popularity

25/25

security

12/15

maturity

2/15

community

0/15

popularity_floor

Vulnerabilities

none known

Bundle & TypeScript

📦

Bundle Size

1.0 KBminified

0.5 KB gzipped

0 direct dependencies

side effects

🌟

TypeScript

7/10typed

Types from @types/buffer-from (DefinitelyTyped)

OSS Scorecard

OpenSSF security posture score

2.0/10

poor

Maintainer trust

Active maintainers (3m)

Contributors (12m)

GitHub stars

0

Quality signals

OSS Criticality

0.77critical

Download trend

stable(+0.8%)

Publish security

npm signed

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/buffer-from