Is compression safe to use?

compression has no known vulnerabilities on the latest version (1.8.1). DepScope rates its health at 84/100 (low risk).

What is the latest version of compression?

The latest version of compression is 1.8.1, released 2025-07-17.

Does compression have known vulnerabilities?

No known vulnerabilities on the latest version of compression.

Is compression deprecated?

No, compression is actively maintained. Latest release: 1.8.1 (2025-07-17).

What are alternatives to compression?

Popular alternatives to compression in npm include: ?, semver, minimatch, debug, brace-expansion.

What license does compression use?

compression is licensed under MIT.

compression

npmv1.8.1

Node.js compression middleware

License MITpermissive39 versions3 maintainers7 deps36,713,169 weekly dl

expressjs/compression

/ 100

Health

safe to use

[email protected] is safe to use (health: 84/100)

Health breakdown0 – 100

15/25

maintenance

20/20

popularity

25/25

security

15/15

maturity

9/15

community

0/15

popularity_floor

Vulnerabilities

none known

Bundle & TypeScript

📦

Bundle Size

173.7 KBminified

28.8 KB gzipped

7 direct dependencies

side effects

🌟

TypeScript

7/10typed

Types from @types/compression (DefinitelyTyped)

Health History

Dependency Tree

License Audit

Dependencies (7)

vary bytes debug negotiator on-headers safe-buffer compressible

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/compression