Is csrf-tokens safe to use?

csrf-tokens has no known vulnerabilities on the latest version (2.0.0). DepScope rates its health at 49/100 (high risk).

What is the latest version of csrf-tokens?

The latest version of csrf-tokens is 2.0.0, released 2014-06-18.

Does csrf-tokens have known vulnerabilities?

No known vulnerabilities on the latest version of csrf-tokens.

Is csrf-tokens deprecated?

No, csrf-tokens is actively maintained. Latest release: 2.0.0 (2014-06-18).

What are alternatives to csrf-tokens?

Popular alternatives to csrf-tokens in npm include: ?, semver, minimatch, debug, brace-expansion.

What license does csrf-tokens use?

csrf-tokens is licensed under MIT.

csrf-tokens

npmv2.0.0

primary logic behind csrf tokens

License MITpermissive6 versions2 maintainers4 deps5,170 weekly dl

expressjs/csrf-tokens

/ 100

Health

use with caution

[email protected] low health (49/100) — consider alternatives

Moderate health score (49/100) — verify manually

Health breakdown0 – 100

0/25

maintenance

6/20

popularity

25/25

security

15/15

maturity

3/15

community

Vulnerabilities

none known

Bundle & TypeScript

🌟

TypeScript

0/10untyped

No type definitions available

Health History

Dependency Tree

License Audit

Dependencies (4)

rndm scmp uid-safe base64-url

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/csrf-tokens