Is express-csrf safe to use?

express-csrf has no known vulnerabilities on the latest version (0.3.4). DepScope rates its health at 42/100 (high risk).

What is the latest version of express-csrf?

The latest version of express-csrf is 0.3.4, released 2011-12-20.

Does express-csrf have known vulnerabilities?

No known vulnerabilities on the latest version of express-csrf.

Is express-csrf deprecated?

No, express-csrf is actively maintained. Latest release: 0.3.4 (2011-12-20).

What are alternatives to express-csrf?

Popular alternatives to express-csrf in npm include: semver, minimatch, ansi-styles, debug, brace-expansion.

What license does express-csrf use?

License information for express-csrf is not declared in the registry metadata.

express-csrf

npmv0.3.4

Cross-site request forgery protection for Express

7 versions1 maintainers1 deps

hanssonlarsson/express-csrf

/ 100

Health

use with caution

[email protected] low health (42/100) — consider alternatives

Moderate health score (42/100) — verify manually

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

25/25

security

15/15

maturity

2/15

community

Vulnerabilities

none known

Bundle & TypeScript

🌟

TypeScript

0/10untyped

No type definitions available

Health History

Dependency Tree

License Audit

Dependencies (1)

express

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/express-csrf