Is jwks-rsa safe to use?

jwks-rsa has no known vulnerabilities on the latest version (4.0.1). DepScope rates its health at 90/100 (low risk).

What is the latest version of jwks-rsa?

The latest version of jwks-rsa is 4.0.1, released 2026-03-02.

Does jwks-rsa have known vulnerabilities?

No known vulnerabilities on the latest version of jwks-rsa.

Is jwks-rsa deprecated?

No, jwks-rsa is actively maintained. Latest release: 4.0.1 (2026-03-02).

What are alternatives to jwks-rsa?

Popular alternatives to jwks-rsa in npm include: ?, semver, minimatch, debug, brace-expansion.

What license does jwks-rsa use?

jwks-rsa is licensed under MIT.

jwks-rsa

npmv4.0.1

Library to retrieve RSA public keys from a JWKS endpoint

License MITpermissive46 versions18 maintainers5 deps14,984,094 weekly dl

auth0/node-jwks-rsa

/ 100

Health

safe to use

[email protected] is safe to use (health: 90/100)

Health breakdown0 – 100

25/25

maintenance

20/20

popularity

25/25

security

12/15

maturity

8/15

community

0/15

popularity_floor

Vulnerabilities

Bundle & TypeScript

📦

Bundle Size

109.7 KBminified

31.6 KB gzipped

5 direct dependencies

side effects

🌟

TypeScript

10/10typed

bundled

Quality signals

Download trend

stable(0%)

Publish security

npm attested

Health History

Dependency Tree

License Audit

Dependencies (5)

jose debug limiter lru-memoizer @types/jsonwebtoken

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/jwks-rsa