Is module-from-string safe to use?

module-from-string has 1 known vulnerabilities on the latest version (3.3.1). DepScope rates its health at 49/100 (high risk).

What is the latest version of module-from-string?

The latest version of module-from-string is 3.3.1, released 2024-07-29.

Does module-from-string have known vulnerabilities?

Yes. module-from-string has 1 known vulnerabilities. See depscope.dev/pkg/npm/module-from-string for details.

Is module-from-string deprecated?

No, module-from-string is actively maintained. Latest release: 3.3.1 (2024-07-29).

What are alternatives to module-from-string?

Popular alternatives to module-from-string in npm include: semver, debug, ansi-styles, minimatch, brace-expansion.

What license does module-from-string use?

module-from-string is licensed under MIT.

module-from-string

npmv3.3.1

Load module from string using require or import.

License MITpermissive21 versions1 maintainers2 deps51,772 weekly dl

exuanbo/module-from-string

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Moderate health score (49/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

5/25

maintenance

10/20

popularity

20/25

security

12/15

maturity

2/15

community

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2024-57072	module-from-string prototype pollution	—

Bundle & TypeScript

🌟

TypeScript

10/10typed

bundled

Health History

Dependency Tree

License Audit

Dependencies (2)

esbuild nanoid

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/module-from-string