Is object-extend safe to use?

object-extend has 1 known vulnerabilities on the latest version (0.5.0). DepScope rates its health at 38/100 (critical risk).

What is the latest version of object-extend?

The latest version of object-extend is 0.5.0, released 2013-04-10.

Does object-extend have known vulnerabilities?

Yes. object-extend has 1 known vulnerabilities. See depscope.dev/pkg/npm/object-extend for details.

Is object-extend deprecated?

No, object-extend is actively maintained. Latest release: 0.5.0 (2013-04-10).

What are alternatives to object-extend?

Popular alternatives to object-extend in npm include: ?, semver, minimatch, debug, brace-expansion.

What license does object-extend use?

License information for object-extend is not declared in the registry metadata.

object-extend

npmv0.5.0

A well-tested function to deep extend (or merge) JavaScript objects

1 versions1 maintainers0 deps1,178 weekly dl

bernhardw/object-extend

/ 100

Health

do not use

object-extend has critical vulnerabilities — do not use

Moderate health score (38/100) — verify manually
1 critical vulnerabilities

Health breakdown0 – 100

0/25

maintenance

6/20

popularity

15/25

security

15/15

maturity

2/15

community

Vulnerabilities

1 critical

Advisories (1)

Severity	ID	Summary	Fixed in
critical	CVE-2021-23702	Prototype Pollution in object-extend	—

Bundle & TypeScript

📦

Bundle Size

0.4 KBminified

0.2 KB gzipped

0 direct dependencies

side effects

🌟

TypeScript

0/10untyped

No type definitions available

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/object-extend