Is postcss-value-parser safe to use?

postcss-value-parser has no known vulnerabilities on the latest version (4.2.0). DepScope rates its health at 66/100 (moderate risk).

What is the latest version of postcss-value-parser?

The latest version of postcss-value-parser is 4.2.0, released 2021-11-29.

Does postcss-value-parser have known vulnerabilities?

No known vulnerabilities on the latest version of postcss-value-parser.

Is postcss-value-parser deprecated?

No, postcss-value-parser is actively maintained. Latest release: 4.2.0 (2021-11-29).

What are alternatives to postcss-value-parser?

Popular alternatives to postcss-value-parser in npm include: ?, semver, debug, ansi-styles, minimatch.

What license does postcss-value-parser use?

postcss-value-parser is licensed under MIT.

postcss-value-parser

npmv4.2.0

Transforms css values and at-rule params into the tree

License MITpermissive36 versions3 maintainers0 deps97,291,435 weekly dl

TrySound/postcss-value-parser

/ 100

Health

use with caution

[email protected] low health (66/100) — consider alternatives

Moderate health score (66/100) — verify manually

Health breakdown0 – 100

0/25

maintenance

20/20

popularity

25/25

security

15/15

maturity

6/15

community

0/15

popularity_floor

Vulnerabilities

none known

Bundle & TypeScript

📦

Bundle Size

4.8 KBminified

1.7 KB gzipped

0 direct dependencies

side effects

🌟

TypeScript

10/10typed

bundled

OSS Scorecard

OpenSSF security posture score

2.0/10

poor

Maintainer trust

Active maintainers (3m)

Contributors (12m)

GitHub stars

0

Quality signals

OSS Criticality

0.82critical

Download trend

stable(+3.8%)

Publish security

npm signed

Health History

Dependency Tree

License Audit

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/postcss-value-parser