Is underscore-keypath safe to use?

underscore-keypath has 1 known vulnerabilities on the latest version (0.9.3). DepScope rates its health at 37/100 (critical risk).

What is the latest version of underscore-keypath?

The latest version of underscore-keypath is 0.9.3, released 2016-02-12.

Does underscore-keypath have known vulnerabilities?

Yes. underscore-keypath has 1 known vulnerabilities. See depscope.dev/pkg/npm/underscore-keypath for details.

Is underscore-keypath deprecated?

No, underscore-keypath is actively maintained. Latest release: 0.9.3 (2016-02-12).

What are alternatives to underscore-keypath?

Popular alternatives to underscore-keypath in npm include: debug, chalk, picomatch, source-map, has-flag.

What license does underscore-keypath use?

underscore-keypath is licensed under EPL-1.0.

underscore-keypath

npmv0.9.3

Adds Key-Path mechanism extensions for underscore

License EPL-1.0weak copyleft21 versions1 maintainers1 deps

jeeeyul/underscore-keypath

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Low health score (37/100)
1 high severity vulnerabilities

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

20/25

security

15/15

maturity

2/15

community

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2023-26139	underscore-keypath vulnerable to Prototype Pollution	—

Bundle & TypeScript

🌟

TypeScript

0/10untyped

No type definitions available

Health History

Dependency Tree

License Audit

Dependencies (1)

underscore

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/underscore-keypath