Security signals
Signed provenance found
Package has a provenance record signed with Sigstore, confirming its source of origin.
No typosquatting risk
Typosquatting is the risk of installing a malicious package that uses a name similar to a legitimate one.
No starjacking detected
Starjacking can mislead users into trusting a package, hiding malicious code behind inflated popularity.
Vulnerabilities
No vulnerabilities found
Activity health
Contributor activity
| Public repositories of contributors | 1,390 |
| Followers of contributors | 113,000 |
Repository activity
| Repository forks | 27,700 |
| Open issues | 2,690 |
| Repository watchers | 1,460 |
| Number of contributors | 3,570 |
| Repository stars | 130,000 |