Is @backstage/plugin-scaffolder-backend safe to use?

@backstage/plugin-scaffolder-backend has 1 known vulnerabilities on the latest version (3.0.3). DepScope rates its health at 83/100 (low risk).

What is the latest version of @backstage/plugin-scaffolder-backend?

The latest version of @backstage/plugin-scaffolder-backend is 3.0.3, released 2026-04-16.

Yes. @backstage/plugin-scaffolder-backend has 1 known vulnerabilities. See depscope.dev/pkg/npm/@backstage/plugin-scaffolder-backend for details.

No, @backstage/plugin-scaffolder-backend is actively maintained. Latest release: 3.0.3 (2026-04-16).

Popular alternatives to @backstage/plugin-scaffolder-backend in npm include: semver, ansi-styles, debug, minimatch, brace-expansion.

@backstage/plugin-scaffolder-backend is licensed under Apache-2.0.

npmv3.0.3

The Backstage backend plugin that helps you create new things

License Apache-2.0permissive2017 versions3 maintainers50 deps111,850 weekly dl

/ 100

Health

safe to use

@backstage/[email protected] is safe to use (health: 83/100)

Update to >= 3.1.4 to fix known vulnerabilities

Health breakdown0 – 100

25/25

maintenance

14/20

popularity

25/25

security

15/15

maturity

4/15

community

Vulnerabilities

1 low

Advisories (1)

Severity	ID	Summary	Fixed in
low	CVE-2026-29184	@backstage/plugin-scaffolder-backend Vulnerable to Potential Session Token Exfiltration via Log Redaction Bypass	3.1.4

🌟

10/10typed

bundled

Dependencies (50)

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@backstage/plugin-scaffolder-backend