Is @pnpm/cafs safe to use?

@pnpm/cafs has 1 known vulnerabilities on the latest version (7.0.5). DepScope rates its health at 56/100 (high risk).

What is the latest version of @pnpm/cafs?

The latest version of @pnpm/cafs is 7.0.5, released 2023-07-17.

Does @pnpm/cafs have known vulnerabilities?

Yes. @pnpm/cafs has 1 known vulnerabilities. See depscope.dev/pkg/npm/@pnpm/cafs for details.

Is @pnpm/cafs deprecated?

No, @pnpm/cafs is actively maintained. Latest release: 7.0.5 (2023-07-17).

What are alternatives to @pnpm/cafs?

Popular alternatives to @pnpm/cafs in npm include: semver, ansi-styles, debug, minimatch, brace-expansion.

What license does @pnpm/cafs use?

@pnpm/cafs is licensed under MIT.

@pnpm/cafs

npmv7.0.5

A content-addressable filesystem for the packages storage

License MITpermissive74 versions2 maintainers14 deps41,244 weekly dl

pnpm/pnpm/blob/main/store/cafs

/ 100

Health

update required

@pnpm/[email protected] has vulnerabilities — update to latest

Update to >= 8.6.8 to fix known vulnerabilities

1 high severity vulnerabilities

Health breakdown0 – 100

0/25

maintenance

10/20

popularity

20/25

security

15/15

maturity

11/15

community

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2023-37478	pnpm incorrectly parses tar archives relative to specification	8.6.8

Bundle & TypeScript

🌟

TypeScript

10/10typed

bundled

Health History

Dependency Tree

License Audit

Dependencies (14)

@zkochan/rimraf concat-stream get-stream gunzip-maybe p-limit path-temp rename-overwrite safe-promise-defer ssri strip-bom tar-stream @pnpm/fetcher-base @pnpm/graceful-fs @pnpm/store-controller-types

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@pnpm/cafs