Is @pnpm/read-project-manifest safe to use?

@pnpm/read-project-manifest has no known vulnerabilities on the latest version (1001.2.6). DepScope rates its health at 71/100 (moderate risk).

What is the latest version of @pnpm/read-project-manifest?

The latest version of @pnpm/read-project-manifest is 1001.2.6, released 2026-03-24.

Does @pnpm/read-project-manifest have known vulnerabilities?

No known vulnerabilities on the latest version of @pnpm/read-project-manifest.

Is @pnpm/read-project-manifest deprecated?

No, @pnpm/read-project-manifest is actively maintained. Latest release: 1001.2.6 (2026-03-24).

What are alternatives to @pnpm/read-project-manifest?

Popular alternatives to @pnpm/read-project-manifest in npm include: semver, ansi-styles, minimatch, debug, brace-expansion.

What license does @pnpm/read-project-manifest use?

@pnpm/read-project-manifest is licensed under MIT.

@pnpm/read-project-manifest

npmv1001.2.6

Read a project manifest (called package.json in most cases)

License MITpermissive111 versions2 maintainers13 deps

pnpm/pnpm.git#main

/ 100

Health

safe to use

@pnpm/[email protected] is safe to use (health: 71/100)

Health breakdown0 – 100

20/25

maintenance

0/20

popularity

25/25

security

15/15

maturity

11/15

community

Vulnerabilities

none known

Bundle & TypeScript

🌟

TypeScript

10/10typed

bundled

Quality signals

Publish security

npm signed

Health History

Dependency Tree

License Audit

Dependencies (13)

@gwhitney/detect-indent fast-deep-equal is-windows json5 parse-json read-yaml-file strip-bom @pnpm/text.comments-parser @pnpm/error @pnpm/graceful-fs @pnpm/types @pnpm/write-project-manifest @pnpm/manifest-utils

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/@pnpm/read-project-manifest