Is babel-traverse safe to use?

babel-traverse has 1 known vulnerabilities on the latest version (6.26.0). DepScope rates its health at 34/100 (critical risk).

What is the latest version of babel-traverse?

The latest version of babel-traverse is 6.26.0, released 2017-08-16.

Does babel-traverse have known vulnerabilities?

Yes. babel-traverse has 1 known vulnerabilities. See depscope.dev/pkg/npm/babel-traverse for details.

Is babel-traverse deprecated?

No, babel-traverse is actively maintained. Latest release: 6.26.0 (2017-08-16).

What are alternatives to babel-traverse?

Popular alternatives to babel-traverse in npm include: debug, minimatch, ansi-styles, brace-expansion, strip-ansi.

What license does babel-traverse use?

babel-traverse is licensed under MIT.

babel-traverse

npmv6.26.0

The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes

License MITpermissive78 versions3 maintainers9 deps

babel/babel/tree/master/packages/babel-traverse

/ 100

Health

do not use

babel-traverse has critical vulnerabilities — do not use

Update to >= 8.0.0-alpha.4 to fix known vulnerabilities

Low health score (34/100)
1 critical vulnerabilities

Health breakdown0 – 100

0/25

maintenance

0/20

popularity

15/25

security

15/15

maturity

4/15

community

Vulnerabilities

1 critical

Advisories (1)

Severity	ID	Summary	Fixed in
critical	CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	8.0.0-alpha.4

Bundle & TypeScript

🌟

TypeScript

7/10typed

Types from @types/babel-traverse (DefinitelyTyped)

Quality signals

OSS Criticality

0.73critical

Health History

Dependency Tree

License Audit

Dependencies (9)

babel-code-frame babel-messages babel-runtime babel-types babylon debug globals invariant lodash

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/babel-traverse