Is babel-traverse safe to use?

babel-traverse has 1 known vulnerabilities on the latest version (6.26.0). DepScope rates its health at 40/100 (high risk).

What is the latest version of babel-traverse?

The latest version of babel-traverse is 6.26.0, released 2017-08-16.

Does babel-traverse have known vulnerabilities?

Yes. babel-traverse has 1 known vulnerabilities. See depscope.dev/pkg/npm/babel-traverse for details.

Is babel-traverse deprecated?

No, babel-traverse is actively maintained. Latest release: 6.26.0 (2017-08-16).

What are alternatives to babel-traverse?

Popular alternatives to babel-traverse in npm include: ?, semver, minimatch, debug, brace-expansion.

What license does babel-traverse use?

babel-traverse is licensed under MIT.

babel-traverse

npmv6.26.0

The Babel Traverse module maintains the overall tree state, and is responsible for replacing, removing, and adding nodes

License MITpermissive78 versions3 maintainers9 deps3,708,774 weekly dl

babel/babel

/ 100

Health

do not use

babel-traverse has critical vulnerabilities — do not use

Update to >= 8.0.0-alpha.4 to fix known vulnerabilities

Moderate health score (40/100) — verify manually
1 critical vulnerabilities

Health breakdown0 – 100

25/25

maintenance

17/20

popularity

15/25

security

15/15

maturity

12/15

community

0/15

popularity_floor

Vulnerabilities

1 critical

Advisories (1)

Severity	ID	Summary	Fixed in
critical	CVE-2023-45133	Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code	8.0.0-alpha.4

Bundle & TypeScript

📦

Bundle Size

307.6 KBminified

80.1 KB gzipped

9 direct dependencies

side effects

🌟

TypeScript

7/10typed

Types from @types/babel-traverse (DefinitelyTyped)

Quality signals

OSS Criticality

0.73critical

Health History

Dependency Tree

License Audit

Dependencies (9)

babel-code-frame babel-messages babel-runtime babel-types babylon debug globals invariant lodash

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/babel-traverse