Is color-convert safe to use?

color-convert has no known vulnerabilities on the latest version (3.1.3). DepScope rates its health at 75/100 (moderate risk).

What is the latest version of color-convert?

The latest version of color-convert is 3.1.3, released 2025-11-14.

Does color-convert have known vulnerabilities?

No known vulnerabilities on the latest version of color-convert.

Is color-convert deprecated?

No, color-convert is actively maintained. Latest release: 3.1.3 (2025-11-14).

What are alternatives to color-convert?

Popular alternatives to color-convert in npm include: ?, semver, minimatch, debug, brace-expansion.

What license does color-convert use?

color-convert is licensed under MIT.

color-convert

npmv3.1.3

Plain color conversion functions

License MITpermissive40 versions1 maintainers1 deps315,506,322 weekly dl

Qix-/color-convert

/ 100

Health

safe to use

[email protected] is safe to use (health: 75/100)

Health breakdown0 – 100

10/25

maintenance

20/20

popularity

25/25

security

15/15

maturity

5/15

community

0/15

popularity_floor

Vulnerabilities

none known

Bundle & TypeScript

📦

Bundle Size

14.4 KBminified

5.4 KB gzipped

1 direct dependencies

side effects

🌟

TypeScript

10/10typed

bundled

OSS Scorecard

OpenSSF security posture score

3.3/10

weak

Maintainer trust

Active maintainers (3m)

1

Contributors (12m)

3

Primary author dominance

60%

GitHub stars

819

single active maintainer 3m

Quality signals

OSS Criticality

0.78critical

Download trend

stable(+1.7%)

Publish security

npm signed

Health History

Dependency Tree

License Audit

Dependencies (1)

color-name

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/color-convert