Is quill safe to use?

quill has 1 known vulnerabilities on the latest version (2.0.3). DepScope rates its health at 65/100 (moderate risk).

What is the latest version of quill?

The latest version of quill is 2.0.3, released 2024-11-30.

Does quill have known vulnerabilities?

Yes. quill has 1 known vulnerabilities. See depscope.dev/pkg/npm/quill for details.

No, quill is actively maintained. Latest release: 2.0.3 (2024-11-30).

What are alternatives to quill?

Popular alternatives to quill in npm include: debug, lru-cache, string-width, commander, picomatch.

What license does quill use?

quill is licensed under BSD-3-Clause.

quill

npmv2.0.3

Your powerful, rich text editor

License BSD-3-Clausepermissive96 versions2 maintainers4 deps3,583,662 weekly dl

slab/quill

/ 100

Health

safe to use

[email protected] is safe to use (health: 65/100)

Health breakdown0 – 100

5/25

maintenance

17/20

popularity

25/25

security

15/15

maturity

3/15

community

Vulnerabilities

1 low

Advisories (1)

Severity	ID	Summary	Fixed in
low	CVE-2025-15056	Quill is vulnerable to XSS via HTML export feature	—

Bundle & TypeScript

📦

Bundle Size

192.6 KBminified

56.1 KB gzipped

4 direct dependencies

side effects

🌟

TypeScript

10/10typed

bundled

Quality signals

Publish security

npm signed

Health History

Dependency Tree

License Audit

Dependencies (4)

lodash-es parchment quill-delta eventemitter3

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/quill