openpgp

v5.0.0-1

OpenPGP.js is a Javascript implementation of the OpenPGP protocol. This is defined in RFC 4880.

LGPL-3.0
Latest version published 1 month ago
    npm install openpgp
  

Package Health Score

86 / 100
Make sure the open source you're using is safe to use
Secure my Project

Popularity

Popular

Weekly Downloads (37,806)

Dependents
164
GitHub Stars
4.7K
Forks
708
Contributors
90

The npm package openpgp receives a total of 37,806 downloads a week. As such, we scored openpgp popularity level to be Popular.

Based on project statistics from the GitHub repository for the npm package openpgp, we found that it has been starred 4,695 times, and that 164 other projects in the ecosystem are dependent on it.

Downloads are calculated as moving averages for a period of the last 12 months, excluding weekends and known missing data points.

Security

No known security issues
Powered by Snyk

Security and license risk for significant versions

All Versions

Direct Vulnerabilities

2.5.14
2.6.2
3.1.3
4.10.10
5.0.0-1
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L

Indirect Vulnerabilities

2.5.14
2.6.2
3.1.3
4.10.10
5.0.0-1
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L

License Risks

2.5.14
2.6.2
3.1.3
4.10.10
5.0.0-1
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
  • 0
    H
  • 0
    M
  • 0
    L
All security vulnerabilities belong to production dependencies of direct and indirect packages.

License
LGPL-3.0
Alert

Non-Permissive License

We noticed that this project uses a license which requires less permissive conditions such as disclosing the source code, stating changes or redistributing the source under the same license. It is advised to further consult the license terms before use.


Security Policy
No

We found a way for you to contribute to the project! Looks like openpgp is missing a security policy.


You can connect your project's repository to Snyk to stay up to date on security alerts and receive automatic fix pull requests.

    # Install the Snyk CLI and test your project
npm i snyk -g && snyk test openpgp
Keep your project free of vulnerabilities with Snyk

Maintenance

Healthy

Commit Frequency

Open Issues
24
Open PR
2
Last Release
1 month ago
Last Commit
6 days ago

Further analysis of the maintenance status of openpgp based on released npm versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that openpgp demonstrates a positive version release cadence with at least one new version released in the past 3 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Community

Sustainable
Readme.md
Yes
Contributing.md
No
Code of Conduct
No
Contributors
90
Funding
No

With more than 10 contributors for the openpgp repository, this is possibly a sign for a growing and inviting community.

We found a way for you to contribute to the project! Looks like openpgp is missing a Code of Conduct.


Embed Package Health Score Badge

package health: 86/100 package health 86/100

Package

Node.js Compatibility
>= 8.0.0

Age
7 years
Dependencies
1 Direct
Versions
148
Install Size
21 MB
Dist-tags
2
# of Files
29
Maintainers
5
TS Typings
Yes

openpgp has more than a single and default latest tag published for the npm package. This means, there may be other tags available for this package, such as next to indicate future releases, or stable to indicate stable releases.