Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

@npmcli/arborist

Ecosystem:
npm
Package URL:
pkg:npm/@npmcli/arborist
Total PRs:
96 Dependabot PRs
Latest PR:
12 days ago
Unique Repositories:
26 repositories
Unique Repos (30 days):
1 repository
Security Advisories
@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following
GHSA-2h3h-q99f-3fhc CVE-2021-39134 HIGH published almost 5 years ago • updated 2 days ago
### Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution `@npmcli/arborist`, the library that calculates dependency...
UNIX Symbolic Link (Symlink) Following in @npmcli/arborist
GHSA-gmw6-94gg-2rc2 CVE-2021-39135 HIGH published almost 5 years ago • updated 2 days ago
### Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution `@npmcli/arborist`, the library that calculates dependency...
Recent PRs
RSS Feed
Bump the npm-dependencies group across 1 directory with 20 updates

brisbanesocialchess/brisbanesocialchess.github.io #1041

9.3.1 → 9.7.0 Minor PR
Open 12 days ago 3 comments
brisbanesocialchess
chore(deps): bump the dependencies group with 2 updates

NodeSecure/scanner #726

9.4.2 → 9.4.3 Patch PR
Open about 1 month ago 2 comments
NodeSecure
fix(deps): bump @npmcli/arborist from 9.4.2 to 9.4.3

arlac77/npm-pkgbuild #2881

9.4.2 → 9.4.3 Patch PR
Open about 2 months ago 1 comment
arlac77
Bump the npm-dependencies group across 1 directory with 18 updates

brisbanesocialchess/brisbanesocialchess.github.io #1034

9.3.1 → 9.4.2 Minor PR
Open 2 months ago 4 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 17 updates

brisbanesocialchess/brisbanesocialchess.github.io #1030

9.3.1 → 9.4.2 Minor PR
Open 3 months ago 4 comments
brisbanesocialchess
chore(deps): bump @npmcli/arborist from 9.4.1 to 9.4.2

webdeveric/validate-package-exports #54

9.4.1 → 9.4.2 Patch PR
Closed 3 months ago 1 comment
webdeveric
chore(deps): bump @npmcli/arborist from 9.4.0 to 9.4.1 in the dependencies group

NodeSecure/scanner #683

9.4.0 → 9.4.1 Patch PR
Open 3 months ago 2 comments
NodeSecure
Bump the npm-dependencies group across 1 directory with 12 updates

brisbanesocialchess/brisbanesocialchess.github.io #1025

9.3.1 → 9.4.1 Minor PR
Closed 3 months ago 6 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 11 updates

brisbanesocialchess/brisbanesocialchess.github.io #1024

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 5 comments
brisbanesocialchess
Bump @npmcli/arborist from 9.4.0 to 9.4.3 in /npm_and_yarn/helpers in the npm-dependencies group across 1 directory

dependabot/dependabot-core #14442

9.4.0 → 9.4.3 Patch PR
Closed 3 months ago 1 comment
dependabot
Bump the npm-dependencies group across 1 directory with 10 updates

brisbanesocialchess/brisbanesocialchess.github.io #1023

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 4 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 8 updates

brisbanesocialchess/brisbanesocialchess.github.io #1020

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 4 comments
brisbanesocialchess
chore(deps): bump the dependencies group with 2 updates

NodeSecure/scanner #661

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 3 comments
NodeSecure
Bump the npm-dependencies group across 1 directory with 6 updates

brisbanesocialchess/brisbanesocialchess.github.io #1019

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 4 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 14 updates

brisbanesocialchess/brisbanesocialchess.github.io #938

9.1.9 → 9.2.0 Minor PR
Open 4 months ago 6 comments
brisbanesocialchess
chore(deps): bump the dependencies group across 1 directory with 2 updates

NodeSecure/scanner #645

9.1.10 → 9.3.0 Minor PR
Open 4 months ago 2 comments
NodeSecure
Bump the npm-dependencies group across 1 directory with 13 updates

brisbanesocialchess/brisbanesocialchess.github.io #937

9.1.9 → 9.2.0 Minor PR
Open 4 months ago 5 comments
brisbanesocialchess
chore(deps): bump the dependencies group with 2 updates

NodeSecure/scanner #630

9.1.9 → 9.1.10 Patch PR
Open 4 months ago 2 comments
NodeSecure
Bump the minor-patch-updates group across 1 directory with 93 updates

integritystl/generator-integrity #93

9.1.9 → 9.1.10 Patch PR
Closed 5 months ago 1 comment
integritystl
Bump the npm-dependencies group across 1 directory with 11 updates

brisbanesocialchess/brisbanesocialchess.github.io #933

9.1.9 → 9.1.10 Patch PR
Open 5 months ago 5 comments
brisbanesocialchess
fix(deps): bump @npmcli/arborist from 9.1.9 to 9.1.10

arlac77/npm-pkgbuild #2778

9.1.9 → 9.1.10 Patch PR
Open 5 months ago 1 comment
arlac77
Bump the minor-patch-updates group across 1 directory with 88 updates

integritystl/generator-integrity #92

9.1.9 → 9.1.10 Patch PR
Closed 5 months ago 1 comment
integritystl
Bump the npm-dependencies group across 1 directory with 16 updates

brisbanesocialchess/brisbanesocialchess.github.io #923

9.1.6 → 9.1.9 Patch PR
Open 5 months ago 6 comments
brisbanesocialchess
Bump @npmcli/arborist from 9.1.8 to 9.1.9

hypothesis/client #7472

9.1.8 → 9.1.9 Patch PR
Open 6 months ago 2 comments
hypothesis
Bump the npm-dependencies group across 1 directory with 15 updates

brisbanesocialchess/brisbanesocialchess.github.io #910

9.1.6 → 9.1.9 Patch PR
Open 6 months ago 6 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 11 updates

brisbanesocialchess/brisbanesocialchess.github.io #902

9.1.6 → 9.1.8 Patch PR
Open 7 months ago 5 comments
brisbanesocialchess
fix(deps): bump @npmcli/arborist from 9.1.7 to 9.1.8

arlac77/npm-pkgbuild #2692

9.1.7 → 9.1.8 Patch PR
Closed 7 months ago 2 comments
arlac77
Bump the npm-dependencies group across 1 directory with 10 updates

brisbanesocialchess/brisbanesocialchess.github.io #900

9.1.6 → 9.1.7 Patch PR
Open 7 months ago 5 comments
brisbanesocialchess
build(deps): bump the npm_and_yarn group across 3 directories with 34 updates

heisenbergv1/react-native-fast-image #1

2.6.4 → 2.10.0 Minor PR
Closed 7 months ago 1 comment
heisenbergv1
chore(deps): bump the dependencies group across 1 directory with 5 updates

NodeSecure/scanner #537

9.1.5 → 9.1.6 Patch PR
Open 8 months ago 1 comment
NodeSecure
chore(deps-dev): bump @npmcli/arborist from 9.1.4 to 9.1.6

AlexanderSkrock/camunda-modeler-code-editor #118

9.1.4 → 9.1.6 Patch PR
Closed 8 months ago 1 comment
AlexanderSkrock
Bump the npm-dependencies group across 1 directory with 3 updates

yeikel/dependabot-core #131

8.0.0 → 9.1.6 Major PR
Closed 8 months ago 1 comment
yeikel
Bump the npm-dependencies group across 1 directory with 3 updates

dependabot/dependabot-core #13280

8.0.0 → 9.1.6 Major PR
Open 8 months ago 5 comments
dependabot
chore(deps-dev): bump @npmcli/arborist from 9.1.4 to 9.1.5

AlexanderSkrock/camunda-modeler-code-editor #112

9.1.4 → 9.1.5 Patch PR
Open 8 months ago
AlexanderSkrock
chore(deps-dev): bump @npmcli/arborist from 9.1.4 to 9.1.5

SocketDev/socket-cli #776

9.1.4 → 9.1.5 Patch PR
Closed 8 months ago 2 comments
SocketDev
Bump the major-updates group across 1 directory with 90 updates

integritystl/generator-integrity #69

7.5.4 → 9.1.5 Major PR
Closed 9 months ago 1 comment
integritystl
chore: bump @npmcli/arborist from 8.0.1 to 9.1.5

zkat/pacote-old #208

8.0.1 → 9.1.5 Major PR
Open 9 months ago 1 comment
zkat
chore(deps): bump the dependencies group across 1 directory with 5 updates

NodeSecure/scanner #525

9.1.4 → 9.1.5 Patch PR
Open 9 months ago
NodeSecure
Bump the npm-dependencies group across 1 directory with 7 updates

brisbanesocialchess/brisbanesocialchess.github.io #756

9.1.4 → 9.1.5 Patch PR
Merged 9 months ago 4 comments
brisbanesocialchess
fix(deps): bump @npmcli/arborist from 9.1.4 to 9.1.5

arlac77/npm-pkgbuild #2612

9.1.4 → 9.1.5 Patch PR
Open 9 months ago 2 comments
arlac77
Bump @npmcli/arborist from 9.1.3 to 9.1.4

hypothesis/client #7330

9.1.3 → 9.1.4 Patch PR
Merged 9 months ago
hypothesis
Bump the npm_and_yarn group across 7 directories with 30 updates

dpschen/astro #1

2.7.1 → 2.10.0 Minor PR
Open 9 months ago
dpschen
chore(deps): bump @npmcli/arborist from 9.1.3 to 9.1.4

tegojs/tego #881

9.1.3 → 9.1.4 Patch PR
Open 9 months ago
tegojs
chore(deps-dev): bump @npmcli/arborist from 9.1.3 to 9.1.4

AlexanderSkrock/camunda-modeler-code-editor #101

9.1.3 → 9.1.4 Patch PR
Merged 9 months ago
AlexanderSkrock
chore(deps): bump the dependencies group with 3 updates

NodeSecure/scanner #519

9.1.3 → 9.1.4 Patch PR
Open 9 months ago 1 comment
NodeSecure
Bump the npm-dependencies group across 1 directory with 2 updates

Safe-app-eth/dependabot-core #63

9.1.3 → 9.1.4 Patch PR
Open 9 months ago
Safe-app-eth
chore: bump @npmcli/arborist from 8.0.1 to 9.1.4

zkat/pacote-old #204

8.0.1 → 9.1.4 Major PR
Open 10 months ago 1 comment
zkat
Bump @npmcli/arborist from 4.3.1 to 9.1.4

Skyflash/skyflash.github.io #266

4.3.1 → 9.1.4 Major PR
Closed 10 months ago 1 comment
Skyflash
Bump @npmcli/arborist from 9.1.3 to 9.1.4 in the npm-dependencies group across 1 directory

brisbanesocialchess/brisbanesocialchess.github.io #560

9.1.3 → 9.1.4 Patch PR
Open 10 months ago 1 comment
brisbanesocialchess
fix(deps): bump @npmcli/arborist from 9.1.3 to 9.1.4

arlac77/npm-pkgbuild #2568

9.1.3 → 9.1.4 Patch PR
Open 10 months ago 1 comment
arlac77
Package Details
Name: @npmcli/arborist
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/@npmcli/arborist
JSON API: View JSON
Security Advisories

2

Active advisories
HIGH 2
View All npm Advisories
Package Information
Description:

Manage node_modules trees

Repository: https://github.com/npm/cli
Homepage: https://github.com/npm/cli#readme
Latest Release: 9.1.1
about 1 year ago
Dependent Repos: 47,641
Dependent Packages: 113
Downloads: 13,061,668
Ranking: Top 0.1472% by dependent repos Top 0.1125% by downloads Top 0.369% by dependent pkgs
PR Status
Open 61 (63.5%)
Merged 12 (12.5%)
Closed 19 (19.8%)
PR Types
Major 28 (29.2%)
Minor 22 (22.9%)
Patch 42 (43.8%)