Data

Tools

Indexes

Applications

Experiments

Dependabot

An open index of dependabot pull requests across open source projects.

@npmcli/arborist

Ecosystem:
npm
Package URL:
pkg:npm/@npmcli/arborist
Total PRs:
96 Dependabot PRs
Latest PR:
13 days ago
Unique Repositories:
26 repositories
Unique Repos (30 days):
1 repository
Security Advisories
@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following
GHSA-2h3h-q99f-3fhc CVE-2021-39134 HIGH published almost 5 years ago • updated about 8 hours ago
### Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution `@npmcli/arborist`, the library that calculates dependency...
UNIX Symbolic Link (Symlink) Following in @npmcli/arborist
GHSA-gmw6-94gg-2rc2 CVE-2021-39135 HIGH published almost 5 years ago • updated about 8 hours ago
### Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution `@npmcli/arborist`, the library that calculates dependency...
Recent PRs (filtered by: Open )
RSS Feed Clear filter
Bump the npm-dependencies group across 1 directory with 20 updates

brisbanesocialchess/brisbanesocialchess.github.io #1041

9.3.1 → 9.7.0 Minor PR
Open 13 days ago 3 comments
brisbanesocialchess
chore(deps): bump the dependencies group with 2 updates

NodeSecure/scanner #726

9.4.2 → 9.4.3 Patch PR
Open about 1 month ago 2 comments
NodeSecure
fix(deps): bump @npmcli/arborist from 9.4.2 to 9.4.3

arlac77/npm-pkgbuild #2881

9.4.2 → 9.4.3 Patch PR
Open about 2 months ago 1 comment
arlac77
Bump the npm-dependencies group across 1 directory with 18 updates

brisbanesocialchess/brisbanesocialchess.github.io #1034

9.3.1 → 9.4.2 Minor PR
Open 2 months ago 4 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 17 updates

brisbanesocialchess/brisbanesocialchess.github.io #1030

9.3.1 → 9.4.2 Minor PR
Open 3 months ago 4 comments
brisbanesocialchess
chore(deps): bump @npmcli/arborist from 9.4.0 to 9.4.1 in the dependencies group

NodeSecure/scanner #683

9.4.0 → 9.4.1 Patch PR
Open 3 months ago 2 comments
NodeSecure
Bump the npm-dependencies group across 1 directory with 11 updates

brisbanesocialchess/brisbanesocialchess.github.io #1024

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 5 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 10 updates

brisbanesocialchess/brisbanesocialchess.github.io #1023

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 4 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 8 updates

brisbanesocialchess/brisbanesocialchess.github.io #1020

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 4 comments
brisbanesocialchess
chore(deps): bump the dependencies group with 2 updates

NodeSecure/scanner #661

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 3 comments
NodeSecure
Bump the npm-dependencies group across 1 directory with 6 updates

brisbanesocialchess/brisbanesocialchess.github.io #1019

9.3.1 → 9.4.0 Minor PR
Open 3 months ago 4 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 14 updates

brisbanesocialchess/brisbanesocialchess.github.io #938

9.1.9 → 9.2.0 Minor PR
Open 4 months ago 6 comments
brisbanesocialchess
chore(deps): bump the dependencies group across 1 directory with 2 updates

NodeSecure/scanner #645

9.1.10 → 9.3.0 Minor PR
Open 4 months ago 2 comments
NodeSecure
Bump the npm-dependencies group across 1 directory with 13 updates

brisbanesocialchess/brisbanesocialchess.github.io #937

9.1.9 → 9.2.0 Minor PR
Open 4 months ago 5 comments
brisbanesocialchess
chore(deps): bump the dependencies group with 2 updates

NodeSecure/scanner #630

9.1.9 → 9.1.10 Patch PR
Open 5 months ago 2 comments
NodeSecure
Bump the npm-dependencies group across 1 directory with 11 updates

brisbanesocialchess/brisbanesocialchess.github.io #933

9.1.9 → 9.1.10 Patch PR
Open 5 months ago 5 comments
brisbanesocialchess
fix(deps): bump @npmcli/arborist from 9.1.9 to 9.1.10

arlac77/npm-pkgbuild #2778

9.1.9 → 9.1.10 Patch PR
Open 5 months ago 1 comment
arlac77
Bump the npm-dependencies group across 1 directory with 16 updates

brisbanesocialchess/brisbanesocialchess.github.io #923

9.1.6 → 9.1.9 Patch PR
Open 5 months ago 6 comments
brisbanesocialchess
Bump @npmcli/arborist from 9.1.8 to 9.1.9

hypothesis/client #7472

9.1.8 → 9.1.9 Patch PR
Open 6 months ago 2 comments
hypothesis
Bump the npm-dependencies group across 1 directory with 15 updates

brisbanesocialchess/brisbanesocialchess.github.io #910

9.1.6 → 9.1.9 Patch PR
Open 6 months ago 6 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 11 updates

brisbanesocialchess/brisbanesocialchess.github.io #902

9.1.6 → 9.1.8 Patch PR
Open 7 months ago 5 comments
brisbanesocialchess
Bump the npm-dependencies group across 1 directory with 10 updates

brisbanesocialchess/brisbanesocialchess.github.io #900

9.1.6 → 9.1.7 Patch PR
Open 7 months ago 5 comments
brisbanesocialchess
chore(deps): bump the dependencies group across 1 directory with 5 updates

NodeSecure/scanner #537

9.1.5 → 9.1.6 Patch PR
Open 8 months ago 1 comment
NodeSecure
Bump the npm-dependencies group across 1 directory with 3 updates

dependabot/dependabot-core #13280

8.0.0 → 9.1.6 Major PR
Open 8 months ago 5 comments
dependabot
chore(deps-dev): bump @npmcli/arborist from 9.1.4 to 9.1.5

AlexanderSkrock/camunda-modeler-code-editor #112

9.1.4 → 9.1.5 Patch PR
Open 8 months ago
AlexanderSkrock
chore: bump @npmcli/arborist from 8.0.1 to 9.1.5

zkat/pacote-old #208

8.0.1 → 9.1.5 Major PR
Open 9 months ago 1 comment
zkat
chore(deps): bump the dependencies group across 1 directory with 5 updates

NodeSecure/scanner #525

9.1.4 → 9.1.5 Patch PR
Open 9 months ago
NodeSecure
fix(deps): bump @npmcli/arborist from 9.1.4 to 9.1.5

arlac77/npm-pkgbuild #2612

9.1.4 → 9.1.5 Patch PR
Open 9 months ago 2 comments
arlac77
Bump the npm_and_yarn group across 7 directories with 30 updates

dpschen/astro #1

2.7.1 → 2.10.0 Minor PR
Open 9 months ago
dpschen
chore(deps): bump @npmcli/arborist from 9.1.3 to 9.1.4

tegojs/tego #881

9.1.3 → 9.1.4 Patch PR
Open 9 months ago
tegojs
chore(deps): bump the dependencies group with 3 updates

NodeSecure/scanner #519

9.1.3 → 9.1.4 Patch PR
Open 9 months ago 1 comment
NodeSecure
Bump the npm-dependencies group across 1 directory with 2 updates

Safe-app-eth/dependabot-core #63

9.1.3 → 9.1.4 Patch PR
Open 9 months ago
Safe-app-eth
chore: bump @npmcli/arborist from 8.0.1 to 9.1.4

zkat/pacote-old #204

8.0.1 → 9.1.4 Major PR
Open 10 months ago 1 comment
zkat
Bump @npmcli/arborist from 9.1.3 to 9.1.4 in the npm-dependencies group across 1 directory

brisbanesocialchess/brisbanesocialchess.github.io #560

9.1.3 → 9.1.4 Patch PR
Open 10 months ago 1 comment
brisbanesocialchess
fix(deps): bump @npmcli/arborist from 9.1.3 to 9.1.4

arlac77/npm-pkgbuild #2568

9.1.3 → 9.1.4 Patch PR
Open 10 months ago 1 comment
arlac77
Bump the npm-dependencies group in /npm_and_yarn/helpers with 2 updates

yeikel/dependabot-core #93

8.0.0 → 9.1.3 Major PR
Open 10 months ago 1 comment
yeikel
Bump the npm-dependencies group in /npm_and_yarn/helpers with 3 updates

whartondylan/Dependabot #22

8.0.0 → 9.1.3 Major PR
Open 10 months ago
whartondylan
chore(deps): bump the dependencies group with 4 updates

NodeSecure/scanner #507

9.1.2 → 9.1.3 Patch PR
Open 11 months ago 2 comments
NodeSecure
Bump the npm-dependencies group across 1 directory with 2 updates

dependabot/dependabot-core #12771

8.0.0 → 9.1.3 Major PR
Open 11 months ago
dependabot
Bump the npm-dependencies group across 1 directory with 2 updates

Familyfirst4/dependabot-core #337

8.0.0 → 9.1.3 Major PR
Open 11 months ago
Familyfirst4
chore(deps): bump @npmcli/arborist from 9.1.2 to 9.1.3

tegojs/tego #751

9.1.2 → 9.1.3 Patch PR
Open 11 months ago
tegojs
chore(deps-dev): bump @npmcli/arborist from 9.1.1 to 9.1.3

AlexanderSkrock/camunda-modeler-code-editor #79

9.1.1 → 9.1.3 Patch PR
Open 11 months ago
AlexanderSkrock
Bump the npm-dependencies group across 1 directory with 3 updates

roseteromeo56/dependabot-core #121

9.1.2 → 9.1.3 Patch PR
Open 11 months ago
roseteromeo56
chore: bump @npmcli/arborist from 8.0.1 to 9.1.3

zkat/pacote-old #197

8.0.1 → 9.1.3 Major PR
Open 11 months ago 1 comment
zkat
Bump @npmcli/arborist from 4.3.1 to 9.1.3

Skyflash/skyflash.github.io #262

4.3.1 → 9.1.3 Major PR
Open 11 months ago
Skyflash
Bump the npm-dependencies group in /npm_and_yarn/helpers with 3 updates

Ronel0810/Ruby_bot #15

8.0.0 → 9.1.2 Major PR
Open 12 months ago
Ronel0810
Bump @npmcli/arborist from 9.1.1 to 9.1.2

hypothesis/client #7165

9.1.1 → 9.1.2 Patch PR
Open about 1 year ago
hypothesis
Bump the npm-dependencies group across 1 directory with 2 updates

roseteromeo56/dependabot-core #65

9.1.1 → 9.1.2 Patch PR
Open about 1 year ago
roseteromeo56
chore: bump @npmcli/arborist from 8.0.0 to 9.1.2

zkat/pacote-old #189

8.0.0 → 9.1.2 Major PR
Open about 1 year ago 1 comment
zkat
chore(deps-dev): bump @npmcli/arborist from 9.0.2 to 9.1.1

AlexanderSkrock/camunda-modeler-code-editor #50

9.0.2 → 9.1.1 Minor PR
Open about 1 year ago
AlexanderSkrock
Package Details
Name: @npmcli/arborist
Ecosystem: npm
PURL Type: npm
Package URL: pkg:npm/@npmcli/arborist
JSON API: View JSON
Security Advisories

2

Active advisories
HIGH 2
View All npm Advisories
Package Information
Description:

Manage node_modules trees

Repository: https://github.com/npm/cli
Homepage: https://github.com/npm/cli#readme
Latest Release: 9.1.1
about 1 year ago
Dependent Repos: 47,641
Dependent Packages: 113
Downloads: 13,061,668
Ranking: Top 0.1472% by dependent repos Top 0.1125% by downloads Top 0.369% by dependent pkgs
PR Status
Open 61 (63.5%)
Merged 12 (12.5%)
Closed 19 (19.8%)
PR Types
Major 28 (29.2%)
Minor 22 (22.9%)
Patch 42 (43.8%)