qinglong B
npm dependency risk grade for whyour/qinglong · score 89/100 · 116 of 116 packages scored · graded 2026-07-14 (refreshed on deploy)
This grade reflects qinglong's npm dependencies (manifest/lockfile), not the project's own code quality or security.
- Grade cap applied: Direct dependency is deprecated: the repo grade cannot exceed B.
Lowest-scoring dependencies
| Package | Version | Score | |
|---|---|---|---|
| D | @otplib/preset-default | 12.0.1 | 57 |
| C | multer | 2.1.1 | 65 |
| C | nodemailer | 8.0.11 | 72 |
| B | ps-tree | 1.2.0 | 82 |
| B | ip2region | 2.3.0 | 82 |
| B | p-queue-cjs | 7.3.4 | 82 |
| B | request-ip | 3.3.0 | 82 |
| B | proper-lockfile | 4.1.2 | 85 |
| B | sockjs | 0.3.24 | 85 |
| B | typedi | 0.10.0 | 85 |
Maintainer of qinglong? Re-run the grade now to update this page's underlying data for free. Grades refresh from live registry and OSV data on every run.
DepGrade scores are automated heuristics computed from public data (npm registry, GitHub, OSV.dev). They are provided "as is", without warranty of any kind, and are not security advice, an audit, or a guarantee that a package is safe or unsafe. A good grade doesn't mean a package is free of vulnerabilities; a poor grade doesn't mean it's compromised. Always do your own review before making dependency decisions. DepGrade accepts no liability for decisions made based on these scores.