← DepGrade

decompress F

How well maintained is decompress? Automated heuristic grade from public registry data. Version 4.2.1 · score 45/100 · graded 2026-07-14 (refreshed on deploy)

DeductionFactorDetail
−40known_vulnerabilities1 open vuln(s) affecting 4.2.1: 1 critical (GHSA-mp2f-45pm-3cg9)
−15stalenesslast publish 75 months ago

Serious risk signals (deprecation and/or unfixed vulnerabilities). Strongly consider an alternative or a pinned, audited fork.

Is your whole dependency tree this healthy?

Run your repo through DepGrade for a free letter grade and README badge, no signup.

DepGrade scores are automated heuristics computed from public data (npm registry, GitHub, OSV.dev). They are provided "as is", without warranty of any kind, and are not security advice, an audit, or a guarantee that a package is safe or unsafe. A good grade doesn't mean a package is free of vulnerabilities; a poor grade doesn't mean it's compromised. Always do your own review before making dependency decisions. DepGrade accepts no liability for decisions made based on these scores.