← DepGrade

h3 F

How well maintained is h3? Automated heuristic grade from public registry data. Version 2.0.0 · score 7/100 · graded 2026-07-14 (refreshed on deploy)

DeductionFactorDetail
−65known_vulnerabilities6 open vuln(s) affecting 2.0.0: 2 high, 4 moderate (GHSA-22cc-p3c6-wpvm, GHSA-26f5-8h2x-34xh, GHSA-3vj8-jmxq-cgj5, GHSA-4hxc-9384-m385, GHSA-q5pr-72pq-83v3, GHSA-wr4h-v87w-p3r7)
−25deprecationnpm deprecated: please use 1.x or beta
−3maintainer_countsingle maintainer (bus factor)

Serious risk signals (deprecation and/or unfixed vulnerabilities). Strongly consider an alternative or a pinned, audited fork.

Is your whole dependency tree this healthy?

Run your repo through DepGrade for a free letter grade and README badge, no signup.

DepGrade scores are automated heuristics computed from public data (npm registry, GitHub, OSV.dev). They are provided "as is", without warranty of any kind, and are not security advice, an audit, or a guarantee that a package is safe or unsafe. A good grade doesn't mean a package is free of vulnerabilities; a poor grade doesn't mean it's compromised. Always do your own review before making dependency decisions. DepGrade accepts no liability for decisions made based on these scores.