Book a demo →
npm package report

Is bootstrap safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/bootstrap
npm packagelast checked 2026-06-10

bootstrap · verdict ALERT · review advised

4.0/10
XYZ SCORE
SUMMARY

Verdict ALERT · 40 known dependencies · provenance: none found

Re-check live →

SIGNALS
Advisory HistoryclearOK

5 historical advisory record(s) on this package (max severity MODERATE). Add a version to check whether it is affected.

Commit-Level AnalysistriggeredHIGH

Build(deps): Bump the github-actions group with 2 updates (#42335) Bumps the github-actions group with 2 updates: [actions/setup-node](https://github.com/actions/setup-node) and [nuget/setup-nuget](https://github.com/nuget/setup-nuget). Updates `actions/setup-node` from 6.3.0

DEPENDENCIES
astro@^5.7.10clean
astro@^5.9.2clean
astro-auto-import@^0.4.4clean
@astrojs/check@^0.9.4clean
@astrojs/markdown-remark@^6.3.1clean
@astrojs/markdown-remark@^6.3.2clean
@astrojs/mdx@^4.2.6clean
@astrojs/mdx@^4.3.0clean
@astrojs/prism@^3.2.0clean
@astrojs/prism@^3.3.0clean
@astrojs/sitemap@^3.3.1clean
@astrojs/sitemap@^3.4.1clean
autoprefixer@^10.0.2clean
autoprefixer@^10.0.4clean
autoprefixer@^10.2.1clean
autoprefixer@^10.2.4clean
autoprefixer@^10.2.5clean
autoprefixer@^10.2.6clean
autoprefixer@^10.3.6clean
autoprefixer@^10.4.0clean
PACKAGE bootstrapECOSYSTEM npmDECISION ALERT

Baked snapshot · run a live check for the current verdict · browse all packages