Book a demo →
npm package report

Is js-yaml safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/js-yaml
npm packagelast checked 2026-06-10

js-yaml · verdict ALLOW · no known risk

0.6/10
XYZ SCORE
SUMMARY

Verdict ALLOW · 40 known dependencies · provenance: unknown

Re-check live →

SIGNALS
Advisory HistoryclearOK

4 historical advisory record(s) on this package (max severity CRITICAL). Add a version to check whether it is affected.

DEPENDENCIES
ansi@*clean
ansi@^0.3.1clean
argparse@~ 0.1.11clean
argparse@~ 0.1.3clean
argparse@~ 1.0.0clean
argparse@^1.0.2clean
argparse@~1.0.2clean
argparse@^1.0.7clean
argparse@^2.0.1clean
benchmark@*clean
benchmark@^2.1.4clean
browserify@^13.0.0clean
browserify@^14.3.0clean
browserify@^16.2.2clean
codemirror@^5.10.0clean
codemirror@^5.13.4clean
eslint@0.18.0clean
eslint@0.24.1clean
eslint@^2.0.0-rc.1clean
eslint@^2.8.0clean
PACKAGE js-yamlECOSYSTEM npmDECISION ALLOW

Baked snapshot · run a live check for the current verdict · browse all packages