Book a demo →
npm package report

Is mocha safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/mocha
npm packagelast checked 2026-06-10

mocha · verdict ALLOW · no known risk

0.6/10
XYZ SCORE
SUMMARY

Verdict ALLOW · 40 known dependencies · provenance: unknown

Re-check live →

SIGNALS
Anomaly HistoryclearOK

1 historical anomaly alert(s) (transitive_malicious_dep) on this package. Add a version to check whether it is affected.

DEPENDENCIES
@11ty/eleventy@^0.10.0clean
@11ty/eleventy@^0.11.0clean
@11ty/eleventy@^0.12.1clean
@11ty/eleventy@^0.6.0clean
@11ty/eleventy@^0.7.1clean
@11ty/eleventy@^0.8.3clean
@11ty/eleventy@^1.0.0clean
@11ty/eleventy-plugin-inclusive-language@^1.0.0clean
@11ty/eleventy-plugin-inclusive-language@^1.0.3clean
acorn@^7.0.0clean
ansi-colors@3.2.3clean
ansi-colors@4.1.1clean
ansi-colors@^4.1.3clean
assert@^1.4.1clean
assetgraph-builder@^5.6.4clean
assetgraph-builder@^6.10.0clean
assetgraph-builder@^6.10.1clean
assetgraph-builder@^6.2.0clean
assetgraph-builder@^6.4.2clean
assetgraph-builder@^6.6.3clean
PACKAGE mochaECOSYSTEM npmDECISION ALLOW

Baked snapshot · run a live check for the current verdict · browse all packages