Book a demo →
npm package report

Is nodemon safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/nodemon
npm packagelast checked 2026-06-10

nodemon · verdict ALLOW · no known risk

0.6/10
XYZ SCORE
SUMMARY

Verdict ALLOW · 40 known dependencies · 1 flagged · provenance: unknown

Re-check live →

SIGNALS
Anomaly HistoryclearOK

1 historical anomaly alert(s) (transitive_malicious_dep) on this package. Add a version to check whether it is affected.

DEPENDENCIES
anymatch@^1.3.0clean
async@^1.4.2clean
async@1.4.2clean
chokidar@^1.0.5clean
chokidar@1.1.0clean
chokidar@^1.2.0clean
chokidar@^1.4.3clean
chokidar@^1.7.0clean
chokidar@^2.0.0clean
chokidar@^2.0.2clean
chokidar@^2.0.4clean
chokidar@^2.1.0clean
chokidar@^2.1.5clean
chokidar@^2.1.8clean
chokidar@^3.2.2clean
chokidar@^3.5.2clean
coffee-script@~1.7.1clean
colors@~0.6.1block
commander@0.5.1clean
@commitlint/cli@^11.0.0clean
PACKAGE nodemonECOSYSTEM npmDECISION ALLOW

Baked snapshot · run a live check for the current verdict · browse all packages