Book a demo →
npm package report

Is pino safe?

Checked against the XYZ decision brain: known-malicious corpus, advisories, commit-level findings, dependencies and provenance.

cyberxyz.io/packages/npm/pino
npm packagelast checked 2026-06-10

pino · verdict ALLOW · no known risk

0.6/10
XYZ SCORE
SUMMARY

Verdict ALLOW · 39 known dependencies · provenance: unknown

Re-check live →

SIGNALS
All signals clearclearOK

No known-malicious match, advisory, commit-level finding or anomaly.

DEPENDENCIES
airtap@5.0.0clean
@arethetypeswrong/cli@^0.18.1clean
atomic-sleep@^1.0.0clean
borp@^0.21.0clean
bunyan@^1.8.14clean
debug@^4.3.4clean
docsify-cli@^4.4.4clean
eslint@^9.37.0clean
eslint-plugin-import@^2.26.0clean
eslint-plugin-n@17.23.2clean
eslint-plugin-node@^11.1.0clean
eslint-plugin-promise@^6.0.0clean
execa@^5.0.0clean
fastbench@^1.0.1clean
flush-write-stream@^2.0.0clean
import-fresh@^3.2.1clean
jest@^30.0.3clean
log@^6.0.0clean
loglevel@^1.6.7clean
@matteo.collina/tspl@^0.2.0clean
PACKAGE pinoECOSYSTEM npmDECISION ALLOW

Baked snapshot · run a live check for the current verdict · browse all packages