← Rankings

bcryptjs

npm · Rank #174 of 217

73 / 100 C
1
npm publisher
Single point of failure
9M
downloads/week
Blast radius if compromised
13.1y
package age
Established package
222 days ago
last release
Infrequent releases

Risk analysis

bcryptjs is flagged HIGH risk due to rapid adoption with limited publisher depth. New packages with fast growth are higher-risk targets.

What the score measures

  • Publisher depth — How many people can push to npm? Single-publisher packages are the #1 structural risk.
  • Longevity — Older packages have track records. New packages with high adoption are higher risk.
  • Release consistency — Regular releases signal active oversight. Long gaps mean unpatched vulnerabilities.
  • Download trend — Growing packages attract more scrutiny (and more attacks).
  • OpenSSF Scorecard — Process security: branch protection, code review, CI/CD safety.

bcryptjs is one package. Score them all.

You came looking for bcryptjs. Your node_modules has hundreds more. Run one command to score every dependency you ship:

npx proof-of-commitment

Auto-detects your lockfile. Scores every dependency. Zero install.

Try online audit → Quickstart → Free API key →

Share this score

Add the badge to your README

Commit trust score for bcryptjs
![Commit Trust](https://getcommit.dev/badge/npm/bcryptjs)

Related packages

xlsx
71
9M/wk · 1 pub
mysql2
87
10M/wk · 1 pub
passport
72
7M/wk · 1 pub
better-sqlite3
83
7M/wk · 1 pub
event-stream
64
6M/wk · 1 pub
bunyan
66
3M/wk · 1 pub
View all 217 ranked packages →

npm registry → Live score card →