@cyberhub/trust-event-stream 1.0.61 → 1.0.63

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +11 -11
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -1,8 +1,8 @@
1
1
  # Security Trust Report: event-stream
2
2
 
3
- **event-stream@4.0.1: 53/100 | Grade: C | Tier: STANDARD** (confidence: ±3)
3
+ **[event-stream@4.0.1](https://www.npmjs.com/package/event-stream): 53/100 | Grade: C | Tier: STANDARD** (confidence: ±3)
4
4
 
5
- > Data verified on 2026-04-02 from 8 security databases.
5
+ > Scanned on 2026-04-03 from 8 security databases. [View package on npm →](https://www.npmjs.com/package/event-stream)
6
6
 
7
7
  ## TL;DR
8
8
 
@@ -42,7 +42,7 @@ Community: ████████░░░░░░░░░░░░
42
42
  - 🔴 **CRITICAL**: HISTORICAL BREACH: Malicious code injected via flatmap-stream (2018)
43
43
  - 🔴 **CRITICAL**: 1 CRITICAL vulnerability from live CVE databases
44
44
  - 🟠 **HIGH**: Primary maintainer account is less than 6 months old (0 days)
45
- - 🟠 **HIGH**: Maintainer(s) removed in v4.0.0: dominictarr
45
+ - 🟠 **HIGH**: Maintainer(s) removed in v4.0.0: dominictarr ([evidence](https://www.npmjs.com/package/event-stream/v/4.0.0))
46
46
  - 🟠 **HIGH**: Burst publishing detected — 5+ versions in a single day
47
47
 
48
48
  ## 🛠️ What Should You Do?
@@ -56,15 +56,15 @@ Community: ████████░░░░░░░░░░░░
56
56
 
57
57
  ## 🔄 Safer Alternatives
58
58
 
59
- | Package | Why | Trust Report |
60
- |---------|-----|-------------|
61
- | **highland** | High-level streams library | [View score](https://nrupak.com/trust/highland) |
62
- | **Node.js streams** | Built-in, no dependency needed | [View score](https://nrupak.com/trust/Node.js%20streams) |
63
- | **through2** | Simple stream wrapper | [View score](https://nrupak.com/trust/through2) |
59
+ | Package | Why | npm | Trust Score |
60
+ |---------|-----|-----|-------------|
61
+ | **highland** | High-level streams library | [npm](https://www.npmjs.com/package/highland) | [View score](https://nrupak.com/trust/highland) |
62
+ | **Node.js streams** | Built-in, no dependency needed | [npm](https://www.npmjs.com/package/Node.js%20streams) | [View score](https://nrupak.com/trust/Node.js%20streams) |
63
+ | **through2** | Simple stream wrapper | [npm](https://www.npmjs.com/package/through2) | [View score](https://nrupak.com/trust/through2) |
64
64
 
65
- ## Maintainers
65
+ ## Maintainers (1)
66
66
 
67
- - [npm](https://nrupak.com/trust/maintainer/npm) ✅ 2FA (org)
67
+ - [npm](https://www.npmjs.com/~npm) ✅ 2FA (org email) — [Trust profile](https://nrupak.com/trust/maintainer/npm)
68
68
 
69
69
  **Methodology:** 18+ signals across 4 categories (Maintainer 35%, Package 25%, Supply Chain 25%, Community 15%). [Full scoring docs →](https://nrupak.com/trust)
70
70
 
@@ -75,4 +75,4 @@ Community: ████████░░░░░░░░░░░░
75
75
 
76
76
  *Report by [pkgtrust](https://nrupak.com/trust/event-stream) · [Dashboard](https://nrupak.com/trust) · [Compare](https://nrupak.com/trust/compare) · [CLI](https://npmjs.com/package/@cyberhub/pkgtrust)*
77
77
 
78
- *This is an automated security report. Not affiliated with the event-stream team. Updated 2026-04-02.*
78
+ *This is an automated security report. Not affiliated with the event-stream team. Updated 2026-04-03.*
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@cyberhub/trust-event-stream",
3
- "version": "1.0.61",
3
+ "version": "1.0.63",
4
4
  "description": "Security Trust Report: event-stream@4.0.1 — 53/100 (C, standard). 1 vulnerability found. Maintainer risk, supply chain analysis from 8 security databases.",
5
5
  "keywords": [
6
6
  "event-stream",