npm/convict

Maturity:Mature

Health:Healthy

Legal:Moderate Risk

• License includes a patent grant clause
• Package license does not match the source code license

Security:Caution Needed

• Vulnerabilities don't typically get fixed within 600 days
• At least one high or critical severity vulnerability has been reported in the last 600