Mend.io reveals the highest three most dependable npm, Maven, and PyPi packages

A brand new report by Mend.io discovered the highest three most dependable packages for npm, Maven, and PyPi.

The highest packages for every are:

Npm:

1. prettier-eslint
2. np
3. Jest-cli

Maven:

1. org.apache.maven.scm:maven-scm-provider-gitexe
2. com.github.ekryd.sortpom:sortpom-maven-plugin
3. Org.apache.maven.plugins:maven-release-plugin

PyPi:

1. Pulumi
2. Botocore-stubs
3. types-python-dateutil

The report examined knowledge from Renovate, the corporate’s automated dependency administration software that leverages crowd-sourced knowledge on over 25 million dependency updates.

The packages had been then ranked primarily based on non-grouped (particular person) updates and grouped updates which had been analyzed individually, solely minor updates had been included and sourced from dependable repos. 

“The Leaderboard helps shift the AppSec view from detection to prevention, a priceless perspective for decreasing the danger imposed by our more and more susceptible software program provide chain,” stated Rhys Arkins, vice chairman of product administration at Mend.io. “Success hinges on having the information crucial to stop potential open-source vulnerabilities from ever being put in within the first place. For that to occur, corporations have to know not solely what packages are in use at their corporations, however how secure they’re.”