Package Exports
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (@cyberhub/trust-commondir) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
Security Trust Report: commondir
commondir@1.0.1: 65/100 | Grade: B | Tier: STANDARD (confidence: ±3)
Data verified on 2026-04-02 from 8 security databases.
TL;DR
- Package name "commondir" is 2 edit(s) from popular "commander"
- Pin your version and monitor for changes
Score Breakdown
Maintainer Trust: ██████████░░░░░░░░░░ 51/100
Package Health: ██████████████████░░ 88/100
Supply Chain: ██████████████░░░░░░ 71/100
Community: ██████████░░░░░░░░░░ 48/100Why this score?
- Maintainer Trust is 51 because: single maintainer (bus factor risk)
- Community is 48 because: no GitHub repo found
Vulnerabilities
✅ No known vulnerabilities detected across 8 security databases.
Key Risk Flags
- 🔴 CRITICAL: Package name "commondir" is 2 edit(s) from popular "commander"
- 🟠 HIGH: Primary maintainer account is less than 6 months old (0 days)
🛠️ What Should You Do?
Immediate:
Always: Pin version, run pkgtrust scan in CI, monitor at nrupak.com/trust/commondir
Maintainers
- nopersonsmodules ✅ 2FA (freemail)
Methodology: 18+ signals across 4 categories (Maintainer 35%, Package 25%, Supply Chain 25%, Community 15%). Full scoring docs →
Check your project: npm i -g @cyberhub/pkgtrust && pkgtrust scan commondir — CLI docs
Data Sources: GitHub Advisories · OSV.dev · npm audit · Snyk · Socket.dev · npms.io · Bundlephobia · deps.dev
Report by pkgtrust · Dashboard · Compare · CLI
This is an automated security report. Not affiliated with the commondir team. Updated 2026-04-02.