Is Conventional Changelog Angular Safe?

What is Conventional Changelog Angular's trust score?

Conventional Changelog Angular has a Nerq Trust Score of 84.5/100, earning a A- grade. This score is based on 2 independently measured dimensions including security, maintenance, and community adoption.

What are the key security findings for Conventional Changelog Angular?

Conventional Changelog Angular's strongest signal is popularity at 100/100. No known vulnerabilities have been detected. It meets the Nerq Verified threshold of 70+.

What is Conventional Changelog Angular and who maintains it?

Detailed Score Analysis

Based on 5 dimensions. Data from npm registry, GitHub repository, NVD, OSV.dev, and OpenSSF Scorecard.

What data does Conventional Changelog Angular collect?

Conventional Changelog Angular is a Node.js package maintained by bcoe. It receives approximately 10,342,332 weekly downloads. Licensed under ISC.

As a development package, Conventional Changelog Angular does not directly collect end-user personal data. However, applications built with it may collect data depending on implementation. Privacy score: 80/100.

Review the package's dependencies for potential supply chain risks. Run your package manager's audit command regularly.

Full analysis: Conventional Changelog Angular Privacy Report · Privacy review

Is Conventional Changelog Angular secure?

Security score: 90/100. Conventional Changelog Angular has 0 known vulnerabilities (CVEs) in the National Vulnerability Database. This is a clean record.

Licensed under ISC, allowing code inspection. Open-source packages allow independent security review of the source code.

Run your package manager's audit command (`npm audit`, `pip audit`, `cargo audit`) to check for known vulnerabilities in your dependency tree.

Full analysis: Conventional Changelog Angular Security Report

How we calculated this score

Conventional Changelog Angular's trust score of 84.5/100 (A-) is computed from npm registry, GitHub repository, NVD, OSV.dev, and OpenSSF Scorecard. The score reflects 5 independent dimensions: security (90/100), maintenance (100/100), popularity (100/100), quality (65/100), community (60/100). Each dimension is weighted equally to produce the composite trust score.

Nerq analyzes over 7.5 million entities across 26 registries using the same methodology, enabling direct cross-entity comparison. Scores are updated continuously as new data becomes available.

This page was last reviewed on May 20, 2026. Data version: 1.0.

Full methodology documentation · Machine-readable data (JSON API)