Is Merge Tree Safe?

Merge Tree — Nerq Trust Score 76.5/100 (B+ grade). Based on analysis of 2 trust dimensions, it is generally safe but has some concerns. Last updated: 2026-04-07.

Yes, Merge Tree is safe to use. Merge Tree is a npm package with a Nerq Trust Score of 76.5/100 (B+), based on 3 independent data dimensions. Recommended for production use. Security: 90/100. Popularity: 60/100. Data sourced from npm registry, GitHub repository, NVD, OSV.dev, and OpenSSF Scorecard. Last updated: 2026-04-07. Machine-readable data (JSON).

Is Merge Tree safe?

YES — Merge Tree has a Nerq Trust Score of 76.5/100 (B+). It meets Nerq's trust threshold with strong signals across security, maintenance, and community adoption. Recommended for production use — review the full report below for specific considerations.

Security Analysis → Merge Tree Privacy Report →

What is Merge Tree's trust score?

Merge Tree has a Nerq Trust Score of 76.5/100, earning a B+ grade. This score is based on 2 independently measured dimensions including security, maintenance, and community adoption.

Security
90
Popularity
60

What are the key security findings for Merge Tree?

Merge Tree's strongest signal is security at 90/100. No known vulnerabilities have been detected. It meets the Nerq Verified threshold of 70+.

Security score: 90/100 (strong)
Popularity: 60/100 — community adoption

What is Merge Tree and who maintains it?

Authorms-fluid-bot
Categorynpm Packages
SourceN/A

Similar Npm by Trust Score

@portabletext/react (86)@tanstack/virtual-file-routes (86)@azure/msal-common (86)@smithy/protocol-http (86)@smithy/fetch-http-handler (86)
See all safest Npm →

Compare

Merge Tree vs @portabletext/reactMerge Tree vs @tanstack/virtual-file-routesMerge Tree vs @azure/msal-common

Safety Guide: Merge Tree

What is Merge Tree?

Merge Tree is a Node.js package — Merge tree.

How to Verify Safety

Run npm audit to check for vulnerabilities. Review the package's GitHub repository for recent commits.

You can also check the trust score via API: GET /v1/preflight?target=@fluidframework/merge-tree

Key Safety Concerns for Node.js package

When evaluating any Node.js package, watch for: dependency vulnerabilities, malicious packages, typosquatting.

Trust Assessment

Merge Tree has a Nerq Trust Score of 76/100 (B+) and meets Nerq trust threshold. This score is based on automated analysis of security, maintenance, community, and quality signals.

Key Takeaways

Frequently Asked Questions

Is Merge Tree Safe?
Yes, it is safe to use. @fluidframework/merge-tree with a Nerq Trust Score of 76.5/100 (B+). Strongest signal: security (90/100). Score based on Security (90/100), Popularity (60/100).
What is Merge Tree's trust score?
@fluidframework/merge-tree: 76.5/100 (B+). Score based on Security (90/100), Popularity (60/100). Scores update as new data becomes available. API: GET nerq.ai/v1/preflight?target=@fluidframework/merge-tree
What are safer alternatives to Merge Tree?
In the npm Packages category, more Node.js packages are being analyzed — check back soon. @fluidframework/merge-tree scores 76.5/100.
Does Merge Tree have known vulnerabilities?
Nerq checks Merge Tree against NVD, OSV.dev, and registry-specific vulnerability databases. Current security score: 90/100. Run your package manager's audit command for the latest findings.
Is Merge Tree actively maintained?
Merge Tree maintenance score: N/A. Check the repository for recent commit activity and issue responsiveness.
API: /v1/preflight Trust Badge API Docs

Popular in npm Packages

Supabase Js 90Storage Js 90Realtime Js 90Functions Js 90React 90Webpack Dev Middleware 90Webpack 90Icons Material 89Expo Router 89Preact 89Material 89Web Api 89

Browse Categories

npm PackagesInfrastructureSecurity Tools

Recently Analyzed

Jiosaavn Music & Podcas androidCamscanner Scanner, Pdf androidGoogle One androidKinemaster Video Editor androidShadow Weather androidPremium Card App androidYoutube Tv androidApple Music androidMy Weather Hub androidDisney+ android

See Also

Disclaimer: Nerq trust scores are automated assessments based on publicly available signals. They are not endorsements or guarantees. Always conduct your own due diligence.

Apps npm PyPI VPNs Games All Categories Compare
We use cookies for analytics and caching. Privacy