Is Bundler Plugin Core Safe?

What is Bundler Plugin Core's trust score?

Bundler Plugin Core has a Nerq Trust Score of 81.0/100, earning a A- grade. This score is based on 2 independently measured dimensions including security, maintenance, and community adoption.

What are the key security findings for Bundler Plugin Core?

Bundler Plugin Core's strongest signal is security at 90/100. No known vulnerabilities have been detected. It meets the Nerq Verified threshold of 70+.

What is Bundler Plugin Core and who maintains it?

Detailed Score Analysis

Based on 5 dimensions. Data from npm registry, GitHub repository, NVD, OSV.dev, and OpenSSF Scorecard.

What data does Bundler Plugin Core collect?

Bundler Plugin Core is a Node.js package maintained by sentry-bot. It receives approximately 6,764,572 weekly downloads. Licensed under MIT.

As a development package, Bundler Plugin Core does not directly collect end-user personal data. However, applications built with it may collect data depending on implementation. Privacy score: 80/100.

Review the package's dependencies for potential supply chain risks. Run your package manager's audit command regularly.

Full analysis: Bundler Plugin Core Privacy Report · Privacy review

Is Bundler Plugin Core secure?

Security score: 90/100. Bundler Plugin Core has 0 known vulnerabilities (CVEs) in the National Vulnerability Database. This is a clean record.

Licensed under MIT, allowing code inspection. Open-source packages allow independent security review of the source code.

Run your package manager's audit command (`npm audit`, `pip audit`, `cargo audit`) to check for known vulnerabilities in your dependency tree.

Full analysis: Bundler Plugin Core Security Report

How we calculated this score

Bundler Plugin Core's trust score of 81.0/100 (A-) is computed from npm registry, GitHub repository, NVD, OSV.dev, and OpenSSF Scorecard. The score reflects 5 independent dimensions: security (90/100), privacy (80/100), reliability (90/100), transparency (85/100), maintenance (60/100). Each dimension is weighted equally to produce the composite trust score.

Nerq analyzes over 7.5 million entities across 26 registries using the same methodology, enabling direct cross-entity comparison. Scores are updated continuously as new data becomes available.

This page was last reviewed on April 09, 2026. Data version: 1.0.

Full methodology documentation · Machine-readable data (JSON API)