micromatch - dependency health snapshot - depmedic

depmedic / health / micromatch

micromatch v4.0.5

Glob matching for javascript/node.js. A replacement and faster alternative to minimatch and multimatch.

B
82/100 depmedic health score
snapshot taken 2026-04-28T07:20:06.678Z

Score breakdown

Popularity79/100
Maintenance66/100
Quality94/100
Risk (penalty for deprecated)100/100

Snapshot

Weekly downloads
11M
Monthly downloads
252.1M
npm dependents
0
GitHub stars
2.2K
Open issues
27
License
MIT
TypeScript types
no
Maintainers (top 5)
es128, jonschlinkert, doowb, danez

Embed the badge

Drop one of these into your README. Updates whenever depmedic re-runs the snapshot.

depmedic health: 82/100 (B)

![depmedic health](https://depmedicdev-byte.github.io/health/badge/micromatch.svg)

Use depmedic locally on this package

# In your project that depends on micromatch:
npm install micromatch
npx depmedic                    # vulnerability triage on your install
npx depmedic --severity=high    # CI-friendly: exits 1 on high+critical

Want a deep audit of micromatch for vendor review?

The Vendor Dossier PDF goes deeper than this snapshot: full advisory list (resolved + open), maintainer drift, release cadence, transitive risk, license tree. $9 one-time per package.

Order Vendor Dossier ($9) More tools

Org-wide monitoring

Track every package across your repos. Get an email when any one slips below your minimum grade. $19/mo.

Org Dep Health Monitor ($19/mo)