@contractspec/lib.contracts-transformers

Name: @contractspec/lib.contracts-transformers
Rating: 3.24 (1 reviews)
Author: farzim

#804 · by farzim

code completions chat

3.24/ 5.00

trustedBeta

Mar 3, 2026 at 7:21 AM6 signals analysed100 commits (90d)No manual reviews · fully automated

Trust Signal Breakdown

high3 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

3 of 3 sub-signals with data

Known CVEs40%5.0

No known CVEs

via OSV.dev

Dependency Health30%5.0

6 dependencies (minimal)

via npm / PyPI

Supply Chain30%5.0

Supply chain analyzed, no transitive CVEs

via npm provenance

Uptime, latency, error rates, and incident history

0 of 0 sub-signals with data

Commit recency, release cadence, issue response, CI/CD

0 of 0 sub-signals with data

Downloads, stars, dependents, and growth trajectory

0 of 0 sub-signals with data

License, documentation, security policy, changelog

0 of 0 sub-signals with data

Track record, org maturity, community standing

0 of 0 sub-signals with data

About this score

Scored across 3 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)

Trust AssessmentAI Assessment

Contract format transformations: import/export between ContractSpec and external formats (OpenAPI, AsyncAPI, etc.)

Package Availability (30d)

100.00%

p50: 432ms · p99: 432ms

Avg Latency

415ms

averaged across 30d health checks

Weekly Downloads

1.0k-26%

npm weekly

Transparency & Compliance6/5 passed

✓

Open Source CodePublic repository on GitHub

✓

OSI LicenseLicensed under MIT

✓

DocumentationREADME with examples/code blocks

✓

SECURITY.mdSecurity policy published

✓

API DocumentationOpenAPI spec or docs directory found

Incidents & Alertslast 90 days

Mar 1Trust score decreased by 1.073.24

Feb 25Trust score increased by 0.994.31

Feb 22@contractspec/lib.contracts-transformers added to Trust Index3.17

Showing 3 of 3 events

Score History25 snapshots

5.003.752.501.250.00

Feb 22Mar 1

Community & Ecosystemadoption signals

1.0k

Weekly Downloads

npm

100

Commits (90d)

contractspec

Releases

avg 1d apart

Supply Chain & Dependenciestrust chain

⬡

@contractspec/lib.contracts-spec

npm · 2.6.0

⬡

@contractspec/lib.schema

npm · 2.6.0

⬡

compare-versions

npm · ^6.1.1

⬡

openapi-types

npm · ^12.1.3

⬡

yaml

npm · ^2.7.1 · 1 CVE

⬡

zod

npm · ^4.3.5 · 1 CVE

Showing 6 of 6 dependencies

Data Sources6 indexed

◎

OSV.devCVE database · vulnerability scanning for npm & PyPI packages

◈

GitHub APICommits, issues, releases, repo metadata, transparency checks

⬡

npm RegistryPackage metadata, weekly downloads, maintainers, dependencies

⬡

PyPIPackage metadata, weekly downloads, dependency tree

△

HTTP Health Checks15-min pings · uptime, latency, status monitoring

◎

PyPI StatsDownload statistics and trends

Version Historyscore per release

VERSIONRELEASEDSCOREDELTA

action-v2.9.0Feb 25, 20263.32—

vscode-v2.9.0Feb 25, 20263.32—

vscode-v2.6.1Feb 24, 20263.32—

action-v2.6.0Feb 22, 20263.32—

vscode-v2.6.0Feb 22, 20263.32—

action-v2.5.0Feb 21, 20263.32—

Showing 6 of 10 releases

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card