6 packages flagged for continuity risk in 2026-W17.
Flagged packages combine high downstream reach with at least two independent fragility signals. Repositories and maintainer identities are never referenced in the viral surfaces.
Share card is regenerated by generate_weekly_card on every pipeline run.
Top findings
| Rank | Package | Severity | Risk | Primary finding |
|---|---|---|---|---|
| #1 | npm · tslib | High | 43.1 | 0 releases in the last 365 days vs 4 in the prior 365 days. |
| #2 | pypi · jinja2 | High | 43.0 | 0 releases in the last 365 days vs 3 in the prior 365 days. |
| #3 | npm · inherits | High | 39.5 | 2497 days since latest release. |
| #4 | pypi · h11 | High | 35.0 | Top contributor authored 90% of commits over the last 365 days (unique contributors: 2). |
| #5 | pypi · pyyaml | High | 34.3 | Top contributor authored 100% of commits over the last 365 days (unique contributors: 1). |
Ecosystem breakdown
- npm 3
- pypi 3