Version 7.21.0 • License MIT
One-Line Verdict
"Heavy install size detected. Review bloat risk."
Caution
Actively Maintained
16 CVE History
Historical vulnerabilities found.
1.5 MB
Heavy: 1.5 MB
45,264,557
Highly Trusted
Package Payload
0 Direct
Clean dependency structure.
Cold-Start Impact
+22 ms
Estimated execution overhead on standard hardware.
Current Threat Level
Risk Detected
Our audit detected 16 active or historical security flags. Critical CVEs have been mapped to this library.
Accuracy Protocol
Scanned against OSV.dev (Google Open Source) databases. Last Deep-Scan: 2026.
Is undici too heavy? Compare it with these industry standards:
"An HTTP/1.1 client, written from scratch for Node.js"
undici is used to facilitate high-performance Node.js workflows. It provides a robust footprint of 1.5 MB on disk.
# Install via NPM
npm install undici
# Install via Yarn
yarn add undici
You are currently viewing a proprietary security audit for undici on PAudit. We aggregate global databases to provide a safety rating of 65/100.
Run npm install undici. This installs version 7.21.0 and adds 0 direct dependencies to your project.
Yes, undici records 45,264,557 weekly downloads, making it a Highly Trusted part of the ecosystem.