VYPR

npm package

willitmerge

pkg:npm/willitmerge

Vulnerabilities (1)

  • CVE-2025-66219Nov 29, 2025
    affected <= 0.2.1

    willitmerge is a command line tool to check if pull requests are mergeable. In versions 0.2.1 and prior, there is a command Injection vulnerability in willitmerge. The vulnerability manifests in this package due to the use of insecure child process execution API (exec) to which i