DepKeep

OSS Support Hub / Database Tools

Node.js Database Tools MIT Latest: 1.0.0

TypeORM

ORM for TypeScript and JavaScript that supports ActiveRecord and DataMapper patterns

npmGitHub
Health Metrics

Project Health at a Glance

Live data from GitHub and npm, updated daily.

36.6K+40
GitHub Stars
📦
1.0.0
Latest Release · 1 months ago
🔄
46d
Avg. Release Cadence
🐛
546
Open Issues
📅
3 days ago
Last Commit
⬇️
4.9M
Weekly Downloads
🔒
5
Active CVEs

Data last fetched: 2026-06-29

Security

Known Vulnerabilities

5 active CVEs reported via OSV.dev

GHSA-9ggv-8w38-r7pm CVSS_V3

TypeORM: SQL Injection in UpdateQueryBuilder/SoftDeleteQueryBuilder orderBy (MySQL/MariaDB)

Published: 2026-06-19 Fixed in: 0.3.29
GHSA-fx4w-v43j-vc45 CVSS_V3

SQL injection in typeORM

Published: 2022-07-05 Fixed in: 0.3.0
GHSA-pf2j-9qmp-jqr2 CVSS_V3

TypeORM vulnerable to MAID and Prototype Pollution

Published: 2021-05-07 Fixed in: 0.2.25
GHSA-q2pj-6v73-8rgj CVSS_V3

TypeORM vulnerable to SQL injection via crafted request to repository.save or repository.update

Published: 2025-10-29 Fixed in: 0.3.26
GHSA-w7q7-vjp8-7jv4 CVSS_V3

SQL Injection in typeorm

Published: 2019-06-06 Fixed in: 0.1.15
Ecosystem

Alternatives to TypeORM

Other Database Tools projects in the Node.js ecosystem worth evaluating.

prisma sequelize drizzle
Get Help

Support Options for TypeORM

Enterprise Support via DepKeep

Get SLA-backed support, security patches, and direct access to senior engineers for TypeORM — without relying on volunteer maintainers.

Talk to an Expert →

Community Channels

GitHub Discussions →Stack Overflow →