Is Jmespath Safe?

Jmespath — Nerq Trust Score 66.2/100 (B- grade). Based on analysis of 2 trust dimensions, it is generally safe but has some concerns. Last updated: 2026-05-05.

Use Jmespath with some caution. Jmespath is a Ruby gem with a Nerq Trust Score of 66.2/100 (B-), based on 3 independent data dimensions. Below the recommended threshold of 70. Security: 90/100. Popularity: 100/100. Data sourced from rubygems.org, GitHub, and NVD. Last updated: 2026-04-12. Machine-readable data (JSON).

Is Jmespath safe?

CAUTION — Jmespath has a Nerq Trust Score of 66.2/100 (B-). It has moderate trust signals but shows some areas of concern that warrant attention. Suitable for development use — review security and maintenance signals before production deployment.

Security Analysis → Jmespath Privacy Report →

What is Jmespath's trust score?

Jmespath has a Nerq Trust Score of 66.2/100, earning a B- grade. This score is based on 2 independently measured dimensions including security, maintenance, and community adoption.

Security
90
Popularity
100

What are the key security findings for Jmespath?

Jmespath's strongest signal is popularity at 100/100. No known vulnerabilities have been detected. It has not yet reached the Nerq Verified threshold of 70+.

Security score: 90/100 (strong)
Popularity: 100/100 — community adoption

What is Jmespath and who maintains it?

AuthorTrevor Rowe
CategoryRuby Gems
SourceN/A

Jmespath Across Platforms

Same developer/company in other registries:

jmespath
62/100 · crates
jmespath
48/100 · npm

Similar Gems by Trust Score

i18n (68)jwt (68)request_store (68)mimemagic (68)raabro (68)
See all safest Gems →

Compare

Jmespath vs i18nJmespath vs jwtJmespath vs request_store

Safety Guide: Jmespath

What is Jmespath?

Jmespath is a Ruby gem — Implements JMESPath for Ruby.

How to Verify Safety

Run bundle audit. Review on rubygems.org.

You can also check the trust score via API: GET /v1/preflight?target=jmespath

Key Safety Concerns for Ruby gem

When evaluating any Ruby gem, watch for: dependency vulnerabilities, maintenance status.

Trust Assessment

Jmespath has a Nerq Trust Score of 66/100 (B-) and has not yet reached Nerq trust threshold (70+). This score is based on automated analysis of security, maintenance, community, and quality signals.

Key Takeaways

Detailed Score Analysis

DimensionScore
Security90/100
Maintenance50/100
Popularity100/100
Quality55/100
Community35/100

Based on 5 dimensions. Data from rubygems.org, GitHub, and NVD.

What data does Jmespath collect?

Jmespath is a Ruby gem maintained by Trevor Rowe. It receives approximately 1,354,336,307 weekly downloads. Licensed under Apache-2.0.

As a development package, Jmespath does not directly collect end-user personal data. However, applications built with it may collect data depending on implementation. Privacy score: 80/100.

Review the package's dependencies for potential supply chain risks. Run your package manager's audit command regularly.

Full analysis: Jmespath Privacy Report · Privacy review

Is Jmespath secure?

Security score: 90/100. This meets the recommended security threshold for production use.

Nerq monitors this entity against NVD, OSV.dev, and registry-specific vulnerability databases for ongoing security assessment.

Full analysis: Jmespath Security Report

Jmespath Across Platforms

Same developer/company in other registries:

jmespath (crates, 62/100)jmespath (npm, 48/100)

How we calculated this score

Jmespath's trust score of 66.2/100 (B-) is computed from rubygems.org, GitHub, and NVD. The score reflects 5 independent dimensions: security (90/100), maintenance (50/100), popularity (100/100), quality (55/100), community (35/100). Each dimension is weighted equally to produce the composite trust score.

Nerq analyzes over 7.5 million entities across 26 registries using the same methodology, enabling direct cross-entity comparison. Scores are updated continuously as new data becomes available.

This page was last reviewed on May 05, 2026. Data version: 1.0.

Full methodology documentation · Machine-readable data (JSON API)

Frequently Asked Questions

Is Jmespath Safe?
Use with some caution. jmespath with a Nerq Trust Score of 66.2/100 (B-). Strongest signal: popularity (100/100). Score based on Security (90/100), Popularity (100/100).
What is Jmespath's trust score?
jmespath: 66.2/100 (B-). Score based on Security (90/100), Popularity (100/100). Scores update as new data becomes available. API: GET nerq.ai/v1/preflight?target=jmespath
What are safer alternatives to Jmespath?
In the Ruby Gems category, more Ruby gems are being analyzed — check back soon. jmespath scores 66.2/100.
Does Jmespath have known vulnerabilities?
Nerq checks Jmespath against NVD, OSV.dev, and registry-specific vulnerability databases. Current security score: 90/100. Run your package manager's audit command for the latest findings.
Is Jmespath actively maintained?
Jmespath maintenance score: N/A. Check the repository for recent commit activity and issue responsiveness.
API: /v1/preflight Trust Badge API Docs

Popular in Ruby Gems

I18N 68Jwt 68Request Store 68Mimemagic 68Raabro 68Notiffany 68Sentry Ruby 68Aws Sdk Ecs 68Snaky Hash 68Aws Sdk Organizations 68Fourflusher 68Aws Sdk Guardduty 68

Recently Analyzed

Realemailhub saasQuickdatabaseflow saasChainstack saasGumroad saasCloudprojectflow saasDocs Sharp Flow saasHaiku (Animator) saasPrivy saasVercel Cli saasOtter.Ai (Business) saas

See Also

Disclaimer: Nerq trust scores are automated assessments based on publicly available signals. They are not endorsements or guarantees. Always conduct your own due diligence.

Apps npm PyPI VPNs Games All Categories Compare
We use cookies for analytics and caching. Privacy