Is Lexer Safe?

What is Lexer's trust score?

Lexer has a Nerq Trust Score of 53.0/100, earning a C- grade. This score is based on 2 independently measured dimensions including security, maintenance, and community adoption.

What are the key security findings for Lexer?

Lexer's strongest signal is popularity at 95/100. No known vulnerabilities have been detected. It has not yet reached the Nerq Verified threshold of 70+.

What is Lexer and who maintains it?

Detailed Score Analysis

Based on 5 dimensions. Data from packagist.org, GitHub, and NVD.

What data does Lexer collect?

Lexer is a PHP package maintained by doctrine. It receives approximately 907,056,941 weekly downloads.

As a development package, Lexer does not directly collect end-user personal data. However, applications built with it may collect data depending on implementation. Privacy score: 80/100.

Review the package's dependencies for potential supply chain risks. Run your package manager's audit command regularly.

Full analysis: Lexer Privacy Report · Privacy review

Is Lexer secure?

Security score: 65/100. Review security practices and consider alternatives with higher security scores for sensitive use cases.

Nerq monitors this entity against NVD, OSV.dev, and registry-specific vulnerability databases for ongoing security assessment.

Full analysis: Lexer Security Report

How we calculated this score

Lexer's trust score of 53.0/100 (C-) is computed from packagist.org, GitHub, and NVD. The score reflects 5 independent dimensions: security (65/100), privacy (80/100), reliability (90/100), transparency (50/100), maintenance (60/100). Each dimension is weighted equally to produce the composite trust score.

Nerq analyzes over 7.5 million entities across 26 registries using the same methodology, enabling direct cross-entity comparison. Scores are updated continuously as new data becomes available.

This page was last reviewed on March 31, 2026. Data version: 1.0.

Full methodology documentation · Machine-readable data (JSON API)