As part of the plugin Trust Grade that is calculated by Obsidian Addict, one of the measures used is checking for vulnerabilities in downstream dependencies. When Obsidian Addict launched, it supported npm, yarn, and pnpm.
Feedback on the Obsidian Discord was provided that a handful of plugins (e.g. Meta Bind Plugin and JS Engine) utilize Bun and were currently getting a 0 on security as a result due to not recognizing the existence of a lock file. In response to this feedback, I have gone ahead and added support for Bun so those plugins are no longer receiving a 0 on security!
Appreciate the support and feedback so far! Thank you!