← Home

@adguard/dnr-rulesets

npm

Utility to create AdGuard DNR rulesets for mv3 extensions

100
Versions
GPL-3.0-only
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

ameshkovmaximtopblakhard

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff obfuscated-file:dist/filters/local_script_rules.js AI (source-diff): This file contains AdGuard scriptlet filter rules — minified JS strings mapped to expanded implementations. This is expected content for an ad-blocking DNR ruleset package, not malicious obfuscation. ai
source-diff obfuscated-file:dist/filters/chromium-mv3/local_script_rules.js AI (source-diff): These files contain AdGuard's scriptlet lookup tables — minified ad-blocking JS used as object keys with expanded implementations as values. This is the package's documented design, not malicious obfuscation. ai
source-diff obfuscated-file:dist/filters/opera-mv3/local_script_rules.js AI (source-diff): Same as chromium-mv3 variant: AdGuard scriptlet lookup tables with minified keys and readable implementations. Expected build artifact for this package. ai
publish-pattern rapid-publish AI (publish-pattern): Package has 13,351 versions with timestamp-based version numbers, indicating a fully automated filter-list update pipeline. Rapid publishing is the normal operating mode for this package. ai
phantom-deps phantom-dep:chokidar AI (phantom-deps): CLI tool legitimately uses chokidar for file watching; declared in dependencies and referenced in config files. ai
dependencies unvetted-dep:@adguard/agtree AI (dependencies): First-party AdGuard dependency in the same org scope; expected internal dependency for this package. ai
phantom-deps phantom-dep:@adguard/re2-wasm AI (phantom-deps): First-party AdGuard dependency declared in package.json; phantom-dep flag is a false positive for same-org packages. ai
phantom-deps phantom-dep:commander AI (phantom-deps): CLI tool legitimately uses commander for CLI argument parsing; declared in dependencies. ai
dependencies unvetted-dep:@adguard/logger AI (dependencies): First-party AdGuard dependency in the same org scope; expected internal dependency for this package. ai
dependencies unvetted-dep:@adguard/re2-wasm AI (dependencies): First-party AdGuard dependency in the same org scope; expected internal dependency for this package. ai
dependencies unvetted-dep:@adguard/tsurlfilter AI (dependencies): First-party AdGuard dependency in the same org scope; expected internal dependency for this package. ai

Versions (showing 100 of 9524)

Version Deps Published
4.0.20260509210047 10 / 29
4.0.20260509110046 10 / 29
4.0.20260507130133 10 / 29
4.0.20260506030051 10 / 29
4.0.20260504150058 10 / 29
4.0.20260503050049 10 / 29
4.0.20260502210044 10 / 29
4.0.20260502160044 10 / 29
4.0.20260502130046 10 / 29
4.0.20260501180051 10 / 29
4.0.20260501080040 10 / 29
4.0.20260501030042 10 / 29
4.0.20260430220034 10 / 29
4.0.20260430180046 10 / 29
4.0.20260429110053 10 / 29
4.0.20260425230040 10 / 29
4.0.20260425220041 10 / 29
4.0.20260425210051 10 / 29
4.0.20260425200040 10 / 29
4.0.20260425190041 10 / 29
4.0.20260425180041 10 / 29
4.0.20260425170039 10 / 29
4.0.20260425160042 10 / 29
4.0.20260425150044 10 / 29
4.0.20260425140033 10 / 29
4.0.20260425120041 10 / 29
4.0.20260425110039 10 / 29
4.0.20260425100045 10 / 29
4.0.20260425090044 10 / 29
4.0.20260425080047 10 / 29
4.0.20260425070044 10 / 29
4.0.20260425060048 10 / 29
4.0.20260425050053 10 / 29
4.0.20260425040037 10 / 29
4.0.20260425030046 10 / 29
4.0.20260425020033 10 / 29
4.0.20260425010035 10 / 29
4.0.20260425000043 10 / 29
4.0.20260424230041 10 / 29
4.0.20260424220037 10 / 29
4.0.20260424200039 10 / 29
4.0.20260424190044 10 / 29
4.0.20260424180040 10 / 29
4.0.20260424170043 10 / 29
4.0.20260424160040 10 / 29
4.0.20260424150046 10 / 29
4.0.20260424140049 10 / 29
4.0.20260424130043 10 / 29
4.0.20260424120058 10 / 29
4.0.20260424110545 10 / 29
4.0.20260424100109 10 / 29
4.0.20260424090053 10 / 29
4.0.20260424070049 10 / 29
4.0.20260424040051 10 / 29
4.0.20260424030038 10 / 29
4.0.20260424020038 10 / 29
4.0.20260424010044 10 / 29
4.0.20260424000058 10 / 29
4.0.20260423230035 10 / 29
4.0.20260423220228 10 / 29
4.0.20260423210043 10 / 29
4.0.20260423200037 10 / 29
4.0.20260423180039 10 / 29
4.0.20260423170042 10 / 29
4.0.20260423160040 10 / 29
4.0.20260423150102 10 / 29
4.0.20260423140058 10 / 29
4.0.20260423130044 10 / 29
4.0.20260423120051 10 / 29
4.0.20260423110047 10 / 29
4.0.20260423100045 10 / 29
4.0.20260423090049 10 / 29
4.0.20260423080046 10 / 29
4.0.20260423070050 10 / 29
4.0.20260423060057 10 / 29
4.0.20260423050049 10 / 29
4.0.20260423040043 10 / 29
4.0.20260423030053 10 / 29
4.0.20260423020041 10 / 29
4.0.20260422200046 10 / 29
4.0.20260422190045 10 / 29
4.0.20260422180050 10 / 29
4.0.20260422170045 10 / 29
4.0.20260422160048 10 / 29
4.0.20260422150049 10 / 29
4.0.20260422140102 10 / 29
4.0.20260422130053 10 / 29
4.0.20260422120047 10 / 29
4.0.20260422110052 10 / 29
4.0.20260422100045 10 / 29
4.0.20260422090050 10 / 29
4.0.20260422080045 10 / 29
4.0.20260422070039 10 / 29
4.0.20260422060050 10 / 29
4.0.20260422050043 10 / 29
4.0.20260422040046 10 / 29
4.0.20260422030043 10 / 29
4.0.20260422020041 10 / 29
4.0.20260422010049 10 / 29
4.0.20260422000102 10 / 29
Showing 100 of 9524 Next page →

v4.0.20260509210047

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260509110046

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260507130133

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260506030051

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260504150058

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260503050049

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260502210044

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260502160044

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260502130046

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260501180051

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260501080040

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260430180046

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260425030046

2 findings
HIGH New obfuscated file: dist/filters/local_script_rules.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v4.0.20260424230041

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v4.0.20260422140102

1 finding
LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.