@adyen/kyc-components
`adyen-kyc-components` provides the required pieces to build an onboarding flow based on a legal entity. To onboard and verify users, you need to create a user interface (UI) to collect user data. To speed up building your integration, Adyen offers onboar
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/bg-BG-Dt-YABLE.js | AI (source-diff): Minified locale bundle with Sentry debug ID; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-DPA8C7cd.js | AI (source-diff): Minified locale bundle with Sentry debug ID; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-CMAqGLCy.js | AI (source-diff): Minified locale bundle with Sentry debug ID; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-ClQ8gVST.js | AI (source-diff): Minified locale bundle with Sentry debug ID; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-NwL6SZRu.js | AI (source-diff): Minified locale bundle with Sentry debug ID; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/useBusinessDetailsData-yIeDfSst.js | AI (source-diff): Minified Vite/Rollup bundle output with Sentry debug IDs; standard build artifact for this package. | ai | |
| phantom-deps | phantom-dep:@tanstack/react-form-devtools | AI (phantom-deps): Devtools package bundled as runtime dep but used indirectly; stable false positive for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-CzrQfuu9.js | AI (source-diff): Vite-bundled locale JSON chunk with Sentry debug ID; not obfuscated malicious code. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-cotI8o9W.js | AI (source-diff): Vite-bundled locale JSON chunk with Sentry debug ID; not obfuscated malicious code. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-6ZQOFODJ.js | AI (source-diff): Vite-bundled locale JSON chunk with Sentry debug ID; not obfuscated malicious code. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-3LckGflP.js | AI (source-diff): Vite-bundled locale JSON chunk with Sentry debug ID; not obfuscated malicious code. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-DKld3x63.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-BnwkqGm9.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-C6dSR1jk.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/el-GR-BuAfpG6u.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/de-DE-CwT6O212.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/de-DE-Cg_RNIr-.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/de-DE-BplDsJEb.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/da-DK-mUuPR2YO.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/da-DK-D9FgPh5e.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/da-DK-Cv6XUSoW.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cs-CZ-BeMYkFfD.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cs-CZ-BBLagJI6.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cs-CZ-B6atm9_Q.js | AI (source-diff): Minified i18n locale bundle with plain JSON translations; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-Bayyn2Vj.js | AI (source-diff): Minified i18n locale bundle with Sentry debug ID; standard Vite build output for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-COHRuTI-.js | AI (source-diff): Minified i18n locale bundle with Sentry debug ID; standard Vite build output for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-CodTfJR6.js | AI (source-diff): Minified i18n locale bundle with Sentry debug ID; standard Vite build output for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-BlOJQ7iZ.js | AI (source-diff): Minified i18n locale bundle with Sentry debug ID; standard Vite build output for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-B3fdlAsP.js | AI (source-diff): Minified i18n locale bundle with Sentry debug ID; standard Vite build output for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-DeVGTTeO.js | AI (source-diff): Minified Vite build output with Sentry debug IDs and i18n locale JSON; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-C0wzRs18.js | AI (source-diff): Minified Vite build output with Sentry debug IDs and i18n locale JSON; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-sDNpvadv.js | AI (source-diff): Minified Vite build output with Sentry debug IDs and i18n locale JSON; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-xv1T8Cru.js | AI (source-diff): Minified Vite build output with Sentry debug IDs and i18n locale JSON; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/es-ES-BkqlH093.js | AI (source-diff): Vite-bundled locale JSON file with Sentry debug ID; minified i18n bundle, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/de-DE-BmWBo3gX.js | AI (source-diff): Vite-bundled locale JSON file with Sentry debug ID; minified i18n bundle, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/da-DK-C_GqHCay.js | AI (source-diff): Vite-bundled locale JSON file with Sentry debug ID; minified i18n bundle, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cs-CZ-6rOIfRJu.js | AI (source-diff): Vite-bundled locale JSON file with Sentry debug ID; minified i18n bundle, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-dmpv4Zom.js | AI (source-diff): Vite-bundled locale JSON file with Sentry debug ID; minified i18n bundle, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/en-US-qlQTJNiL.js | AI (source-diff): Vite-bundled locale JSON file with Sentry debug ID; minified i18n bundle, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/el-GR-Fo7-xCrc.js | AI (source-diff): Vite-bundled locale JSON file with Sentry debug ID; minified i18n bundle, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cs-CZ-DR5Pfj3g.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cs-CZ-CmPmY5GZ.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-CRbKoTLs.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/bg-BG-DqRXdvRT.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/el-GR-DWM1mhuZ.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/el-GR-Bn45KMp-.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/de-DE-NMS4xBab.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/de-DE-KqZs1FFF.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/da-DK-DaINWU5x.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/da-DK-CG2NcTvu.js | AI (source-diff): Vite-bundled locale chunk with JSON translation strings and Sentry debug IDs; not obfuscated malware. | ai | |
| dependencies | unvetted-dep:@adyen/openbankingsdk | AI (dependencies): First-party Adyen-scoped package; stable dependency for this package. | ai | |
| dependencies | unvetted-dep:onfido-sdk-ui | AI (dependencies): onfido-sdk-ui is the standard Onfido document verification SDK; expected dependency for a KYC component library. | ai | |
| dependencies | unvetted-dep:container-query-polyfill | AI (dependencies): CSS container query polyfill; standard UI dependency. | ai | |
| dependencies | unvetted-dep:wouter-preact | AI (dependencies): Preact router; expected for a Preact-based component library. | ai | |
| dependencies | unvetted-dep:named-slots | AI (dependencies): Web component slot utility; consistent with custom-element-based KYC components. | ai | |
| dependencies | unvetted-dep:monogon | AI (dependencies): Utility library; consistent with UI component toolkit needs. | ai | |
| dependencies | unvetted-dep:@adyen/adyen-document-viewer | AI (dependencies): First-party Adyen-scoped package; stable dependency for this package. | ai | |
| provenance | no-provenance | AI (provenance): Established Adyen package published via GitHub Actions CI; provenance attestation not yet adopted but not a security concern here. | ai | |
| source-diff | obfuscated-file:dist/en-US-CJDkXFZ6.js | AI (source-diff): Vite-bundled locale JSON chunk with Sentry debug ID; plaintext i18n strings, not obfuscated malicious code. | ai | |
| source-diff | obfuscated-file:dist/en-US-CfazE4ht.js | AI (source-diff): Vite-bundled locale JSON chunk with Sentry debug ID; plaintext i18n strings, not obfuscated malicious code. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Large file count increase is consistent with Vite code-splitting across a major feature release for this established Adyen package. | ai | |
| source-diff | obfuscated-file:dist/en-US-DrUYyPhF.js | AI (source-diff): Vite-bundled locale JSON chunk with Sentry debug ID; plaintext i18n strings, not obfuscated malicious code. | ai | |
| source-diff | obfuscated-file:dist/en-US-CTbVLoNF.js | AI (source-diff): Vite-bundled locale JSON chunk with Sentry debug ID; plaintext i18n strings, not obfuscated malicious code. | ai | |
| phantom-deps | phantom-dep:@adyen/ui-assets-icons-16 | AI (phantom-deps): Same-org icon asset package; likely re-exported or used indirectly via CSS/build, not a security concern. | ai |
Versions (showing 28 of 28)
| Version | Deps | Published |
|---|---|---|
| 4.10.3 | 17 / 74 | |
| 4.10.2 | 17 / 74 | |
| 4.10.1 | 17 / 74 | |
| 4.10.0 | 17 / 74 | |
| 4.9.3 | 15 / 74 | |
| 4.9.2 | 15 / 74 | |
| 4.9.1 | 15 / 74 | |
| 4.9.0 | 15 / 74 | |
| 4.8.0 | 15 / 74 | |
| 4.7.2 | 15 / 77 | |
| 4.7.1 | 15 / 77 | |
| 4.6.3 | 14 / 76 | |
| 4.6.2 | 14 / 76 | |
| 4.6.1 | 14 / 76 | |
| 4.6.0 | 14 / 76 | |
| 4.5.2 | 14 / 76 | |
| 4.5.1 | 14 / 76 | |
| 4.5.0 | 14 / 76 | |
| 4.4.2 | 14 / 83 | |
| 4.4.1 | 14 / 83 | |
| 4.4.0 | 14 / 83 | |
| 4.3.1 | 14 / 83 | |
| 4.3.0 | 14 / 83 | |
| 4.2.0 | 14 / 80 | |
| 3.95.3 | 14 / 79 | |
| 3.95.2 | 14 / 79 | |
| 3.95.1 | 14 / 79 | |
| 3.95.0 | 14 / 79 |
v4.10.3
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.10.2
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.10.1
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.10.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.3
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.2
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.1
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.0
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.8.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.7.2
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.7.1
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.6.3
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.6.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.6.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.6.0
2 findings[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (vergilfromadyen) than the most recent previously approved version (GitHub Actions) on 2026-05-04, but vergilfromadyen is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v4.5.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v4.5.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v4.5.0
14 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.4.2
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.4.1
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.4.0
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.3.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v4.3.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v4.2.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.95.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.95.2
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v3.95.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v3.95.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.