@arcgis/portal-components
ArcGIS Portal Components
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/cdn/2UO7DR73.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/TYMKJO7A.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/R7MBQJBF.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/PFKUDVEQ.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/NPL7ROT7.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/JIZ2DV5L.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/IIJHYORR.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/IFOML2PU.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/GO3Y7QXU.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/FB3JP5G7.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/62VFGIKX.js | AI (source-diff): Esri-copyrighted minified build output; standard for this ArcGIS component package. | ai | |
| source-diff | obfuscated-file:dist/cdn/IGDYOOKC.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/762KEMWP.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/BK6QGCI4.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/EZS6OS5R.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/F6RD73KH.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/MNXNXK5F.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/OPPJRZNG.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/PQHBXPF6.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/WXBFBNOK.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/6OPNLFXV.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/2G6UDE67.js | AI (source-diff): Esri-copyrighted minified build output; standard CDN bundle pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/G5E3A3V4.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/4QJVSOFA.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/4RXP7PMU.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/64HVP6W6.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/6YLRQTZE.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/DCANTIA6.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/EB34RX5F.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/ZJBHFAI7.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/YT5LP6UO.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/VHA7WGSJ.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/NYJSXNBW.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/4JEIEREG.js | AI (source-diff): Standard Esri minified build output with copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/ZXCVD5RK.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/Z2HUZVOG.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/URGEBM2D.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/UH527QP5.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/P2UR62XH.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/MEU2HT6O.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/72SHAKKT.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/62FX5TZT.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/4XM5LZIH.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/4X2DUKAS.js | AI (source-diff): Standard Esri minified build output with copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/CBAMTG7S.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/V2Z64XL7.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/SPDVZXMA.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/SCZ45RL3.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/RKW6IF7E.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/GYVCCZD5.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/CVKY4ZMK.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/C3GZVHJK.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/6MZGJT5V.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/5RYTTS53.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/3HS66WNA.js | AI (source-diff): Esri-copyrighted minified build output; standard chunk from ArcGIS SDK build pipeline. | ai | |
| source-diff | obfuscated-file:dist/cdn/2WSAGDQC.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/YU24TD2X.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/Y2OFRS7Z.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/UNAGOGU7.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/N5L4EVPQ.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/M44LFZBU.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/HNEHCL64.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/HM2UGZ3U.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/H4Z6MC7G.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/6373P2XJ.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/43K4N7BD.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/74CLBAIT.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/72CEG76J.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/4UHAGF5I.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/2K7T7P77.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/IST37TUS.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/HXZQOEVE.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/PRWTWXPA.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/TNYZLFYZ.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/VQLC3UTA.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/GFB23AMH.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/KUXWP7O4.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/3PZTW3VI.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/ZLATCBJC.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/XERYDLBK.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/U54VHMKM.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/SGSSE3VV.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/PJKAVQIV.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/JMFMJIWU.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/IITGTDFV.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/BMUH6A2Z.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/4RXZRRIP.js | AI (source-diff): Minified CDN bundle with Esri copyright; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/SDNWSKHP.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/VSBRMAWX.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/V7BQ43LU.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/UI6MSLI2.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/TDXYRDZZ.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/3BI4LD66.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/2ACEEWQD.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/CCF64C3P.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/CIDT6ZQI.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/IRYOTWE2.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/M7S2HGG2.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/5JF6Z3HL.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/AJPW4Z5G.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/F7RUE2YB.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/KFIUC3GJ.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/LCWPNZKW.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/QUPL6QGH.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/RSFKVQL6.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/S6OBQLFZ.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/XPRVKKBL.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/UZ5DC2UN.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/SPS4PWHS.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header. | ai | |
| source-diff | obfuscated-file:dist/cdn/RRSTU5UN.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/6WM2JQP4.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/ANNRIYHE.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/CSNYCEKN.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/DGUJ3EUC.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/H2ZDGAXJ.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/KUJ6FQMM.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/LEZAPRZ3.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/LQUI7X5M.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/VAC2B65D.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/ZXNTP6R4.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/2RARYWIS.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/YAVJ4EPU.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/WAGS7FIZ.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/UYR4AQ2K.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/U4FE5SLE.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/LARKBHK4.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/ENBU6RPT.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/DVY7DY6X.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/BHD6QXUD.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/6O5I5GEP.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/4L6UQ3LP.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with Esri copyright header; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cdn/AEUQUH3B.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/WXZJPQWN.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/SRISTBDI.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/SPEDBFLF.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/PELSZR77.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/P5SW2F7B.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/OUMRW67I.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/M26YDRQE.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/LAVBMHNR.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/AIYM4YNX.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/7QXKEISF.js | AI (source-diff): Esri-copyrighted minified bundle; standard CDN distribution pattern for @arcgis packages. | ai | |
| source-diff | obfuscated-file:dist/cdn/5W7K5WRD.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Major version bump (4.x -> 5.x); new files expected for new feature modules. | ai | |
| source-diff | obfuscated-file:dist/cdn/X2RWOZYZ.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/WM6RUUAI.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/UEC4T2ZL.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/PVLPB43B.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/JGYD6V2M.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/FX45WTQX.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/BTM7WBLX.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/ASFZANMP.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/A6IJP5DP.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/367KSSQF.js | AI (source-diff): Esri-copyrighted minified build output; standard for this package's CDN dist. | ai | |
| source-diff | obfuscated-file:dist/cdn/DTWZKLDH.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/Z3XVX43V.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/XMGODSX4.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/VEB52T72.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/TEQYJRLR.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/NG3HAE7G.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/HDG4P5VG.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/GAYJFQQU.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/G5JXBYGK.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/56VHV6R5.js | AI (source-diff): Esri-copyrighted minified component bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/7CAHYPUJ.js | AI (source-diff): Esri-copyrighted minified Lit/ArcGIS bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/2ER6WRC3.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle; consistent with this package's established distribution pattern. | ai | |
| source-diff | obfuscated-file:dist/cdn/RDO6FJHG.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/Q2LKZC5G.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/ODIWOGGX.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/L74OM3SY.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/KWVF7VLS.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/FG6JMHDF.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/DOWMDSLD.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/BATSFWRY.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/6UAIMT6D.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/6SK7OOIV.js | AI (source-diff): Standard Esri-copyrighted minified CDN bundle. | ai | |
| source-diff | obfuscated-file:dist/cdn/7JM6QFTL.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with canonical copyright header; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/Z246XXEI.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with canonical copyright header; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/W22Q2FQV.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with canonical copyright header; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/STEMT3NO.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with canonical copyright header; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/RN677ZOR.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with canonical copyright header; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/KFSIFN2S.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with canonical copyright header; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/DPP42KTT.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with canonical copyright header; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/5YW2K6RB.js | AI (source-diff): Standard Esri ArcGIS SDK minified build output with canonical copyright header; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/KG5EJ3JY.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/ZP7K7UJP.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/WDOVAYW4.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/SODMLPQK.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/QCAWPX5I.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/MHHHKH3A.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/KLUD2IBK.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/I4DLGBY3.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/GHG4DXQF.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/FXH7EKJH.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/362ZB76E.js | AI (source-diff): Esri-copyrighted minified bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/D7YULHUS.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| phantom-deps | phantom-dep:tslib | AI (phantom-deps): tslib is a known implicit runtime dependency for TypeScript-compiled packages; stable false positive. | ai | |
| source-diff | obfuscated-file:dist/cdn/VYTFP2CY.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/UZGQFAEF.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/TXWMD5XD.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/QCR2HU4H.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/N7LZAAV7.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/L6VKIEJC.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/56SJD3RZ.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/EEPAYW5V.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/DCLWN2NP.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai | |
| source-diff | obfuscated-file:dist/cdn/3N2XY7RN.js | AI (source-diff): Esri-copyrighted minified CDN bundle; standard build output for this package. | ai |
Versions (showing 20 of 20)
| Version | Deps | Published |
|---|---|---|
| 5.0.19 | 5 / 0 | |
| 5.0.18 | 5 / 0 | |
| 5.0.17 | 5 / 0 | |
| 5.0.16 | 5 / 0 | |
| 5.0.15 | 5 / 0 | |
| 5.0.14 | 5 / 0 | |
| 5.0.12 | 5 / 0 | |
| 5.0.11 | 5 / 0 | |
| 5.0.9 | 5 / 0 | |
| 5.0.8 | 5 / 0 | |
| 5.0.7 | 5 / 0 | |
| 5.0.6 | 5 / 0 | |
| 5.0.5 | 5 / 0 | |
| 5.0.4 | 5 / 0 | |
| 5.0.2 | 5 / 0 | |
| 5.0.1 | 5 / 0 | |
| 5.0.0 | 5 / 0 | |
| 4.34.9 | 5 / 0 | |
| 4.34.8 | 5 / 0 | |
| 4.34.7 | 5 / 0 |
v5.0.19
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.15
14 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: dan11669.
This version was published by a different npm account than previous versions on 2026-03-27. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.14
14 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: dan11669.
This version was published by a different npm account than previous versions on 2026-03-25. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.12
14 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: dan11669.
This version was published by a different npm account than previous versions on 2026-03-18. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.11
14 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: dan11669.
This version was published by a different npm account than previous versions on 2026-03-17. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.9
13 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: ffaubry.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.8
13 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: ffaubry.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.7
13 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: ffaubry.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.6
13 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: ffaubry.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.5
13 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: ffaubry.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.4
13 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: ffaubry.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.2
13 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: ffaubry.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.1
13 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: ffaubry.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.0
13 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: ffaubry.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.34.9
10 findingsThis version was published by a different npm account than previous versions on 2025-11-06. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.34.8
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v4.34.7
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.