@babylonjs/inspector
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:lib/quickCreateToolsService-eZ4MCuJ2.js | AI (source-diff): Same rollup bundle pattern; imports are all legitimate BabylonJS/FluentUI modules. | ai | |
| source-diff | net-exec-file:lib/index--oJsOVVX.js | AI (source-diff): Network calls and dynamic code (createElement/lazy) are standard React patterns in a bundled inspector UI, not dropper behavior. | ai | |
| source-diff | obfuscated-file:lib/index--oJsOVVX.js | AI (source-diff): Rollup-bundled ESM output; long lines are from bundling React/FluentUI, not obfuscation. | ai | |
| source-diff | obfuscated-file:lib/index-UoPnMkyH.js | AI (source-diff): Rollup-bundled output for BabylonJS inspector; long lines are minified legitimate UI code, not obfuscation. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-CXUBvaDf.js | AI (source-diff): Same Rollup bundle pattern; imports are all legitimate @babylonjs/* and @fluentui/* modules. | ai | |
| source-diff | net-exec-file:lib/index-UoPnMkyH.js | AI (source-diff): Network calls and dynamic code are standard React/BabylonJS inspector bundle patterns, not dropper behavior. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-CsYeZEW4.js | AI (source-diff): Minified rollup bundle; legitimate BabylonJS inspector code. | ai | |
| source-diff | net-exec-file:lib/index-DdsEjkFm.js | AI (source-diff): False positive on bundled UI library; no actual dropper behavior. | ai | |
| source-diff | obfuscated-file:lib/index-DdsEjkFm.js | AI (source-diff): Minified rollup bundle of React+FluentUI UI code; not obfuscation. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-8d6rBO-A.js | AI (source-diff): Rollup-bundled chunk with clear BabylonJS/FluentUI imports; minified but not obfuscated. | ai | |
| source-diff | net-exec-file:lib/index-PYblOaAV.js | AI (source-diff): Bundle contains React lazy/dynamic imports for inspector UI; no malicious network+exec pattern. | ai | |
| source-diff | obfuscated-file:lib/index-PYblOaAV.js | AI (source-diff): Rollup-bundled inspector UI; long lines are minified legitimate React/FluentUI code, not obfuscation. | ai | |
| source-diff | net-exec-file:lib/index-nEGqYbP2.js | AI (source-diff): Network calls and dynamic code (createElement/lazy) are standard React UI patterns in the BabylonJS inspector bundle. | ai | |
| source-diff | obfuscated-file:lib/index-nEGqYbP2.js | AI (source-diff): Rollup-bundled inspector UI; long lines are minified legitimate code, not obfuscation. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-_L22btR5.js | AI (source-diff): Same Rollup bundle pattern; imports are all from known @babylonjs/* and @fluentui/* packages. | ai | |
| source-diff | obfuscated-file:lib/index-Cav-eo60.js | AI (source-diff): Rollup-bundled UI library output; long lines are minified imports from known packages, not obfuscation. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-8EfpPJ2S.js | AI (source-diff): Same Rollup bundle pattern; imports from @babylonjs/core and @fluentui confirm legitimate minified output. | ai | |
| source-diff | net-exec-file:lib/index-Cav-eo60.js | AI (source-diff): Network calls and dynamic code (React lazy/createElement) are standard UI inspector bundle patterns, not dropper behavior. | ai | |
| source-diff | net-exec-file:lib/index-DYOMPcC7.js | AI (source-diff): Network calls and dynamic code are part of the inspector's legitimate UI bundle, not dropper behavior. | ai | |
| source-diff | obfuscated-file:lib/index-DYOMPcC7.js | AI (source-diff): Rollup-bundled inspector UI; long lines are minified React/FluentUI output, not obfuscation. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-7_2Rei48.js | AI (source-diff): Same Rollup bundle pattern; imports clearly reference @babylonjs/* and @fluentui/* packages. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-pBNUavZe.js | AI (source-diff): Rollup bundle importing from BabylonJS core; minification is expected, not obfuscation. | ai | |
| source-diff | obfuscated-file:lib/index-D0JXVQQf.js | AI (source-diff): Rollup bundle with readable named imports; minified line length is expected for this package. | ai | |
| source-diff | net-exec-file:lib/index-D0JXVQQf.js | AI (source-diff): React/Fluent UI bundle; network+exec pattern is a false positive for this inspector UI package. | ai | |
| source-diff | obfuscated-file:lib/index-BaFR1FRV.js | AI (source-diff): Rollup-bundled output of React/FluentUI/BabylonJS inspector UI; minification is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-DJ1GVvH-.js | AI (source-diff): Rollup-bundled BabylonJS service module; minification is expected. | ai | |
| source-diff | net-exec-file:lib/index-BaFR1FRV.js | AI (source-diff): Inspector UI bundle; network calls are for BabylonJS scene loading, not dropper behavior. | ai | |
| source-diff | obfuscated-file:lib/index-DB_fpb1t.js | AI (source-diff): Standard Rollup bundle output with readable ES module imports; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-DaBqYmZw.js | AI (source-diff): Standard Rollup bundle output importing @babylonjs and @fluentui packages; not obfuscated. | ai | |
| source-diff | net-exec-file:lib/index-DB_fpb1t.js | AI (source-diff): Bundled UI library code; network/exec pattern is from legitimate inspector tooling, not dropper malware. | ai | |
| source-diff | obfuscated-file:lib/index-DmfAhsIm.js | AI (source-diff): Rollup-bundled output for a large React/FluentUI inspector UI; minification is expected for this package. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-C38aK2nP.js | AI (source-diff): Rollup-bundled output; minification is expected for this package. | ai | |
| source-diff | net-exec-file:lib/index-DmfAhsIm.js | AI (source-diff): Bundled UI code; network calls and dynamic code (React createElement/lazy) are normal for this inspector package. | ai | |
| source-diff | net-exec-file:lib/index-FWuITINA.js | AI (source-diff): BabylonJS inspector bundle; network calls and dynamic code are part of the 3D engine inspector UI, not dropper behavior. | ai | |
| source-diff | obfuscated-file:lib/quickCreateToolsService-MzZbVrvr.js | AI (source-diff): Standard rollup bundle output for BabylonJS inspector; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:lib/index-FWuITINA.js | AI (source-diff): Standard rollup bundle output with readable ES module imports; not obfuscated malware. | ai | |
| semgrep | semgrep:silent-process-exec-var | AI (semgrep): Same SpawnBridge call; detached subprocess is the inspector bridge, not malicious code. | ai | |
| semgrep | semgrep:silent-process-exec | AI (semgrep): SpawnBridge spawns the bundled inspector-bridge.mjs as an IPC subprocess; legitimate inspector/debugger architecture for this package. | ai |
Versions (showing 24 of 24)
| Version | Deps | Published |
|---|---|---|
| 9.10.1 | 0 / 11 | |
| 9.10.0 | 0 / 11 | |
| 9.9.2 | 0 / 11 | |
| 9.9.1 | 0 / 11 | |
| 9.9.0 | 0 / 11 | |
| 9.8.0 | 0 / 11 | |
| 9.7.0 | 0 / 11 | |
| 9.6.2 | 0 / 11 | |
| 9.6.1 | 0 / 11 | |
| 9.6.0 | 0 / 11 | |
| 9.5.2 | 0 / 11 | |
| 9.5.1 | 0 / 11 | |
| 9.5.0 | 0 / 11 | |
| 9.4.1 | 0 / 11 | |
| 9.4.0 | 0 / 11 | |
| 9.3.4 | 0 / 11 | |
| 9.3.3 | 0 / 11 | |
| 9.3.2 | 0 / 11 | |
| 9.3.1 | 0 / 11 | |
| 9.3.0 | 0 / 11 | |
| 9.2.2 | 0 / 11 | |
| 9.2.1 | 0 / 11 | |
| 9.2.0 | 0 / 11 | |
| 9.1.0 | 0 / 9 |
v9.10.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.10.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.9.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.9.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.9.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.8.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.7.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.6.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.6.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.6.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.5.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.5.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.5.0
3 findingsSilent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/7a2d9659c349387421b6ecd7b231e4dcf7ddfc70/bin/inspector-cli.mjs#L4674 4672 | function SpawnBridge(bridgeScript) { 4673 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4674 | const child = spawn(process.execPath, [bridgePath], { 4675 | detached: true, 4676 | stdio: "ignore",
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/7a2d9659c349387421b6ecd7b231e4dcf7ddfc70/bin/inspector-cli.mjs#L4674 4672 | function SpawnBridge(bridgeScript) { 4673 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4674 | const child = spawn(process.execPath, [bridgePath], { 4675 | detached: true, 4676 | stdio: "ignore",
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v9.4.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.4.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.3.4
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.3.3
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.3.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.3.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.3.0
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/d04870c6cfcaaf134f8180fa5c1743630ba102e3/bin/inspector-cli.mjs#L4671 4669 | function SpawnBridge(bridgeScript) { 4670 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4671 | const child = spawn(process.execPath, [bridgePath], { 4672 | detached: true, 4673 | stdio: "ignore",
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/d04870c6cfcaaf134f8180fa5c1743630ba102e3/bin/inspector-cli.mjs#L4671 4669 | function SpawnBridge(bridgeScript) { 4670 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4671 | const child = spawn(process.execPath, [bridgePath], { 4672 | detached: true, 4673 | stdio: "ignore",
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.2.2
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/ccfa5454a2df9ec8e4e41536b1f59855030c0d53/bin/inspector-cli.mjs#L4671 4669 | function SpawnBridge(bridgeScript) { 4670 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4671 | const child = spawn(process.execPath, [bridgePath], { 4672 | detached: true, 4673 | stdio: "ignore",
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/ccfa5454a2df9ec8e4e41536b1f59855030c0d53/bin/inspector-cli.mjs#L4671 4669 | function SpawnBridge(bridgeScript) { 4670 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4671 | const child = spawn(process.execPath, [bridgePath], { 4672 | detached: true, 4673 | stdio: "ignore",
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.2.1
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/31ecaec2a28d904f0eb65b6a7d51d0591c27700e/bin/inspector-cli.mjs#L4671 4669 | function SpawnBridge(bridgeScript) { 4670 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4671 | const child = spawn(process.execPath, [bridgePath], { 4672 | detached: true, 4673 | stdio: "ignore",
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/31ecaec2a28d904f0eb65b6a7d51d0591c27700e/bin/inspector-cli.mjs#L4671 4669 | function SpawnBridge(bridgeScript) { 4670 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4671 | const child = spawn(process.execPath, [bridgePath], { 4672 | detached: true, 4673 | stdio: "ignore",
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.2.0
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/f5d1726dba9b8a625687ce1d6dc43da3ea54b4e4/bin/inspector-cli.mjs#L4671 4669 | function SpawnBridge(bridgeScript) { 4670 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4671 | const child = spawn(process.execPath, [bridgePath], { 4672 | detached: true, 4673 | stdio: "ignore",
Silent detached process — runs invisibly in the background (reverse shells, miners) Source: https://github.com/BabylonJS/Babylon.js/blob/f5d1726dba9b8a625687ce1d6dc43da3ea54b4e4/bin/inspector-cli.mjs#L4671 4669 | function SpawnBridge(bridgeScript) { 4670 | const bridgePath = bridgeScript ? resolve(bridgeScript) : join(dirname(fileURLToPath(import.meta.url)), "inspector-b > 4671 | const child = spawn(process.execPath, [bridgePath], { 4672 | detached: true, 4673 | stdio: "ignore",
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v9.1.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.