@eigenpal/docx-js-editor
A browser-based DOCX template editor with variable insertion support
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/PageSetupDialog-Z5LNVMSS.js | AI (source-diff): Standard minified React component output from tsup/Vite build; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/layout-bridge-I2ONE3NP.js | AI (source-diff): Standard minified module re-export from tsup/Vite build; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-IGYS5KMK.cjs | AI (source-diff): Readable React dialog component bundled by tsup; no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-VGV4E4SN.cjs | AI (source-diff): Readable React dialog component bundled by tsup; no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-BC6JIPDA.cjs | AI (source-diff): Readable React dialog component bundled by tsup; no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-WRM47JI6.cjs | AI (source-diff): Readable React dialog component bundled by tsup; no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-TNVJJCY6.mjs | AI (source-diff): Standard tsup minified ESM React component bundle; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/layout-bridge-X2ZIJPSJ.js | AI (source-diff): Standard tsup minified re-export bridge; readable Object.defineProperty exports, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/layout-bridge-EA4DJ227.js | AI (source-diff): Standard minified re-export bridge; readable Object.defineProperty exports pattern. | ai | |
| source-diff | net-exec-file:dist/chunk-QDNL7NWN.cjs | AI (source-diff): File is a Node.js process.nextTick polyfill bundled with stream/buffer utilities; no actual network+exec payload. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-2YXRAGZS.js | AI (source-diff): Standard minified React/JSX bundle output; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-T7D4HSVP.js | AI (source-diff): Standard minified React/JSX bundle output; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/SplitCellDialog-JIAC3RYV.js | AI (source-diff): Standard minified React/JSX bundle output; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-O34QEDC6.js | AI (source-diff): Standard minified React/JSX bundle output; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/layout-bridge-ZFYLUXGA.js | AI (source-diff): Standard minified re-export barrel file; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-HG4K3IE7.js | AI (source-diff): Standard minified React/JSX bundle output; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-XQ7NIFIU.js | AI (source-diff): Standard minified React/JSX bundle output; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/layout-bridge-7CQO57LW.js | AI (source-diff): Standard bundler minification; exports layout utility functions with readable names. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-KYEJRJ6T.js | AI (source-diff): Standard bundler minification of React UI component; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-2SKHDRTF.js | AI (source-diff): Minified React dialog component; fully readable in sample. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-YYIZU5U6.js | AI (source-diff): Minified React dialog component; no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/react.js | AI (source-diff): Minified bundler output for React entry point; standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-STZOGHJB.js | AI (source-diff): Minified React dialog component; no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-ZZTFPZKJ.js | AI (source-diff): Minified React dialog component; no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-GJMGLM6G.js | AI (source-diff): Minified React dialog component; no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-DQ4JWS4F.js | AI (source-diff): Minified React dialog component; no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/mcp-reexport.js | AI (source-diff): MCP tool handler for DOCX load/save; minified but clearly legitimate. | ai | |
| source-diff | obfuscated-file:dist/headless-reexport.js | AI (source-diff): Minified bundler output for headless API; legitimate word-count/text-extraction utilities. | ai | |
| source-diff | obfuscated-file:dist/core-reexport.js | AI (source-diff): Standard minified bundler output re-exporting editor classes; no obfuscation. | ai | |
| source-diff | net-exec-file:dist/chunk-IFPN3NT3.js | AI (source-diff): Sample is a process.nextTick/Buffer polyfill bundle, not a dropper; stable false positive for this build artifact. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-25VWLTZN.js | AI (source-diff): Standard bundler minification of React UI component; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/SplitCellDialog-JAO6R43V.js | AI (source-diff): Standard bundler minification of React UI component; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-USTWIQLD.js | AI (source-diff): Standard bundler minification of React UI component; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/layout-bridge-4WYL5QOA.js | AI (source-diff): Standard bundler output re-exporting named functions; no obfuscation or malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-FWTDJUBF.js | AI (source-diff): Standard bundler minification of React UI component; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-WCCDHDEE.js | AI (source-diff): Standard bundler minification of React UI component; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-JYDHU673.js | AI (source-diff): Standard bundler minification of React UI component; readable logic, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-RLMYJ3BA.cjs | AI (source-diff): Minified React dialog component; readable page setup UI, not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-IMVI7EXA.cjs | AI (source-diff): Standard tsup bundler output of React dialog component; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-V3YOIJCV.cjs | AI (source-diff): Standard tsup bundler output of React dialog component; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/ui.d.ts | AI (source-diff): TypeScript declaration file; long lines from type exports, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/ui.js | AI (source-diff): ESM re-export barrel file from tsup build; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-P7WN2ALR.js | AI (source-diff): ESM bundler output of React dialog component; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-CJYJ35PI.js | AI (source-diff): ESM bundler output of React dialog component; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-HG4267LR.js | AI (source-diff): ESM bundler output of React dialog component; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-CUQXUBQN.cjs | AI (source-diff): Standard tsup bundler output of React dialog component; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-YS4KJRN7.cjs | AI (source-diff): Standard tsup bundler output of React dialog component; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-ZK5WFBRC.cjs | AI (source-diff): Readable React dialog component, minified by bundler. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-KMOYHPGF.cjs | AI (source-diff): Readable React dialog component, minified by bundler. | ai | |
| source-diff | obfuscated-file:dist/core.cjs | AI (source-diff): Standard tsup/vite minified bundle output; no obfuscation, just single-line minification. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-OBQXOBJE.cjs | AI (source-diff): Readable React dialog component, minified by bundler. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-LU44RDIY.cjs | AI (source-diff): Readable React dialog component, minified by bundler. | ai | |
| source-diff | obfuscated-file:dist/react.cjs | AI (source-diff): Standard bundler minification; React component re-exports visible in sample. | ai | |
| source-diff | obfuscated-file:dist/core-reexport.cjs | AI (source-diff): Standard bundler minification output; readable re-export barrel file. | ai | |
| source-diff | obfuscated-file:dist/headless-reexport.cjs | AI (source-diff): Standard bundler minification output; readable headless API re-exports. | ai | |
| source-diff | obfuscated-file:dist/mcp-reexport.cjs | AI (source-diff): Standard bundler minification; MCP tool definitions visible in sample. | ai | |
| source-diff | obfuscated-file:dist/ui.cjs | AI (source-diff): Standard bundler minification output for UI entry point. | ai | |
| source-diff | obfuscated-file:dist/ui.d.cts | AI (source-diff): Type declaration file; long lines are normal for generated .d.ts. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-DO5DCAW6.cjs | AI (source-diff): Readable React dialog component in sample; minified by bundler. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-UYXYHSP4.cjs | AI (source-diff): Readable React dialog component in sample; minified by bundler. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-V6SVKINO.cjs | AI (source-diff): Readable React dialog component in sample; minified by bundler. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-A36OXG3A.cjs | AI (source-diff): Standard bundler minification output for dialog component. | ai | |
| source-diff | net-exec-file:dist/chunk-XQNCLN4T.cjs | AI (source-diff): Sample shows process.nextTick polyfill + Node stream/buffer shims; no network calls or dynamic eval. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-JAFGHPGO.js | AI (source-diff): Standard minified React/Vite build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-YRMC2D3P.mjs | AI (source-diff): Standard minified ESM build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-2HXYNQ55.mjs | AI (source-diff): Standard minified ESM build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-ZTVAQ7VU.mjs | AI (source-diff): Standard minified ESM build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-7DWRJ63B.mjs | AI (source-diff): Standard minified ESM build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-SYEIUCZJ.mjs | AI (source-diff): Standard minified ESM build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-LXQRI2O7.js | AI (source-diff): Standard minified React/Vite build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/SplitCellDialog-57HLSSZZ.js | AI (source-diff): Standard minified React/Vite build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-FWC54EDC.js | AI (source-diff): Standard minified React/Vite build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-LHLBLRW4.js | AI (source-diff): Standard minified React/Vite build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-S42D4D2U.js | AI (source-diff): Standard minified React/Vite build output; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-OZDD6XE7.js | AI (source-diff): Standard minified React component bundle; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-XSCBBKCD.mjs | AI (source-diff): Standard minified ESM React component; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-ZWCZLCHQ.mjs | AI (source-diff): Standard minified ESM React component; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-TLENOYIW.mjs | AI (source-diff): Standard minified ESM React component; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-XDOHEQUB.mjs | AI (source-diff): Standard minified ESM React component; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-7NXCM7UW.mjs | AI (source-diff): Standard minified ESM React component; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-RFQRFODQ.js | AI (source-diff): Standard minified React component bundle; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/SplitCellDialog-VQ4AYXCZ.js | AI (source-diff): Standard minified React component bundle; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-Y6VIVNYG.js | AI (source-diff): Standard minified React component bundle; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-EP6NYNZR.js | AI (source-diff): Standard minified React component bundle; content is readable dialog UI code. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-OTIAPIWS.js | AI (source-diff): Standard minified React component bundle; content is readable dialog UI code, not obfuscated malware. | ai | |
| provenance | publisher-changed | AI (provenance): Publisher changed to GitHub Actions with SLSA provenance attestation; consistent with CI/CD automation. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-FO64RBIY.js | AI (source-diff): Standard minified bundler output; readable React dialog component with no malicious patterns. | ai | |
| source-diff | large-new-source-files | AI (source-diff): New files are dialog UI components matching legitimate feature additions in a docx editor. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-ZR3CIOOD.mjs | AI (source-diff): Standard minified bundler output; ESM variant of same React dialog component. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-RCGZ2DA6.mjs | AI (source-diff): Standard minified bundler output; ESM variant of same React dialog component. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-EZEQNTPL.mjs | AI (source-diff): Standard minified bundler output; ESM variant of same React dialog component. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-Y7ZTUSJS.mjs | AI (source-diff): Standard minified bundler output; ESM variant of same React dialog component. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-7QIFQKTJ.mjs | AI (source-diff): Standard minified bundler output; ESM variant of same React dialog component. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-J4SBWOLP.js | AI (source-diff): Standard minified bundler output; readable React dialog component with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/SplitCellDialog-UWHSCKJH.js | AI (source-diff): Standard minified bundler output; readable React dialog component with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-XI6S4SFR.js | AI (source-diff): Standard minified bundler output; readable React dialog component with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-D2DKSQDN.js | AI (source-diff): Standard minified bundler output; readable React dialog component with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-FRQY4KC2.js | AI (source-diff): Standard minified bundler output; readable React dialog component with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-ZWYGYXVR.js | AI (source-diff): Standard minified React bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-7HD2NKWC.mjs | AI (source-diff): Standard minified ESM bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-EUB5SQUL.mjs | AI (source-diff): Standard minified ESM bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-ZXSMAO5F.mjs | AI (source-diff): Standard minified ESM bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/ImagePositionDialog-VUTWP46M.mjs | AI (source-diff): Standard minified ESM bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-X32KGRF3.mjs | AI (source-diff): Standard minified ESM bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/TablePropertiesDialog-TOZZSZ46.js | AI (source-diff): Standard minified React bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/SplitCellDialog-GMO43NDE.js | AI (source-diff): Standard minified React bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/PageSetupDialog-5PAADHAA.js | AI (source-diff): Standard minified React bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/ImagePropertiesDialog-DJ5ND6MS.js | AI (source-diff): Standard minified React bundle output; readable UI component code, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/FootnotePropertiesDialog-JSOQA26C.js | AI (source-diff): Standard minified React bundle output; readable UI component code, not obfuscation. | ai |
Versions (showing 44 of 44)
| Version | Deps | Published |
|---|---|---|
| 0.5.3 | 3 / 9 | |
| 0.5.2 | 3 / 9 | |
| 0.5.1 | 3 / 9 | |
| 0.5.0 | 3 / 9 | |
| 0.4.3 | 3 / 9 | |
| 0.4.2 | 3 / 9 | |
| 0.4.1 | 3 / 9 | |
| 0.4.0 | 3 / 9 | |
| 0.3.1 | 12 / 0 | |
| 0.3.0 | 12 / 0 | |
| 0.2.0 | 12 / 0 | |
| 0.1.1 | 12 / 0 | |
| 0.1.0 | 12 / 0 | |
| 0.0.35 | 12 / 0 | |
| 0.0.34 | 12 / 0 | |
| 0.0.33 | 12 / 0 | |
| 0.0.32 | 12 / 0 | |
| 0.0.31 | 11 / 0 | |
| 0.0.30 | 11 / 0 | |
| 0.0.29 | 11 / 0 | |
| 0.0.28 | 11 / 0 | |
| 0.0.27 | 11 / 0 | |
| 0.0.26 | 11 / 0 | |
| 0.0.25 | 11 / 0 | |
| 0.0.24 | 11 / 0 | |
| 0.0.23 | 11 / 0 | |
| 0.0.22 | 11 / 0 | |
| 0.0.21 | 10 / 0 | |
| 0.0.17 | 3 / 0 | |
| 0.0.16 | 14 / 27 | |
| 0.0.15 | 6 / 35 | |
| 0.0.14 | 6 / 35 | |
| 0.0.13 | 6 / 35 | |
| 0.0.12 | 14 / 25 | |
| 0.0.11 | 14 / 25 | |
| 0.0.10 | 14 / 25 | |
| 0.0.9 | 14 / 25 | |
| 0.0.8 | 14 / 25 | |
| 0.0.7 | 13 / 25 | |
| 0.0.6 | 13 / 25 | |
| 0.0.5 | 13 / 25 | |
| 0.0.4 | 13 / 25 | |
| 0.0.3 | 13 / 25 | |
| 0.0.2 | 15 / 25 |
v0.5.3
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.2
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.1
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.0
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.3
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.2
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.1
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.0
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.1
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.0
13 findingsThis version was published by a different npm account than previous versions on 2026-04-26. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.0.35
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.34
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.33
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.32
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.31
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.30
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.29
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.28
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.27
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.26
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.25
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.24
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.23
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.22
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.21
12 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.17
13 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.16
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.15
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.14
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.13
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.12
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.11
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.10
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.9
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.8
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.7
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.