@everymatrix/casino-challenge-details
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-da7717b1.js | AI (source-diff): Standard Rollup/Stencil minified build output; consistent with this package's established build pattern. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-433a9f36.js | AI (source-diff): Standard Rollup/Stencil minified build output; consistent with this package's established build pattern. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-da7717b1.js | AI (source-diff): Standard Rollup/Stencil minified build output; consistent with this package's established build pattern. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-b7aae25f.js | AI (source-diff): Standard Stencil.js minified bundle; no malicious payload in samples. | ai | |
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-17a297f6.js | AI (source-diff): Standard Stencil.js minified bundle; no malicious payload in samples. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-17a297f6.js | AI (source-diff): Standard Stencil.js minified bundle; no malicious payload in samples. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-252d9b9c.js | AI (source-diff): Standard Stencil.js minified build output; consistent with all prior versions of this package. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-df1d40f7.js | AI (source-diff): Standard Stencil.js CJS minified build output; no malicious content. | ai | |
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-252d9b9c.js | AI (source-diff): Standard Stencil.js ESM minified build output; no malicious content. | ai | |
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-4e26ab78.js | AI (source-diff): Standard Stencil.js ESM minified bundle; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/index-30adf0cb.js | AI (source-diff): Stencil runtime bundle; minified but benign, consistent with this package family. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-4e26ab78.js | AI (source-diff): Standard Stencil.js minified bundle; consistent with all prior @everymatrix widget releases. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-63ae2c71.js | AI (source-diff): Standard Stencil.js CJS minified bundle; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-15b555ef.js | AI (source-diff): Standard Rollup/Stencil minified bundle output; consistent with all prior @everymatrix widget releases. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-9620e5ea.js | AI (source-diff): Standard Rollup/Stencil minified bundle output; consistent with all prior @everymatrix widget releases. | ai | |
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-9620e5ea.js | AI (source-diff): Standard Rollup/Stencil minified bundle output; consistent with all prior @everymatrix widget releases. | ai | |
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-00cd9c3e.js | AI (source-diff): Standard Stencil.js ESM minified bundle; readable source confirms no malicious content. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-00cd9c3e.js | AI (source-diff): Standard Stencil.js minified bundle for this widget family; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-7465690c.js | AI (source-diff): Standard Stencil.js CJS minified bundle; readable source confirms no malicious content. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-54898daf.js | AI (source-diff): Standard minified Stencil build output; consistent pattern across all @everymatrix widget packages. | ai | |
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-92840935.js | AI (source-diff): Standard minified Stencil build output; consistent pattern across all @everymatrix widget packages. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-92840935.js | AI (source-diff): Standard minified Stencil build output; consistent pattern across all @everymatrix widget packages. | ai | |
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-6d8eeca9.js | AI (source-diff): Standard Stencil.js minified build output; consistent with all prior @everymatrix widget packages. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-3c309aa3.js | AI (source-diff): Standard Stencil.js minified build output; consistent with all prior @everymatrix widget packages. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-6d8eeca9.js | AI (source-diff): Standard Stencil.js minified build output; consistent with all prior @everymatrix widget packages. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/index-662208df.js | AI (source-diff): Stencil runtime bundle; minified but recognizable Stencil.js internals, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-97bf6e45.js | AI (source-diff): Standard Stencil.js minified build artifact; consistent with established @everymatrix widget build pipeline. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/index-a44346bc.js | AI (source-diff): Stencil.js runtime bundle; minification is expected for this package family. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-cdbe115b.js | AI (source-diff): Standard Stencil.js minified build artifact; consistent with established @everymatrix widget build pipeline. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-97bf6e45.js | AI (source-diff): Standard Stencil.js minified build artifact; consistent with established @everymatrix widget build pipeline. | ai | |
| source-diff | obfuscated-file:dist/casino-challenge-details/casino-challenge-details-26135f0c.js | AI (source-diff): Standard minified browser bundle; readable logic, no malicious patterns. Stable for this package. | ai | |
| source-diff | obfuscated-file:dist/esm/casino-challenge-details-26135f0c.js | AI (source-diff): Standard minified ESM build artifact; readable logic, no malicious patterns. Stable for this package. | ai | |
| source-diff | obfuscated-file:dist/cjs/casino-challenge-details-16fc391a.js | AI (source-diff): Standard minified Stencil build artifact; readable logic, no malicious patterns. Stable for this package. | ai | |
| npm-metadata | no-description | AI (npm-metadata): Consistent pattern across 228 versions of this org's widget packages. | ai | |
| provenance | no-provenance | AI (provenance): No provenance is common; no other risk signals present. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Scoped org widget package published via CI; sparse metadata is normal for this package family. | ai |
Versions (showing 51 of 113)
| Version | Deps | Published |
|---|---|---|
| 0.17.29 | 0 / 0 | |
| 0.17.28 | 0 / 0 | |
| 0.17.27 | 0 / 0 | |
| 0.17.26 | 0 / 0 | |
| 0.17.25 | 0 / 0 | |
| 0.17.24 | 0 / 0 | |
| 0.17.23 | 0 / 0 | |
| 0.17.22 | 0 / 0 | |
| 0.17.21 | 0 / 0 | |
| 0.17.20 | 0 / 0 | |
| 0.17.19 | 0 / 0 | |
| 0.17.18 | 0 / 0 | |
| 0.17.17 | 0 / 0 | |
| 0.17.16 | 0 / 0 | |
| 0.17.15 | 0 / 0 | |
| 0.17.9 | 0 / 0 | |
| 0.17.8 | 0 / 0 | |
| 0.17.7 | 0 / 0 | |
| 0.17.6 | 0 / 0 | |
| 0.17.5 | 0 / 0 | |
| 0.17.4 | 0 / 0 | |
| 0.17.3 | 0 / 0 | |
| 0.17.2 | 0 / 0 | |
| 0.17.1 | 0 / 0 | |
| 0.17.0 | 0 / 0 | |
| 0.16.15 | 0 / 0 | |
| 0.16.14 | 0 / 0 | |
| 0.16.13 | 0 / 0 | |
| 0.16.12 | 0 / 0 | |
| 0.16.11 | 0 / 0 | |
| 0.16.10 | 0 / 0 | |
| 0.16.9 | 0 / 0 | |
| 0.16.8 | 0 / 0 | |
| 0.16.7 | 0 / 0 | |
| 0.16.6 | 0 / 0 | |
| 0.16.5 | 0 / 0 | |
| 0.16.4 | 0 / 0 | |
| 0.16.3 | 0 / 0 | |
| 0.16.2 | 0 / 0 | |
| 0.16.1 | 0 / 0 | |
| 0.16.0 | 0 / 0 | |
| 0.15.8 | 0 / 0 | |
| 0.15.7 | 0 / 0 | |
| 0.15.6 | 0 / 0 | |
| 0.15.4 | 0 / 0 | |
| 0.15.3 | 0 / 0 | |
| 0.15.2 | 0 / 0 | |
| 0.15.1 | 0 / 0 | |
| 0.15.0 | 0 / 0 | |
| 0.14.2 | 0 / 0 | |
| 0.14.1 | 0 / 0 |
v0.17.29
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.28
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.27
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.26
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.25
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.24
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.23
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.22
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (goe.suta) than the most recent previously approved version (adrian.pripon) on 2026-06-01, but goe.suta is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v0.17.21
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (goe.suta) than the most recent previously approved version (adrian.pripon) on 2026-06-01, but goe.suta is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v0.17.20
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (goe.suta) than the most recent previously approved version (adrian.pripon) on 2026-05-29, but goe.suta is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v0.17.19
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (goe.suta) than the most recent previously approved version (adrian.pripon) on 2026-05-28, but goe.suta is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v0.17.18
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (goe.suta) than the most recent previously approved version (adrian.pripon) on 2026-05-28, but goe.suta is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v0.17.17
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (goe.suta) than the most recent previously approved version (adrian.pripon) on 2026-05-27, but goe.suta is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v0.17.16
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (goe.suta) than the most recent previously approved version (adrian.pripon) on 2026-05-26, but goe.suta is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v0.17.15
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (goe.suta) than the most recent previously approved version (adrian.pripon) on 2026-05-26, but goe.suta is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v0.17.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.7
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.6
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.5
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.4
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.3
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.17.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.15
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.14
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.13
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.12
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.11
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.10
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.9
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.8
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.7
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.6
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.5
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.16.2
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.15.8
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.15.4
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.14.2
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.