← Home

@everymatrix/casino-challenge-details

npm
13
Versions
License
No
Install Scripts
Missing
Provenance

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures gitHead linked

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

clokzeoleksandr.v.stepanovtaras.maksymivnatalya.anisimovaemfe_releasemariana.gheorgheadrian.priponandriizadvirnyiraulvasileemstrulea.sebastianstefan.vladgoe.sutadragos.bodeamaria.bumbarstefanaotong.woodtikarncatalinpoclidcristi.ungureanuliviuclement.everymatrixmihaibalanfrankie24

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
maintainer-change maintainer-removed AI (maintainer-change): Internal @everymatrix team transition; publisher has extensive approved track record. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-8f737e06.js AI (source-diff): Stencil.js lazy-load bundle; minified but benign widget code. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-8c125023.js AI (source-diff): Standard Stencil.js CJS build output with readable source; not obfuscation. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-8f737e06.js AI (source-diff): ESM build output matching CJS counterpart; standard build artifact. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-7f9a94a9.js AI (source-diff): Standard Stencil.js CJS build artifact; content matches legitimate widget code. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-1ecbe310.js AI (source-diff): Standard Stencil.js minified build artifact; content is legitimate widget code. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-1ecbe310.js AI (source-diff): Standard Stencil.js ESM build artifact; unminified variant confirms legitimate widget code. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-1496580b.js AI (source-diff): Standard Stencil.js minified bundle; readable ESM counterpart confirms no obfuscation intent. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-1496580b.js AI (source-diff): Readable ESM build artifact with JSDoc; not obfuscated. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-c096ce9a.js AI (source-diff): Standard CJS build artifact matching ESM source; not obfuscated. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-a3f382a5.js AI (source-diff): Standard Stencil.js minified build output; readable logic, no malicious patterns. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-a3f382a5.js AI (source-diff): Standard Stencil.js minified build output; readable logic, no malicious patterns. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-0769d9f5.js AI (source-diff): Standard Stencil.js minified build output; readable logic, no malicious patterns. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details_5.entry.js AI (source-diff): Standard Stencil.js ESM minified build output; no malicious patterns. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-50bbf289.js AI (source-diff): Minified Stencil bundle with readable i18n strings and widget logic; not obfuscated malware. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-50bbf289.js AI (source-diff): ESM Stencil bundle with full JSDoc comments visible; standard build artifact. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-e98d928b.js AI (source-diff): CJS Stencil bundle with JSDoc comments; standard build artifact. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details_5.cjs.entry.js AI (source-diff): Standard Stencil.js minified build output with inlined SVG data URIs; not malicious obfuscation. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details_5.entry.js AI (source-diff): Standard Stencil.js minified build output; readable logic visible in samples. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-a4a5791f.js AI (source-diff): Standard Rollup/Stencil minified build output for this widget package; consistent across versions. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-a4a5791f.js AI (source-diff): Standard Rollup/Stencil minified build output for this widget package; consistent across versions. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-45d1afce.js AI (source-diff): Standard Rollup/Stencil minified build output for this widget package; consistent across versions. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-da7717b1.js AI (source-diff): Standard Rollup/Stencil minified build output; consistent with this package's established build pattern. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-da7717b1.js AI (source-diff): Standard Rollup/Stencil minified build output; consistent with this package's established build pattern. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-433a9f36.js AI (source-diff): Standard Rollup/Stencil minified build output; consistent with this package's established build pattern. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-b7aae25f.js AI (source-diff): Standard Stencil.js minified bundle; no malicious payload in samples. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-17a297f6.js AI (source-diff): Standard Stencil.js minified bundle; no malicious payload in samples. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-17a297f6.js AI (source-diff): Standard Stencil.js minified bundle; no malicious payload in samples. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-df1d40f7.js AI (source-diff): Standard Stencil.js CJS minified build output; no malicious content. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-252d9b9c.js AI (source-diff): Standard Stencil.js minified build output; consistent with all prior versions of this package. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-252d9b9c.js AI (source-diff): Standard Stencil.js ESM minified build output; no malicious content. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-4e26ab78.js AI (source-diff): Standard Stencil.js minified bundle; consistent with all prior @everymatrix widget releases. ai
source-diff obfuscated-file:dist/casino-challenge-details/index-30adf0cb.js AI (source-diff): Stencil runtime bundle; minified but benign, consistent with this package family. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-63ae2c71.js AI (source-diff): Standard Stencil.js CJS minified bundle; no malicious patterns. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-4e26ab78.js AI (source-diff): Standard Stencil.js ESM minified bundle; no malicious patterns. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-15b555ef.js AI (source-diff): Standard Rollup/Stencil minified bundle output; consistent with all prior @everymatrix widget releases. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-9620e5ea.js AI (source-diff): Standard Rollup/Stencil minified bundle output; consistent with all prior @everymatrix widget releases. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-9620e5ea.js AI (source-diff): Standard Rollup/Stencil minified bundle output; consistent with all prior @everymatrix widget releases. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-00cd9c3e.js AI (source-diff): Standard Stencil.js minified bundle for this widget family; not malicious obfuscation. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-7465690c.js AI (source-diff): Standard Stencil.js CJS minified bundle; readable source confirms no malicious content. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-00cd9c3e.js AI (source-diff): Standard Stencil.js ESM minified bundle; readable source confirms no malicious content. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-92840935.js AI (source-diff): Standard minified Stencil build output; consistent pattern across all @everymatrix widget packages. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-92840935.js AI (source-diff): Standard minified Stencil build output; consistent pattern across all @everymatrix widget packages. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-54898daf.js AI (source-diff): Standard minified Stencil build output; consistent pattern across all @everymatrix widget packages. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-6d8eeca9.js AI (source-diff): Standard Stencil.js minified build output; consistent with all prior @everymatrix widget packages. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-6d8eeca9.js AI (source-diff): Standard Stencil.js minified build output; consistent with all prior @everymatrix widget packages. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-3c309aa3.js AI (source-diff): Standard Stencil.js minified build output; consistent with all prior @everymatrix widget packages. ai
source-diff obfuscated-file:dist/casino-challenge-details/index-662208df.js AI (source-diff): Stencil runtime bundle; minified but recognizable Stencil.js internals, not obfuscated malware. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-97bf6e45.js AI (source-diff): Standard Stencil.js minified build artifact; consistent with established @everymatrix widget build pipeline. ai
source-diff obfuscated-file:dist/casino-challenge-details/index-a44346bc.js AI (source-diff): Stencil.js runtime bundle; minification is expected for this package family. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-cdbe115b.js AI (source-diff): Standard Stencil.js minified build artifact; consistent with established @everymatrix widget build pipeline. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-97bf6e45.js AI (source-diff): Standard Stencil.js minified build artifact; consistent with established @everymatrix widget build pipeline. ai
source-diff obfuscated-file:dist/casino-challenge-details/casino-challenge-details-26135f0c.js AI (source-diff): Standard minified browser bundle; readable logic, no malicious patterns. Stable for this package. ai
source-diff obfuscated-file:dist/esm/casino-challenge-details-26135f0c.js AI (source-diff): Standard minified ESM build artifact; readable logic, no malicious patterns. Stable for this package. ai
source-diff obfuscated-file:dist/cjs/casino-challenge-details-16fc391a.js AI (source-diff): Standard minified Stencil build artifact; readable logic, no malicious patterns. Stable for this package. ai
npm-metadata no-description AI (npm-metadata): Consistent pattern across 228 versions of this org's widget packages. ai
provenance no-provenance AI (provenance): No provenance is common; no other risk signals present. ai
bogus-package bogus-package AI (bogus-package): Scoped org widget package published via CI; sparse metadata is normal for this package family. ai

Versions (showing 13 of 132)

Version Deps Published
0.0.15 0 / 0
0.0.14 0 / 0
0.0.13 0 / 0
0.0.12 0 / 0
0.0.11 0 / 0
0.0.9 0 / 0
0.0.8 0 / 0
0.0.7 0 / 0
0.0.6 0 / 0
0.0.5 0 / 0
0.0.3 0 / 0
0.0.2 0 / 0
0.0.1 0 / 0

v0.0.15

4 findings
HIGH New obfuscated file: dist/cjs/casino-challenge-details-54898daf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/casino-challenge-details/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.14

4 findings
HIGH New obfuscated file: dist/cjs/casino-challenge-details-54898daf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/casino-challenge-details/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.13

4 findings
HIGH New obfuscated file: dist/cjs/casino-challenge-details-54898daf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/casino-challenge-details/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.12

4 findings
HIGH New obfuscated file: dist/cjs/casino-challenge-details-54898daf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/casino-challenge-details/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.11

4 findings
HIGH New obfuscated file: dist/cjs/casino-challenge-details-54898daf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/casino-challenge-details/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/esm/casino-challenge-details-92840935.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.9

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.8

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.7

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.6

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.5

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.3

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.2

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.0.1

1 finding
INFO No provenance attestation provenance

[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.