@everymatrix/lottery-tipping-ticket-controller
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-a62bd4e8.js | AI (source-diff): Standard Stencil.js minified build output; consistent pattern across all versions of this package. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-71cc1f83.js | AI (source-diff): Standard Stencil.js minified build output; consistent pattern across all versions of this package. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-71cc1f83.js | AI (source-diff): Standard Stencil.js minified build output; consistent pattern across all versions of this package. | ai | |
| source-diff | net-exec-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-d705ad02.js | AI (source-diff): fetch() loads user-supplied CSS URL; innerHTML sets styles. Documented widget theming pattern, not dropper malware. | ai | |
| source-diff | net-exec-file:dist/esm/lottery-tipping-ticket-controller-d705ad02.js | AI (source-diff): fetch() loads user-supplied CSS URL; innerHTML sets styles. Documented widget theming pattern, not dropper malware. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-0ac12c3a.js | AI (source-diff): Standard Stencil.js minified build output; not malicious obfuscation. | ai | |
| source-diff | net-exec-file:dist/cjs/lottery-tipping-ticket-controller-0ac12c3a.js | AI (source-diff): fetch() loads user-supplied CSS URL; innerHTML sets styles. Documented widget theming pattern, not dropper malware. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-d705ad02.js | AI (source-diff): Standard Stencil.js minified build output; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-d705ad02.js | AI (source-diff): Standard Stencil.js minified build output; not malicious obfuscation. | ai | |
| source-diff | net-exec-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-d4128bfe.js | AI (source-diff): Same framework-level network/exec pattern as other dist files; not malicious. | ai | |
| source-diff | net-exec-file:dist/esm/lottery-tipping-ticket-controller-d4128bfe.js | AI (source-diff): Framework-level Promise/fetch usage in minified ESM bundle; not malicious. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-d4128bfe.js | AI (source-diff): Standard minified ESM build artifact; same pattern as CJS counterpart. | ai | |
| source-diff | net-exec-file:dist/cjs/lottery-tipping-ticket-controller-2ef33643.js | AI (source-diff): Network/Promise usage is Lit/Stencil framework internals, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-2ef33643.js | AI (source-diff): Standard minified Stencil/Lit build output; consistent pattern across all versions of this package. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-d4128bfe.js | AI (source-diff): Third distribution format of the same minified build; consistent with package structure. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-15f47527.js | AI (source-diff): Standard Stencil.js CJS build output with readable utility functions; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/index-e3ec645c.js | AI (source-diff): Standard Stencil.js minified build output; consistent with all prior versions of this widget package. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-cdb985e7.js | AI (source-diff): Standard Stencil.js ESM build output; consistent with this package's build pattern. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-cdb985e7.js | AI (source-diff): Minified Stencil.js component bundle with i18n strings and CSS helpers; not malicious. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-b87c30f7.js | AI (source-diff): CJS variant of the same bundled component code. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-7a6a1ebd.js | AI (source-diff): Bundled Vaadin/Lit component code; minified but not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-7a6a1ebd.js | AI (source-diff): Same bundle in lazy-load dist format; stable pattern. | ai | |
| source-diff | net-exec-file:dist/cjs/lottery-tipping-ticket-controller-f9e9a7e5.js | AI (source-diff): CJS variant of the same minified Stencil build; false positive. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-f9e9a7e5.js | AI (source-diff): CJS variant of the same minified Stencil build; false positive. | ai | |
| source-diff | net-exec-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-994769e7.js | AI (source-diff): Same minified Stencil build artifact; false positive. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-994769e7.js | AI (source-diff): Same minified Stencil build artifact; false positive. | ai | |
| source-diff | net-exec-file:dist/esm/lottery-tipping-ticket-controller-994769e7.js | AI (source-diff): Network calls and dynamic code are normal UI component patterns; no dropper behavior evident. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-994769e7.js | AI (source-diff): Standard Stencil/Rollup minified build output; not obfuscated malware. | ai | |
| source-diff | net-exec-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-e914932b.js | AI (source-diff): Network calls are CSS fetch helpers; dynamic code execution is innerHTML for styles only — benign widget pattern. | ai | |
| source-diff | net-exec-file:dist/esm/lottery-tipping-ticket-controller-e914932b.js | AI (source-diff): Network calls are CSS fetch helpers; dynamic code execution is innerHTML for styles only — benign widget pattern. | ai | |
| source-diff | net-exec-file:dist/cjs/lottery-tipping-ticket-controller-1e79780d.js | AI (source-diff): Network calls are CSS fetch helpers; dynamic code execution is innerHTML for styles only — benign widget pattern. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-e914932b.js | AI (source-diff): Standard minified Stencil.js build output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-e914932b.js | AI (source-diff): Standard minified Stencil.js build output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-1e79780d.js | AI (source-diff): Standard minified Stencil.js build output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-59ee8536.js | AI (source-diff): Minified Stencil/Vaadin/Lit bundle with recognizable license headers; normal build artifact. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-f0d23f7a.js | AI (source-diff): Minified Stencil/Vaadin/Lit bundle with recognizable license headers; normal build artifact. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-f0d23f7a.js | AI (source-diff): Minified Stencil/Vaadin/Lit bundle with recognizable license headers; normal build artifact. | ai | |
| source-diff | net-exec-file:dist/cjs/lottery-tipping-ticket-controller-59ee8536.js | AI (source-diff): Network calls and dynamic customElements.define are standard Stencil web component patterns, not dropper behavior. | ai | |
| source-diff | net-exec-file:dist/esm/lottery-tipping-ticket-controller-f0d23f7a.js | AI (source-diff): Network calls and dynamic customElements.define are standard Stencil web component patterns, not dropper behavior. | ai | |
| source-diff | net-exec-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-f0d23f7a.js | AI (source-diff): Network calls and dynamic customElements.define are standard Stencil web component patterns, not dropper behavior. | ai | |
| source-diff | net-exec-file:dist/esm/lottery-tipping-ticket-controller-e9556266.js | AI (source-diff): UI component bundle with fetch + customElements.define; not malicious. | ai | |
| source-diff | net-exec-file:dist/cjs/lottery-tipping-ticket-controller-7b844365.js | AI (source-diff): UI component bundle with fetch + customElements.define; not malicious. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-e9556266.js | AI (source-diff): Minified bundle with Vaadin/Lit license headers; build artifact. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-e9556266.js | AI (source-diff): Minified bundle with Vaadin/Lit license headers; build artifact. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-7b844365.js | AI (source-diff): Minified bundle with Vaadin/Lit license headers; build artifact. | ai | |
| source-diff | net-exec-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-e9556266.js | AI (source-diff): UI component bundle with fetch + customElements.define; not malicious. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/general-tooltip_7.entry.js | AI (source-diff): Minified StencilJS build output; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/esm/general-tooltip_7.entry.js | AI (source-diff): Minified StencilJS build output; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/cjs/general-tooltip_7.cjs.entry.js | AI (source-diff): Minified StencilJS build output; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-2d4fe12d.js | AI (source-diff): Standard Stencil/Rollup minified build output for this component package. | ai | |
| source-diff | net-exec-file:dist/cjs/lottery-tipping-ticket-controller-3b1e9667.js | AI (source-diff): Network calls are component API fetches; dynamic code is date-fns/Stencil runtime — no dropper pattern. | ai | |
| source-diff | net-exec-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-2d4fe12d.js | AI (source-diff): Network calls are component API fetches; dynamic code is date-fns/Stencil runtime — no dropper pattern. | ai | |
| source-diff | net-exec-file:dist/esm/lottery-tipping-ticket-controller-2d4fe12d.js | AI (source-diff): Network calls are component API fetches; dynamic code is date-fns/Stencil runtime — no dropper pattern. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-3b1e9667.js | AI (source-diff): Standard Stencil/Rollup minified build output for this component package. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-2d4fe12d.js | AI (source-diff): Standard Stencil/Rollup minified build output for this component package. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/general-tooltip_8.entry.js | AI (source-diff): Standard Stencil/Rollup minified build output for this component package. | ai | |
| source-diff | obfuscated-file:dist/esm/general-tooltip_8.entry.js | AI (source-diff): Standard Stencil/Rollup minified build output for this component package. | ai | |
| source-diff | obfuscated-file:dist/cjs/general-tooltip_8.cjs.entry.js | AI (source-diff): Standard Stencil/Rollup minified build output for this component package. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-b89883ee.js | AI (source-diff): Standard Rollup/Stencil minified build output; readable logic visible in samples, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-12ffe9b9.js | AI (source-diff): Standard Rollup/Stencil minified build output; readable logic visible in samples, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-12ffe9b9.js | AI (source-diff): Standard Rollup/Stencil minified build output; readable logic visible in samples, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-ce598555.js | AI (source-diff): Third format of the same minified bundle; legitimate build output. | ai | |
| source-diff | net-exec-file:dist/lottery-tipping-ticket-controller/lottery-tipping-ticket-controller-ce598555.js | AI (source-diff): Same false positive pattern; no actual dropper behavior in the sampled code. | ai | |
| source-diff | net-exec-file:dist/cjs/lottery-tipping-ticket-controller-a52eb354.js | AI (source-diff): Network/exec pattern is from LitElement/Vaadin component registration and fetch APIs, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/cjs/lottery-tipping-ticket-controller-a52eb354.js | AI (source-diff): Standard Stencil/Rollup minified bundle output; Vaadin/LitElement license headers confirm legitimate build artifact. | ai | |
| source-diff | net-exec-file:dist/esm/lottery-tipping-ticket-controller-ce598555.js | AI (source-diff): Same false positive as CJS counterpart; Vaadin/LitElement runtime patterns. | ai | |
| source-diff | obfuscated-file:dist/esm/lottery-tipping-ticket-controller-ce598555.js | AI (source-diff): Same minified Stencil ESM bundle; identical legitimate build artifact pattern. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Corporate scoped package with 255 versions; sparse metadata is a CI pipeline artifact, not a spam/malware indicator. | ai | |
| npm-metadata | no-description | AI (npm-metadata): Consistent pattern across all @everymatrix widget packages; not indicative of malicious intent. | ai |
Versions (showing 61 of 163)
| Version | Deps | Published |
|---|---|---|
| 1.85.14 | 0 / 0 | |
| 1.85.13 | 0 / 0 | |
| 1.85.11 | 0 / 0 | |
| 1.85.10 | 0 / 0 | |
| 1.85.9 | 0 / 0 | |
| 1.85.8 | 0 / 0 | |
| 1.85.7 | 0 / 0 | |
| 1.85.6 | 0 / 0 | |
| 1.85.5 | 0 / 0 | |
| 1.85.4 | 0 / 0 | |
| 1.85.3 | 0 / 0 | |
| 1.85.2 | 0 / 0 | |
| 1.85.1 | 0 / 0 | |
| 1.85.0 | 0 / 0 | |
| 1.84.3 | 0 / 0 | |
| 1.84.2 | 0 / 0 | |
| 1.84.1 | 0 / 0 | |
| 1.84.0 | 0 / 0 | |
| 1.83.12 | 0 / 0 | |
| 1.83.11 | 0 / 0 | |
| 1.83.10 | 0 / 0 | |
| 1.83.9 | 0 / 0 | |
| 1.83.8 | 0 / 0 | |
| 1.83.7 | 0 / 0 | |
| 1.83.6 | 0 / 0 | |
| 1.83.5 | 0 / 0 | |
| 1.83.4 | 0 / 0 | |
| 1.80.8 | 0 / 0 | |
| 1.80.7 | 0 / 0 | |
| 1.80.6 | 0 / 0 | |
| 1.80.5 | 0 / 0 | |
| 1.80.4 | 0 / 0 | |
| 1.80.3 | 0 / 0 | |
| 1.80.2 | 0 / 0 | |
| 1.80.1 | 0 / 0 | |
| 1.77.32 | 0 / 0 | |
| 1.77.31 | 0 / 0 | |
| 1.77.30 | 0 / 0 | |
| 1.77.29 | 0 / 0 | |
| 1.77.28 | 0 / 0 | |
| 1.77.27 | 0 / 0 | |
| 1.77.25 | 0 / 0 | |
| 1.77.24 | 0 / 0 | |
| 1.77.23 | 0 / 0 | |
| 1.77.22 | 0 / 0 | |
| 1.77.21 | 0 / 0 | |
| 1.77.19 | 0 / 0 | |
| 1.77.18 | 0 / 0 | |
| 1.77.17 | 0 / 0 | |
| 1.77.16 | 0 / 0 | |
| 1.77.15 | 0 / 0 | |
| 1.77.13 | 0 / 0 | |
| 1.77.11 | 0 / 0 | |
| 1.77.10 | 0 / 0 | |
| 1.77.9 | 0 / 0 | |
| 1.77.8 | 0 / 0 | |
| 1.77.7 | 0 / 0 | |
| 1.77.6 | 0 / 0 | |
| 1.77.5 | 0 / 0 | |
| 1.77.4 | 0 / 0 | |
| 1.77.3 | 0 / 0 |
v1.85.14
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.13
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.11
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.10
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.9
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.8
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.7
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.6
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.5
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.4
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.3
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.3
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.12
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.11
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.10
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.9
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.8
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.7
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.6
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.83.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.80.8
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.80.7
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.80.6
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.80.5
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.80.4
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.80.3
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.80.2
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.80.1
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.32
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.31
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.30
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.29
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.28
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.27
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.25
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.24
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.23
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.22
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.21
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.19
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.18
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.17
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.16
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.15
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.13
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.11
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.10
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.9
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.8
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.7
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.77.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.77.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.