@everymatrix/player-account-gaming-limits-page-2-gm16-nd
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-CENiWb0u.js | AI (source-diff): Standard minified Stencil/Svelte bundle output; pattern is stable across all versions of this package. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-xIwPFd6p.js | AI (source-diff): Standard minified Stencil/Svelte bundle output; pattern is stable across all versions of this package. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-DS_acUv8.cjs | AI (source-diff): Standard minified Stencil/Svelte bundle output; pattern is stable across all versions of this package. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-DPQsst_1.js | AI (source-diff): Standard minified Stencil/Svelte build output; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-_yR3GNzF.cjs | AI (source-diff): Standard minified Stencil/Svelte build output; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-CYkCw8n3.js | AI (source-diff): Standard minified Stencil/Svelte build output; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-CzANWVgX.cjs | AI (source-diff): Standard Svelte/Stencil minified bundle output; consistent with this package's build pattern across 423 versions. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-DSX64tPI.js | AI (source-diff): Standard Svelte/Stencil minified bundle output; consistent with this package's build pattern across 423 versions. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-BslI5Iaz.js | AI (source-diff): Standard Svelte/Stencil minified bundle output; consistent with this package's build pattern across 423 versions. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-C18_3vX5.js | AI (source-diff): Standard Stencil/Svelte minified build output; consistent with all prior versions of this package family. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-Fb0MMIpA.js | AI (source-diff): Standard Stencil/Svelte minified build output; consistent with all prior versions of this package family. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-Uwp88EhO.cjs | AI (source-diff): Standard Stencil/Svelte minified build output; consistent with all prior versions of this package family. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-C6-ybejM.js | AI (source-diff): Standard Svelte/Stencil minified component bundle; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-Bsp72e8I.cjs | AI (source-diff): Standard Svelte/Stencil minified component bundle; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-CueULunM.js | AI (source-diff): Standard Svelte/Stencil minified component bundle; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-BNAvrGO-.js | AI (source-diff): Svelte/Stencil minified ESM bundle; standard build output for this package family. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-FIqVM83z.js | AI (source-diff): Svelte minified ESM bundle; standard build output for this package family. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-XLXf4yKs.cjs | AI (source-diff): Standard Stencil/Svelte minified component bundle; recognizable framework patterns throughout. | ai | |
| source-diff | obfuscated-file:stencil/ui-skeleton-ae35c6f2-CKJgMm_5.cjs | AI (source-diff): Stencil ui-skeleton component bundle; standard minified build output. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-BqqlmCpy.cjs | AI (source-diff): Minified Svelte/Stencil component bundle; normal build output for this package. | ai | |
| source-diff | obfuscated-file:stencil/index-b2193545-CgelUAhE.cjs | AI (source-diff): Standard Stencil runtime minified build artifact; consistent with all prior versions of this package family. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-69zGncyb.js | AI (source-diff): Minified ESM component bundle; normal build output for this package. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-e-exECYL.js | AI (source-diff): Minified ESM component bundle; normal build output for this package. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-lYxobYlM.cjs | AI (source-diff): Minified Svelte component bundle; standard build output for this package family. | ai | |
| source-diff | obfuscated-file:stencil/index-b2193545-YW9b062G.cjs | AI (source-diff): Minified Stencil runtime bundle; standard build output for this package family. | ai | |
| source-diff | obfuscated-file:stencil/ui-skeleton-ae35c6f2-xLf3HyeB.cjs | AI (source-diff): Minified Stencil ui-skeleton component; standard build output for this package family. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-BqJuBJ1a.js | AI (source-diff): Minified Svelte component JS bundle; standard build output for this package family. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-CuSPncbw.js | AI (source-diff): Minified Svelte component JS bundle; standard build output for this package family. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-9FWGM3tl.js | AI (source-diff): Standard Stencil/Svelte minified build output; consistent pattern across all 422 versions of this package. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Scoped internal component package; no repo/description/keywords is expected for this publisher's build artifacts. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-CZ-e_Trt.js | AI (source-diff): Standard Stencil/Svelte minified build output; consistent pattern across all 422 versions of this package. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-D2VJLb99.cjs | AI (source-diff): Standard Stencil/Svelte minified build output; consistent pattern across all 422 versions of this package. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-CVVcnWXR.js | AI (source-diff): Standard Svelte/Stencil minified build artifact; consistent pattern across all @everymatrix component packages. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-DLc8tne9.js | AI (source-diff): Standard Svelte/Stencil minified build artifact; consistent pattern across all @everymatrix component packages. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-DhqwRZcX.cjs | AI (source-diff): Standard Svelte/Stencil minified build artifact; consistent pattern across all @everymatrix component packages. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-BSOx9S6S.js | AI (source-diff): Standard Stencil/Svelte minified build output; readable patterns confirm legitimate bundling. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-gi8pwzyZ.js | AI (source-diff): Standard Stencil/Svelte minified build output; readable patterns confirm legitimate bundling. | ai | |
| source-diff | obfuscated-file:components/PlayerAccountGamingLimitsPage2Gm16Nd-DlpIo8av.cjs | AI (source-diff): Standard Stencil/Svelte minified build output; long lines are bundled JS, not obfuscation. | ai |
Versions (showing 42 of 142)
| Version | Deps | Published |
|---|---|---|
| 1.87.9 | 0 / 0 | |
| 1.85.17 | 0 / 0 | |
| 1.85.16 | 0 / 0 | |
| 1.85.15 | 0 / 0 | |
| 1.85.14 | 0 / 0 | |
| 1.85.13 | 0 / 0 | |
| 1.85.11 | 0 / 0 | |
| 1.85.10 | 0 / 0 | |
| 1.85.9 | 0 / 0 | |
| 1.85.8 | 0 / 0 | |
| 1.85.7 | 0 / 0 | |
| 1.85.6 | 0 / 0 | |
| 1.85.5 | 0 / 0 | |
| 1.85.4 | 0 / 0 | |
| 1.85.3 | 0 / 0 | |
| 1.85.2 | 0 / 0 | |
| 1.85.1 | 0 / 0 | |
| 1.85.0 | 0 / 0 | |
| 1.84.3 | 0 / 0 | |
| 1.84.2 | 0 / 0 | |
| 1.84.1 | 0 / 0 | |
| 1.84.0 | 0 / 0 | |
| 1.83.12 | 0 / 0 | |
| 1.83.11 | 0 / 0 | |
| 1.83.10 | 0 / 0 | |
| 1.83.7 | 0 / 0 | |
| 1.83.6 | 0 / 0 | |
| 1.83.5 | 0 / 0 | |
| 1.83.4 | 0 / 0 | |
| 1.75.0 | 0 / 0 | |
| 1.74.6 | 0 / 0 | |
| 1.73.1 | 0 / 0 | |
| 1.72.0 | 0 / 0 | |
| 1.70.1 | 0 / 0 | |
| 1.69.3 | 0 / 0 | |
| 1.68.0 | 0 / 0 | |
| 1.67.3 | 0 / 0 | |
| 1.67.0 | 0 / 0 | |
| 1.66.2 | 0 / 0 | |
| 1.66.1 | 0 / 0 | |
| 1.66.0 | 0 / 0 | |
| 1.65.3 | 0 / 0 |
v1.87.9
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.17
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.11
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.10
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.9
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.8
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.7
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.6
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.5
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.4
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.3
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.3
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.2
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.12
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.11
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.10
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.7
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.6
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.83.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.83.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.75.0
7 findingsThis version was published by a different npm account than previous versions on 2025-07-22. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.74.6
7 findingsThis version was published by a different npm account than previous versions on 2025-07-14. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.73.1
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.72.0
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.70.1
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.69.3
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.68.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.67.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.67.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.66.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.66.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.66.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.65.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.