@flarehr/promoted-benefits-ui
Flare Promoted Benefits
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/assets/index-H7sHo25d.js | AI (source-diff): Standard Vite minified bundle output for a UI library; pattern is stable across versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-DF6IrVzN.js | AI (source-diff): Vite-minified bundle output; consistent with this package's documented build process across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-BSWv-254.js | AI (source-diff): Vite build output; minified bundle is expected for this UI component package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-D8mJcEJU.js | AI (source-diff): Standard Vite minified bundle output; consistent pattern across all versions of this package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-9r6yZyui.js | AI (source-diff): Vite build output; minified bundle is expected for this UI component library. | ai | |
| source-diff | obfuscated-file:dist/assets/index-DnoiPFeY.js | AI (source-diff): Vite build output; minified Preact bundle is expected for this UI package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-B03jTBcJ.js | AI (source-diff): Standard Vite minified bundle output for a Preact UI library; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CexI3FJH.js | AI (source-diff): Standard Vite minified bundle output; consistent with this package's build toolchain across hundreds of versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-BGKEFQD2.js | AI (source-diff): Vite build output; minified bundle is expected for this UI component package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-NbQDeaR8.js | AI (source-diff): Vite-minified bundle output; expected artifact for this UI package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CVbW7_1E.js | AI (source-diff): Standard Vite minified bundle output; consistent with package's build toolchain across versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-Dk5Om42n.js | AI (source-diff): Standard Vite minified bundle output; consistent with this package's build toolchain across versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-IwESuPte.js | AI (source-diff): Vite-minified bundle output; expected artifact for this UI package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-Dc4ivSGQ.js | AI (source-diff): Standard Vite/Preact minified bundle output; expected artifact for this UI library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-BryUleTW.js | AI (source-diff): Vite-minified bundle output; expected artifact for this Preact UI package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-C9X3YDX2.js | AI (source-diff): Vite build output; minified bundle is expected for this UI package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-Daaqxkck.js | AI (source-diff): Vite-minified bundle output; hash-named dist files are the normal build artifact for this UI library. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CW2qbsgu.js | AI (source-diff): Standard Vite minified bundle output; consistent pattern across all versions of this UI component package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-lN5bFBpt.js | AI (source-diff): Vite build output; minified dist files are expected for this UI component library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-pkftLz-z.js | AI (source-diff): Standard Vite/Preact minified bundle output; consistent with this package's documented build toolchain. | ai | |
| source-diff | obfuscated-file:dist/assets/index-D5Ylyzoz.js | AI (source-diff): Vite build output with hash-named assets; minification is expected for this UI component package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CK7voUYT.js | AI (source-diff): Standard Vite minified bundle output for a UI library; pattern is stable across versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CwiOZQTG.js | AI (source-diff): Vite build output; minified bundle is expected for this UI component library. | ai | |
| source-diff | obfuscated-file:dist/assets/index-B220btuN.js | AI (source-diff): Vite-minified bundle output; standard for this UI library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-BCxvmfZG.js | AI (source-diff): Standard Vite minified bundle for a Preact UI lib; pattern is stable across all versions of this package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-D5ysYAlG.js | AI (source-diff): Vite-minified bundle output; standard for this UI library's build process across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-l4v98F8B.js | AI (source-diff): Standard Vite minified bundle output; expected artifact for this UI library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-DN5RR_zO.js | AI (source-diff): Standard Vite minified bundle output for a UI library; content is normal Preact framework code. | ai | |
| source-diff | obfuscated-file:dist/assets/index-UXSUmk6N.js | AI (source-diff): Standard Vite minified bundle output; consistent with this UI library's build process across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-Cux6KzXg.js | AI (source-diff): Vite-minified bundle output; standard for this UI library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-IUPV7k3y.js | AI (source-diff): Standard Vite/Preact minified bundle output; consistent pattern across all versions of this package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-DZhbhywg.js | AI (source-diff): Vite-minified bundle output; standard for this UI library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-Cb479PuV.js | AI (source-diff): Vite-minified bundle output; consistent with package's build toolchain across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-_HJ4bZ3x.js | AI (source-diff): Vite build output; minified bundle is expected for this UI package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CCoBoI4y.js | AI (source-diff): Vite-minified bundle output; expected artifact for this UI package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-BxF5_6Mb.js | AI (source-diff): Standard Vite minified bundle output; expected artifact for this UI library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-BPBDo8B7.js | AI (source-diff): Minified Vite build output; consistent with this package's established build pipeline across hundreds of versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-DznkEE5t.js | AI (source-diff): Standard Vite minified bundle output; consistent pattern across all versions of this UI package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-DiJStIyY.js | AI (source-diff): Standard Vite minified bundle output; consistent with this package's build toolchain across versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-B4lu2OfT.js | AI (source-diff): Standard Vite minified bundle output; consistent with this package's build toolchain across versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-D2QhinmF.js | AI (source-diff): Standard Vite minified bundle output; consistent with this package's build process across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-Ji2Z4rPe.js | AI (source-diff): Standard Vite/Preact minified bundle output; consistent with package's documented build process. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CgIBzlJI.js | AI (source-diff): Standard Vite minified bundle output; consistent with this package's build toolchain across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-ClzJpqlo.js | AI (source-diff): Standard Vite minified bundle output; consistent with this package's build toolchain across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-BF_ptOLQ.js | AI (source-diff): Standard Vite/Preact minified bundle output; consistent pattern across all versions of this UI package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-0Rw-cfJW.js | AI (source-diff): Vite build output; minified UI bundle is expected for this package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-C-D0TIYI.js | AI (source-diff): Vite build output for a UI library; minified bundle is expected and consistent with prior releases. | ai | |
| source-diff | obfuscated-file:dist/assets/index-B4O6aYHn.js | AI (source-diff): Standard Vite/Preact minified bundle output; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/assets/index-DnSmMbAA.js | AI (source-diff): Vite-minified bundle output; expected artifact for this UI library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CNOnvUBo.js | AI (source-diff): Standard Vite minified bundle output for a Preact UI library; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/assets/index-D0zuLYba.js | AI (source-diff): Vite-minified bundle; expected output for this Preact/Vite UI package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-D8qstojk.js | AI (source-diff): Vite build output; minified bundle is expected for this UI package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-z3vtjGrV.js | AI (source-diff): Standard Vite/Preact minified bundle output; consistent with this UI library's build process across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-D5wtCnwE.js | AI (source-diff): Standard Vite minified bundle output for a UI library; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/assets/index-DDp_j1eh.js | AI (source-diff): Standard Vite/Preact minified bundle output; consistent with package's documented build process across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-Cu4Yfdzs.js | AI (source-diff): Standard Vite minified bundle output for a UI library; pattern is stable across versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-A1kZXKAm.js | AI (source-diff): Standard Vite minified bundle output; consistent with declared build toolchain across all versions of this package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CfFcQ11c.js | AI (source-diff): Standard Vite minified bundle output for a Preact UI library; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/assets/index-D-3ceIAr.js | AI (source-diff): Standard Vite/Preact minified bundle output; consistent pattern across all versions of this UI library. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CSpfE8jq.js | AI (source-diff): Standard Vite/Preact minified bundle output; consistent pattern across all versions of this package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-Ce_Bg-N7.js | AI (source-diff): Vite build output; minified Preact bundle is expected for this UI library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CcDNYxm3.js | AI (source-diff): Vite-minified bundle output; expected artifact for this UI package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-qGQsE9aU.js | AI (source-diff): Standard Vite minified bundle for a Preact UI library; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/assets/index-CUYFmKkx.js | AI (source-diff): Standard Vite minified bundle output; consistent with declared build toolchain across all versions of this package. | ai | |
| source-diff | obfuscated-file:dist/assets/index-BC0taJXW.js | AI (source-diff): Vite-minified bundle output; expected artifact for this UI library's build pipeline. | ai | |
| source-diff | obfuscated-file:dist/assets/index-mdodVdVn.js | AI (source-diff): Vite-minified bundle output; expected artifact for this UI package across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-BOfBKTzy.js | AI (source-diff): Vite build output; minified bundle is expected for this UI component library across all versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-DXVOv26Q.js | AI (source-diff): Vite build output for a UI component library; minified bundle is expected and consistent across versions. | ai | |
| source-diff | obfuscated-file:dist/assets/index-Ca5nZ-Jh.js | AI (source-diff): Standard Vite minified bundle output; consistent with declared vite build toolchain across all versions. | ai | |
| phantom-deps | phantom-dep:preact | AI (phantom-deps): Declared runtime dep; core to Preact build toolchain. | ai | |
| phantom-deps | phantom-dep:@juggle/resize-observer | AI (phantom-deps): Declared runtime dep; used in UI component context. | ai | |
| phantom-deps | phantom-dep:uuid | AI (phantom-deps): Declared runtime dep; used in TypeScript/config context. | ai |
Versions (showing 51 of 79)
| Version | Deps | Published |
|---|---|---|
| 1.0.970 | 3 / 26 | |
| 1.0.966 | 3 / 26 | |
| 1.0.962 | 3 / 26 | |
| 1.0.939 | 3 / 26 | |
| 1.0.938 | 3 / 26 | |
| 1.0.933 | 3 / 26 | |
| 1.0.920 | 3 / 26 | |
| 1.0.917 | 3 / 26 | |
| 1.0.912 | 3 / 26 | |
| 1.0.911 | 3 / 26 | |
| 1.0.909 | 3 / 26 | |
| 1.0.908 | 3 / 26 | |
| 1.0.907 | 3 / 26 | |
| 1.0.906 | 3 / 26 | |
| 1.0.875 | 3 / 26 | |
| 1.0.863 | 3 / 26 | |
| 1.0.850 | 3 / 26 | |
| 1.0.844 | 3 / 26 | |
| 1.0.835 | 3 / 26 | |
| 1.0.834 | 3 / 26 | |
| 1.0.828 | 3 / 26 | |
| 1.0.821 | 3 / 26 | |
| 1.0.801 | 3 / 26 | |
| 1.0.760 | 3 / 26 | |
| 1.0.755 | 3 / 26 | |
| 1.0.736 | 3 / 26 | |
| 1.0.735 | 3 / 26 | |
| 1.0.733 | 3 / 26 | |
| 1.0.730 | 3 / 26 | |
| 1.0.728 | 3 / 26 | |
| 1.0.727 | 3 / 26 | |
| 1.0.719 | 3 / 26 | |
| 1.0.705 | 3 / 26 | |
| 1.0.704 | 3 / 26 | |
| 1.0.703 | 3 / 26 | |
| 1.0.702 | 3 / 26 | |
| 1.0.700 | 3 / 26 | |
| 1.0.682 | 3 / 26 | |
| 1.0.681 | 3 / 26 | |
| 1.0.680 | 3 / 26 | |
| 1.0.670 | 3 / 26 | |
| 1.0.664 | 3 / 26 | |
| 1.0.662 | 3 / 26 | |
| 1.0.653 | 3 / 26 | |
| 1.0.650 | 3 / 26 | |
| 1.0.647 | 3 / 26 | |
| 1.0.645 | 3 / 26 | |
| 1.0.642 | 3 / 26 | |
| 1.0.635 | 3 / 26 | |
| 1.0.633 | 3 / 26 | |
| 1.0.631 | 3 / 26 |
v1.0.970
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.966
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.962
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.939
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.933
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.920
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.917
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.912
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.911
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.909
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.908
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.907
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.906
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.875
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.863
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.850
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.844
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.835
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.834
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.828
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.821
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.801
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.760
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.755
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.736
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.735
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.733
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.730
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.728
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.727
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.719
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.705
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.704
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.703
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.702
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.700
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.682
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.681
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.680
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.670
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.664
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.662
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.653
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.650
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.647
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.645
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.642
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.635
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.633
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.631
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.