@harperfast/harper
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | net-exec-file:studio/web/assets/vendor-viz-Db_2kM67.js | AI (source-diff): Vite-bundled frontend asset; network calls are axios/fetch in UI code, not dropper behavior. | ai | |
| source-diff | obfuscated-file:studio/web/assets/button-V4IQ8FFq.js | AI (source-diff): Minified Vite build output for Studio UI button component. | ai | |
| source-diff | obfuscated-file:studio/web/assets/status-BrfTnnpt.js | AI (source-diff): Minified Vite build output for Studio UI status page. | ai | |
| source-diff | obfuscated-file:studio/web/assets/profile-Dyrp-ZIJ.js | AI (source-diff): Minified Vite build output for Studio UI profile page. | ai | |
| source-diff | obfuscated-file:studio/web/assets/index-BIjBsaWw.js | AI (source-diff): Minified Vite build output for Studio UI; long lines are expected in bundled frontend assets. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-react-Dj1rnUQ4.js | AI (source-diff): Vite-bundled React vendor bundle; standard UI library code. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-misc-DKMU5hOJ.js | AI (source-diff): Vite-bundled frontend vendor bundle; standard UI library code. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-core-f32UXcS5.js | AI (source-diff): Vite-bundled frontend vendor bundle; standard axios/HTTP client code in UI layer. | ai | |
| source-diff | obfuscated-file:studio/web/assets/index-BftP-yQ8.js | AI (source-diff): Vite-bundled studio frontend; minified JS is expected for this web UI asset across all versions. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-react-C3fPIb_V.js | AI (source-diff): Vite vendor bundle for React; network+eval pattern is standard bundler output, not malware. | ai | |
| source-diff | obfuscated-file:studio/web/assets/status-KVqwJsbk.js | AI (source-diff): Standard Vite-bundled React UI asset; minification is expected for studio web assets. | ai | |
| source-diff | obfuscated-file:studio/web/assets/index-CKW3SZJG.js | AI (source-diff): Standard Vite-bundled React UI asset; minification is expected for studio web assets. | ai | |
| source-diff | obfuscated-file:studio/web/assets/profile-DAsdweRg.js | AI (source-diff): Standard Vite-bundled React UI asset; minification is expected for studio web assets. | ai | |
| source-diff | obfuscated-file:studio/web/assets/button-b8IkGZ_9.js | AI (source-diff): Standard Vite-bundled React UI asset; minification is expected for studio web assets. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-viz-morXXTZA.js | AI (source-diff): Vite vendor bundle for visualization libs; network+eval pattern is standard bundler output, not malware. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-core-8FI3Cbaa.js | AI (source-diff): Vite vendor bundle (axios/core libs); network+eval pattern is standard bundler output, not malware. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-misc-Bj3r0doz.js | AI (source-diff): Vite vendor bundle (floating-ui etc.); network+eval pattern is standard bundler output, not malware. | ai | |
| source-diff | obfuscated-file:studio/web/assets/status-BAnbW0Rq.js | AI (source-diff): Standard Vite minified bundle; not obfuscated malware. | ai | |
| source-diff | large-new-source-files | AI (source-diff): New files are Vite-built frontend assets with source maps; expected for a studio UI update. | ai | |
| semgrep | semgrep:api-obfuscation-reflect | AI (semgrep): Reflect.get in bundled vendor code is standard JS runtime usage, not evasion. | ai | |
| source-diff | obfuscated-file:studio/web/assets/profile-CFSLl1du.js | AI (source-diff): Standard Vite minified bundle; not obfuscated malware. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-viz-Cs-GQIim.js | AI (source-diff): Vite-bundled frontend vendor chunk; standard minified ES module imports, not a dropper. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-core-DlDjzdYO.js | AI (source-diff): Vite-bundled frontend vendor chunk; standard minified ES module imports, not a dropper. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-react-DyY32duL.js | AI (source-diff): Vite-bundled frontend vendor chunk; standard minified ES module imports, not a dropper. | ai | |
| source-diff | net-exec-file:studio/web/assets/vendor-misc-DiaKLG2J.js | AI (source-diff): Vite-bundled frontend vendor chunk; standard minified ES module imports, not a dropper. | ai | |
| source-diff | obfuscated-file:studio/web/assets/index-4WybhUdn.js | AI (source-diff): Standard Vite minified bundle with source map; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:studio/web/assets/index-Dq1Ma4KE.js | AI (source-diff): Standard Vite-bundled web UI asset with source map; not malicious obfuscation. Expected pattern for this package's studio frontend. | ai | |
| phantom-deps | phantom-dep:human-readable-ids | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic false positive for this package. | ai | |
| phantom-deps | phantom-dep:pino | AI (phantom-deps): Declared runtime dep referenced in config files; phantom-dep heuristic false positive for this package. | ai | |
| source-diff | obfuscated-file:studio/web/assets/index-C0And10y.js | AI (source-diff): Vite-bundled web UI asset with accompanying .map sourcemap; standard minification for a studio dashboard, not malicious obfuscation. | ai | |
| phantom-deps | phantom-dep:@datadog/pprof | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic false positive for this package. | ai | |
| phantom-deps | phantom-dep:cli-progress | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic false positive for this package. | ai | |
| phantom-deps | phantom-dep:node-stream-zip | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic false positive for this package. | ai | |
| phantom-deps | phantom-dep:ulidx | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic false positive for this package. | ai | |
| semgrep | semgrep:hex-decode | AI (semgrep): Hex decoding in cryptoHash.js is standard AES decryption (IV + ciphertext), not obfuscation. | ai | |
| semgrep | semgrep:child-process-import | AI (semgrep): Database/application platform legitimately uses child_process for stop/start lifecycle management. | ai | |
| semgrep | semgrep:env-spread | AI (semgrep): Platform spawns child processes for git/system ops; spreading process.env for subprocess environment is standard practice. | ai | |
| semgrep | semgrep:dynamic-require | AI (semgrep): jsLoader.ts is a documented module loader; dynamic require is the core feature, not a risk. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Base64 decoding of application payload tarballs is expected for a deployment platform. | ai |
Versions (showing 9 of 9)
| Version | Deps | Published |
|---|---|---|
| 5.0.22 | 80 / 31 | |
| 5.0.19 | 80 / 31 | |
| 5.0.15 | 80 / 31 | |
| 5.0.10 | 80 / 31 | |
| 5.0.8 | 80 / 31 | |
| 5.0.7 | 80 / 31 | |
| 5.0.4 | 80 / 31 | |
| 5.0.1 | 80 / 31 | |
| 5.0.0 | 80 / 31 |
v5.0.22
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.19
9 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.15
8 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.10
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.8
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.7
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v5.0.4
5 findingsSpreading entire process.env into an object — may capture all secrets 594 | .debug?.(`Executing \`${command} ${args.join(' ')}\` in ${cwd}`); 595 | > 596 | const env = { ...process.env }; 597 | 598 | const gitSSHCommand = getGitSSHCommand();
Spreading entire process.env into an object — may capture all secrets 135 | autoRestart: false, 136 | name: 'job', > 137 | env: { ...process.env, [hdbTerms.PROCESS_NAME_ENV_PROP]: `JOB-${job_id}` }, 138 | }); 139 | } else {
Spreading entire process.env into an object — may capture all secrets 150 | autoRestart: false, 151 | name: 'job', > 152 | env: { ...process.env, [hdbTerms.PROCESS_NAME_ENV_PROP]: `JOB-${message.jobId}` }, 153 | }); 154 | } catch (e) {
Spreading entire process.env into an object — may capture all secrets 9 | 10 | function generateMainServerConfig() { > 11 | const envVars = { 12 | [hdbTerms.PROCESS_NAME_ENV_PROP]: hdbTerms.PROCESS_DESCRIPTORS.HDB, 13 | IS_SCRIPTED_SERVICE: true,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v5.0.1
5 findingsSpreading entire process.env into an object — may capture all secrets 579 | .debug?.(`Executing \`${command} ${args.join(' ')}\` in ${cwd}`); 580 | > 581 | const env = { ...process.env }; 582 | 583 | const gitSSHCommand = getGitSSHCommand();
Spreading entire process.env into an object — may capture all secrets 135 | autoRestart: false, 136 | name: 'job', > 137 | env: { ...process.env, [hdbTerms.PROCESS_NAME_ENV_PROP]: `JOB-${job_id}` }, 138 | }); 139 | } else {
Spreading entire process.env into an object — may capture all secrets 150 | autoRestart: false, 151 | name: 'job', > 152 | env: { ...process.env, [hdbTerms.PROCESS_NAME_ENV_PROP]: `JOB-${message.jobId}` }, 153 | }); 154 | } catch (e) {
Spreading entire process.env into an object — may capture all secrets 9 | 10 | function generateMainServerConfig() { > 11 | const envVars = { 12 | [hdbTerms.PROCESS_NAME_ENV_PROP]: hdbTerms.PROCESS_DESCRIPTORS.HDB, 13 | IS_SCRIPTED_SERVICE: true,
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v5.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.