@hashintel/petrinaut
A visual editor for Petri nets
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/label-BRuANAoq.js | AI (source-diff): Vite-bundled monaco-editor label chunk; minification is expected. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Large file count is expected when bundling monaco-editor into a Vite dist. | ai | |
| source-diff | net-exec-file:dist/petrinaut-DmQFq0Z8.js | AI (source-diff): Bundled React/monaco app code; network calls are LSP/simulation workers, not dropper behavior. | ai | |
| source-diff | obfuscated-file:dist/editor.api2-DrK0pH4k.js | AI (source-diff): Vite-bundled monaco-editor chunk; minification is expected for this package. | ai | |
| source-diff | obfuscated-file:dist/petrinaut-provider-BvHUB7qd.js | AI (source-diff): Vite-bundled app provider chunk; minification is expected for this package. | ai | |
| source-diff | obfuscated-file:dist/markdownRenderer-DnN875ow.js | AI (source-diff): Vite-bundled monaco-editor markdown renderer chunk; minification is expected. | ai | |
| source-diff | obfuscated-file:dist/iconRegistry-CpIWj5i4.js | AI (source-diff): Vite-bundled monaco-editor icon registry chunk; minification is expected. | ai | |
| source-diff | obfuscated-file:dist/assets/editor.worker-CEcbUcrJ.js | AI (source-diff): Minified monaco editor worker; standard Vite build output for this package. | ai | |
| source-diff | obfuscated-file:dist/react-DzF8zn4e.js | AI (source-diff): Minified React/petrinaut-core bundle; standard Vite build output. | ai | |
| source-diff | net-exec-file:dist/petrinaut-BHvs1kx5.js | AI (source-diff): Network calls are AI SDK fetch; dynamic execution is React rendering — no dropper pattern. | ai | |
| source-diff | obfuscated-file:dist/petrinaut-BHvs1kx5.js | AI (source-diff): Minified main petrinaut bundle; standard Vite build output. | ai | |
| source-diff | obfuscated-file:dist/markdownRenderer-BFcUo2pY.js | AI (source-diff): Minified markdown renderer bundle; standard Vite build output. | ai | |
| source-diff | obfuscated-file:dist/label-DcgcvfGl.js | AI (source-diff): Minified monaco-editor label bundle; standard Vite build output. | ai | |
| source-diff | obfuscated-file:dist/iconRegistry-DAUUnlzk.js | AI (source-diff): Minified monaco-editor icon registry bundle; standard Vite build output. | ai | |
| source-diff | obfuscated-file:dist/editor.api2-DI_CQLc1.js | AI (source-diff): Minified monaco-editor bundle; standard Vite build output for this package. | ai | |
| source-diff | obfuscated-file:dist/petrinaut-provider-D080V8_b.js | AI (source-diff): Minified React provider bundle; standard build output. | ai | |
| phantom-deps | phantom-dep:immer | AI (phantom-deps): immer is bundled into dist output by Vite; not directly imported in source but legitimately used. | ai | |
| source-diff | net-exec-file:dist/simulation.worker-B1mH_Xht.js | AI (source-diff): Simulation worker; dynamic execution from bundled deps, not malware. | ai | |
| source-diff | obfuscated-file:dist/simulation.worker-B1mH_Xht.js | AI (source-diff): Simulation worker bundle; minification expected for this package. | ai | |
| source-diff | net-exec-file:dist/petrinaut-provider-D080V8_b.js | AI (source-diff): Standard React/LSP provider; dynamic execution is from bundled deps, not malware. | ai | |
| source-diff | obfuscated-file:dist/label-8STifhOT.js | AI (source-diff): Minified monaco-editor bundle; standard build output. | ai | |
| source-diff | obfuscated-file:dist/language-server.worker-BNH5LdWe.js | AI (source-diff): Bundled TypeScript language server worker; minification is expected for this package. | ai | |
| source-diff | net-exec-file:dist/language-server.worker-BNH5LdWe.js | AI (source-diff): Language server worker legitimately uses dynamic code execution (TypeScript compiler); no exfiltration pattern. | ai | |
| source-diff | obfuscated-file:dist/markdownRenderer-IPX2-0Hy.js | AI (source-diff): Minified monaco-editor markdown renderer; standard build output. | ai | |
| source-diff | net-exec-file:dist/petrinaut-4KMDkAjj.js | AI (source-diff): Main bundle imports @babel/standalone for in-browser transpilation; legitimate use case for a Petri-net editor. | ai | |
| source-diff | obfuscated-file:dist/iconRegistry-CvLdDB2r.js | AI (source-diff): Minified monaco-editor NLS/icon bundle; standard build output. | ai | |
| source-diff | obfuscated-file:dist/editor.api2-DmqK9Qpv.js | AI (source-diff): Minified monaco-editor bundle; standard build output for this visual editor package. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/utilities | AI (phantom-deps): Referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:elkjs | AI (phantom-deps): Peer/transitive dep used at runtime via reactflow; stable for this package. | ai | |
| phantom-deps | phantom-dep:d3-array | AI (phantom-deps): Used indirectly via d3-scale or config; stable false positive. | ai | |
| phantom-deps | phantom-dep:d3-scale | AI (phantom-deps): Referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:reactflow | AI (phantom-deps): Core runtime dep referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:@babel/core | AI (phantom-deps): Framework-scoped, loaded by convention; stable false positive. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/core | AI (phantom-deps): Referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:@mui/material | AI (phantom-deps): Referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:@mantine/hooks | AI (phantom-deps): Referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:@babel/standalone | AI (phantom-deps): Framework-scoped, loaded by convention; stable false positive. | ai | |
| phantom-deps | phantom-dep:@dnd-kit/sortable | AI (phantom-deps): Referenced in config; stable false positive. | ai | |
| phantom-deps | phantom-dep:@hashintel/ds-components | AI (phantom-deps): Same org scope; stable false positive. | ai | |
| phantom-deps | phantom-dep:@babel/plugin-transform-typescript | AI (phantom-deps): Framework-scoped babel plugin; stable false positive. | ai | |
| phantom-deps | phantom-dep:@emotion/react | AI (phantom-deps): @emotion/react is a direct dependency used via MUI/emotion peer; config-file-only reference is a stable false positive for this package. | ai | |
| phantom-deps | phantom-dep:@fontsource-variable/jetbrains-mono | AI (phantom-deps): Declared runtime dep (CSS font); phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:@fontsource-variable/inter-tight | AI (phantom-deps): Declared runtime dep (CSS font); phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:vscode-languageserver-types | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:@fontsource-variable/inter | AI (phantom-deps): Declared runtime dep (CSS font); phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:react-resizable-panels | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:@hashintel/refractive | AI (phantom-deps): Same-org dep; phantom-dep heuristic is a false positive. | ai | |
| phantom-deps | phantom-dep:@hashintel/ds-helpers | AI (phantom-deps): Same-org dep declared in both deps and devDeps; phantom-dep heuristic is a false positive here. | ai | |
| phantom-deps | phantom-dep:@tanstack/react-form | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:@monaco-editor/react | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:monaco-editor | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:@ark-ui/react | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:react-icons | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:web-worker | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:typescript | AI (phantom-deps): Declared runtime dep (used for in-browser TS compilation); phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:lodash-es | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:fuzzysort | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:uplot | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references. | ai | |
| phantom-deps | phantom-dep:zod | AI (phantom-deps): Declared runtime dep used transitively/via config; stable false positive for this UI library package. | ai | |
| phantom-deps | phantom-dep:uuid | AI (phantom-deps): Declared runtime dep; phantom-dep heuristic fires on config references, not a real concern. | ai |
Versions (showing 10 of 10)
| Version | Deps | Published |
|---|---|---|
| 0.0.16 | 22 / 23 | |
| 0.0.15 | 20 / 23 | |
| 0.0.14 | 24 / 23 | |
| 0.0.13 | 23 / 23 | |
| 0.0.6 | 22 / 19 | |
| 0.0.5 | 9 / 0 | |
| 0.0.4 | 9 / 0 | |
| 0.0.3 | 9 / 0 | |
| 0.0.2 | 9 / 0 | |
| 0.0.1 | 9 / 0 |
v0.0.16
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.15
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.14
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.6
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.2
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.