@lovelybunch/api
Coconut API server
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | net-exec-file:static/assets/index-CXdqQvuB.js | AI (source-diff): Network calls and dynamic code in a React SPA bundle are expected; no dropper behavior present. | ai | |
| source-diff | obfuscated-file:static/assets/index-CXdqQvuB.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated. Stable pattern for this package. | ai | |
| source-diff | obfuscated-file:static/assets/index-COf7Bc1u.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated, contains React JSX runtime with MIT license headers. | ai | |
| source-diff | net-exec-file:static/assets/index-COf7Bc1u.js | AI (source-diff): Network calls and dynamic code in a frontend bundle are normal React app patterns (fetch, dynamic imports); not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-D2aJfzTq.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/droid-C6RWH9f4.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-DdApq_B-.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-BtKkipWC.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-n0MeSpgA.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-CChIC6Qa.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-B9nVQn0B.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-C7Xlzj-X.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsSettingsPage-C5ZsOVSL.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsPage-D_HMA-40.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentEditPage-BiAoWU1z.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-CaeV2cQ4.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentDetailPage-CZ2tz-Ol.js | AI (source-diff): Standard Vite/React minified bundle output; readable UI logic visible in samples, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/index-BfJaT17z.js | AI (source-diff): Standard Vite/React minified bundle output; this is the main app bundle. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-O7o2b4JB.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-Bz17VWrK.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | net-exec-file:static/assets/index-ChC_9V5G.js | AI (source-diff): Network calls and dynamic code are normal React SPA patterns (fetch, dynamic imports); no dropper behavior evident. | ai | |
| source-diff | obfuscated-file:static/assets/index-ChC_9V5G.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for bundled frontend static assets in this package. | ai | |
| source-diff | obfuscated-file:static/assets/index-QHnHUcsV.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for frontend static assets in this package. | ai | |
| source-diff | net-exec-file:static/assets/index-QHnHUcsV.js | AI (source-diff): fetch() calls in a browser React bundle are normal; not a dropper pattern. | ai | |
| source-diff | obfuscated-file:static/assets/index-CT5b4_5b.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for this package's bundled frontend static assets. | ai | |
| source-diff | net-exec-file:static/assets/index-CT5b4_5b.js | AI (source-diff): Network calls and dynamic code in a React SPA bundle are normal browser-side patterns, not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/index-iUk8kCOP.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for frontend static assets in this API server package. | ai | |
| source-diff | net-exec-file:static/assets/index-iUk8kCOP.js | AI (source-diff): Network calls and dynamic execution are browser-side React app patterns (fetch, modulepreload), not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/css-BnMrqG3P.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/crystal-SjHAIU92.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/coffeescript-S37ZYGWr.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-kp4s3wCJ.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/cobol-CWcv1MsR.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/clojure-BMjYHr_A.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-DgMJTsMd.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-Bwr7uP3z.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/asterisk-B-8jnY81.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/asn1-EdZsLKOL.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-Bg84BQHV.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsContextPage-tJ-LhFYb.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/clike-B9uivgTg.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-sJEQn6DK.js | AI (source-diff): Standard Vite-bundled React SPA output; minification is expected for this package. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-DMJSzzgD.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/d-pRatUO7H.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/cypher-C_CwsFkJ.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | net-exec-file:static/assets/index-oiaE146A.js | AI (source-diff): Network calls and dynamic code in a frontend bundle are standard React SPA patterns (fetch, modulepreload), not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/index-oiaE146A.js | AI (source-diff): Vite-bundled React frontend; minified build artifact with visible React license headers, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/index-BBRzjrXH.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated, React license headers visible. | ai | |
| source-diff | net-exec-file:static/assets/index-BBRzjrXH.js | AI (source-diff): Network calls are browser fetch() for modulepreload; no server-side code execution pattern. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-AWTVFLmK.js | AI (source-diff): Standard Vite minified frontend bundle; samples show normal React/Hono app code. | ai | |
| source-diff | obfuscated-file:static/assets/AgentDetailPage-DtGFrHzZ.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/AgentEditPage-1026aJox.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsPage-9Hre8AD1.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsSettingsPage-CILCHaO9.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-D-l8q30N.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-DiRR28Rx.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-FcRJGw8O.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-D528tGhc.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-Dh2dy_2x.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-CCNmmkv_.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-D5C34QbO.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-ofZrdSSl.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-Cld_sN5t.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-Dj-Do8q7.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/index-DaqYJNAM.js | AI (source-diff): Standard Vite minified frontend bundle; root entry point for the SPA. | ai | |
| source-diff | obfuscated-file:static/assets/index-DuLX7Zvh.js | AI (source-diff): Standard Vite/React production bundle shipped as static asset; minification is expected, not malicious. | ai | |
| source-diff | net-exec-file:static/assets/index-DuLX7Zvh.js | AI (source-diff): fetch() in a browser bundle for modulepreload polyfill; not a dropper pattern. | ai | |
| source-diff | obfuscated-file:static/assets/index-CRg4lVi6.js | AI (source-diff): Standard Vite/React production bundle; minified frontend static asset, not obfuscated malware. | ai | |
| source-diff | net-exec-file:static/assets/index-CRg4lVi6.js | AI (source-diff): Network calls and dynamic code in a React SPA bundle are normal browser-side patterns, not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/index-BVJU_3F9.js | AI (source-diff): Standard Vite/React production bundle with visible license headers; minification is expected for this package's bundled frontend. | ai | |
| source-diff | net-exec-file:static/assets/index-BVJU_3F9.js | AI (source-diff): fetch() calls in a browser SPA bundle are routine; no dropper pattern present. | ai | |
| source-diff | obfuscated-file:static/assets/index-NCb27WQQ.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for this frontend-serving API package. | ai | |
| source-diff | net-exec-file:static/assets/index-NCb27WQQ.js | AI (source-diff): Network calls and dynamic code in a bundled SPA asset are normal browser-side React app behavior, not dropper malware. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-BG-ZSGfu.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-e9hNRsi2.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-BiRf5q_q.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-Ck4-s_jh.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-WY9k_1tR.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-DCKd4LXE.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-Bs5wL5Yj.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-Cj4dVDWO.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsSettingsPage-Cw2MTnHU.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsPage-Bage8eYW.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AgentEditPage-DOemUkvg.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AgentDetailPage-WLAnnZep.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-C_HqpJt2.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-DCpoDF2j.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/index-CQpPrvm_.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-Cn-MciXq.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-qJKqmwv7.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | large-new-source-files | AI (source-diff): 174 new files are Vite-built frontend assets bundled into the API package for the first time. | ai | |
| source-diff | obfuscated-file:static/assets/index-VBSAUXJg.js | AI (source-diff): Main Vite bundle entry; standard minified output for a React SPA. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-B8xDJx3W.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-D22W0fXd.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-vBLrGiwG.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/droid-Caom7ttu.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-3PlgC6UV.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-DGxzOKzh.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-DBBFKngy.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-AXU_vx8p.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-C4bkskmN.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-wx1LBCGC.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-DY0vNNSR.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsSettingsPage-Dnkw87_8.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsPage-nnMzCmw9.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/AgentEditPage-K6I9kvCf.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/AgentDetailPage-Dww8h17d.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-BC16skg6.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-THm6wDjs.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-BiDtdSK1.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-B9BZZfw6.js | AI (source-diff): Standard Vite/React minified bundle output with lucide-react license headers. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-CPCj64rX.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-DCNdI4NT.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-DtSo78Y_.js | AI (source-diff): Standard Vite/React minified bundle output with lucide-react license headers. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-DYxC_aMR.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/index-DFcWlnzl.js | AI (source-diff): Main Vite bundle entry point; standard minified React/library output. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-k4I7Q53O.js | AI (source-diff): Standard Vite/React minified bundle output; readable component logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-B1YvVdmg.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-CpowsIx2.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/index-WWif9bcD.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for frontend static assets in this package. | ai | |
| source-diff | net-exec-file:static/assets/index-WWif9bcD.js | AI (source-diff): Network calls and dynamic code in a React SPA bundle are normal browser-side patterns, not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/index-BmLW21zG.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for this package's bundled frontend static assets. | ai | |
| source-diff | net-exec-file:static/assets/index-BmLW21zG.js | AI (source-diff): Browser fetch + React rendering in a bundled SPA asset; not a dropper pattern. | ai | |
| phantom-deps | phantom-dep:arctic | AI (phantom-deps): arctic is a legitimate OAuth library; phantom-dep heuristic fires because it's used indirectly via config/runtime, not a direct import. | ai | |
| phantom-deps | phantom-dep:@lovelybunch/core | AI (phantom-deps): Same org scope; declared as dependency, phantom-dep heuristic is a false positive here. | ai | |
| typosquat | typosquat.levenshtein:pg | AI (typosquat): Scoped package with clear distinct identity; not impersonating pg. | ai | |
| typosquat | typosquat.levenshtein:ajv | AI (typosquat): Scoped package with clear distinct identity; not impersonating ajv. | ai | |
| phantom-deps | phantom-dep:cookie | AI (phantom-deps): cookie is a declared runtime dependency; phantom-dep heuristic false positive for this package. | ai | |
| typosquat | typosquat.levenshtein:hapi | AI (typosquat): Scoped package @lovelybunch/api; not impersonating hapi. Levenshtein match on suffix 'api' vs 'hapi' is a false positive. | ai | |
| typosquat | typosquat.levenshtein:joi | AI (typosquat): Scoped package with clear distinct identity; not impersonating joi. | ai |
Versions (showing 27 of 27)
| Version | Deps | Published |
|---|---|---|
| 1.0.77 | 21 / 11 | |
| 1.0.76 | 20 / 10 | |
| 1.0.75 | 21 / 10 | |
| 1.0.74 | 18 / 9 | |
| 1.0.73 | 17 / 9 | |
| 1.0.72 | 17 / 9 | |
| 1.0.71 | 17 / 9 | |
| 1.0.70 | 16 / 9 | |
| 1.0.68 | 15 / 7 | |
| 1.0.66 | 15 / 7 | |
| 1.0.65 | 15 / 7 | |
| 1.0.64 | 15 / 7 | |
| 1.0.63 | 15 / 7 | |
| 1.0.62 | 15 / 7 | |
| 1.0.61 | 15 / 7 | |
| 1.0.60 | 15 / 7 | |
| 1.0.59 | 15 / 7 | |
| 1.0.58 | 15 / 7 | |
| 1.0.57 | 15 / 7 | |
| 1.0.56 | 11 / 4 | |
| 1.0.55 | 11 / 4 | |
| 1.0.54 | 11 / 4 | |
| 1.0.53 | 11 / 4 | |
| 1.0.52 | 11 / 4 | |
| 1.0.51 | 11 / 4 | |
| 1.0.50 | 11 / 4 | |
| 1.0.49 | 11 / 4 |
v1.0.77
2 findingsPackage name '@lovelybunch/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.76
18 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.75
13 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.74
18 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.73
18 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.72
18 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.71
17 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.70
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.68
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.66
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.65
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.64
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.63
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.62
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.61
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.60
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.59
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.58
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.57
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.56
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.55
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.54
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.53
2 findingsPackage name '@lovelybunch/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.52
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.51
2 findingsPackage name '@lovelybunch/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.50
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.49
2 findingsPackage name '@lovelybunch/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.