@openscout/scout
Published Scout package that installs the `scout` command
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/client/assets/xterm-fBtFsYpq.js | AI (source-diff): Vite-bundled xterm.js core; standard minified terminal emulator code. | ai | |
| phantom-deps | phantom-dep:node-pty | AI (phantom-deps): node-pty is a native PTY binding loaded dynamically; phantom-dep heuristic false positive. | ai | |
| phantom-deps | phantom-dep:ws | AI (phantom-deps): ws used at runtime by node-pty/server layer; phantom-dep heuristic false positive for this CLI tool. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-5-XOQrKH.js | AI (source-diff): Vite-bundled React/xterm client bundle; recognizable React/xterm internals in sample. | ai | |
| source-diff | obfuscated-file:dist/client/assets/addon-webgl-YYNKPQUg.js | AI (source-diff): Vite-bundled xterm.js WebGL addon; minified build artifact, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-R2y6GOWl.js | AI (source-diff): Standard Vite/React minified bundle output; not obfuscation. Stable pattern for this frontend CLI package. | ai | |
| phantom-deps | phantom-dep:picomatch | AI (phantom-deps): Used in config/build tooling context, not directly imported in source; stable false positive for this package. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-B2XMIUBi.js | AI (source-diff): Standard Vite-bundled React client asset; minification is expected for this package's dist output. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-DiSMCren.js | AI (source-diff): Standard Vite-bundled React client asset; minification is expected for this package's dist output. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-mL1LA8IG.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for this client asset. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-BRvY3oC-.js | AI (source-diff): Standard Vite-bundled React/JSX bundle; minification is expected for this package's client dist assets. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-DglF81f4.js | AI (source-diff): Standard Vite-bundled React UI code; minification is expected for this package's client dist assets. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-D2_peTVB.js | AI (source-diff): Standard Vite/React minified bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-MjXd65eO.js | AI (source-diff): Standard Vite/React minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-DHW-M-8X.js | AI (source-diff): Standard Vite/React minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-nBIiEfYv.js | AI (source-diff): Standard Vite-bundled React UI artifact; minification is expected for this package's client dist. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-BdwfgbIm.js | AI (source-diff): Standard Vite-bundled React UI artifact; minification is expected for this package's client dist. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-25TJx0iN.js | AI (source-diff): Standard minified React/Vite bundle. Sample shows React JSX runtime and module preload polyfill — normal build output. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-DgeMPL-I.js | AI (source-diff): Standard minified Vite/Rollup bundle with React UI components. Content is clearly legitimate minified code. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-iPbdMi1H.js | AI (source-diff): Vite-bundled frontend asset with content-hashed filename; minified not obfuscated. Standard build artifact for this CLI/app package. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-DtTw9kL1.js | AI (source-diff): Vite-bundled React frontend bundle; minified not obfuscated. Standard build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-DvJjuWtM.js | AI (source-diff): Identical React entry bundle pattern; standard Vite/Rollup minified output. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-Cs--6ecm.js | AI (source-diff): Same React UI component bundle as control-plane counterpart; standard Vite minification. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-kOG7gvZY.js | AI (source-diff): Main React app bundle for client build. Contains React runtime, JSX, standard library code. Normal Vite build artifact. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-ChjXbrxY.js | AI (source-diff): Same arc diagram UI bundle for client build target. Standard Vite build output. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-CGoQ5qP4.js | AI (source-diff): Same React runtime bundle for client build. Minified, not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-CXoMwIWo.js | AI (source-diff): Same arc.es bundle for client build target. Minified, not obfuscated. Benign. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-DAPDqcsj.js | AI (source-diff): Standard Vite-bundled React app output. React internals visible in sample; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-DlKOe-t6.js | AI (source-diff): Standard Vite-bundled React app output. Content-hash filename and React symbols confirm legitimate build tool output. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/arc.es-DndjiskC.js | AI (source-diff): Standard minified frontend bundle (arc/diagram UI library). Content is consistent with legitimate build tool output. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-DLYQAPHm.js | AI (source-diff): Standard Vite/Rollup frontend bundle with recognizable React internals (jsx, Fragment, Symbol.for). Minified output, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/arc.es-BkYc1VKe.js | AI (source-diff): Standard Vite/Rollup frontend bundle with recognizable React internals and UI component code. Minified output, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-DzoSArBb.js | AI (source-diff): React runtime bundle — same pattern as index-BkEXBsPk.js. Normal minified build artifact. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-DHqqknxg.js | AI (source-diff): Identical content to control-plane-client variant — minified app bundle, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-BDyu05Hi.js | AI (source-diff): Main React bundle with recognizable React internals (Symbol.for react.* symbols). Standard Vite/Rollup minified output. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-Bkj9Bkvx.js | AI (source-diff): Minified React/UI component bundle with recognizable node-graph layout logic. Standard Vite build output. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-CafSuiif.js | AI (source-diff): Standard Vite-minified React bundle for the control-plane-client. Same pattern as other dist assets — minified frontend build output, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-Cm-Qrks0.js | AI (source-diff): File is standard Vite-minified React bundle output for the control-plane-client UI. Same pattern as the other bundle — legitimate minification, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-DEsi9Gmq.js | AI (source-diff): Standard Vite/React minified bundle artifact. Code samples show React internals and modulepreload polyfill — minification, not obfuscation. Stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-D3-CRXol.js | AI (source-diff): Standard Vite/React minified bundle output; samples show React JSX runtime and modulepreload polyfill — no malicious patterns. Expected for this frontend tooling package. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-B9LKyxlo.js | AI (source-diff): Standard Vite/Rollup minified frontend bundle; samples show React JSX runtime and module preload polyfills. Not malicious obfuscation — this is expected build output for this package. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-X8QwrbtL.js | AI (source-diff): Vite entry bundle for client build; same React runtime code as control-plane counterpart. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-Ccqmb9Pq.js | AI (source-diff): Same arc.es bundle for client build; identical legitimate UI code. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-CCzVmJbw.js | AI (source-diff): Same arc diagram UI bundle for client dist. Standard Vite build artifact. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-D0N02a0Z.js | AI (source-diff): Same React entry bundle for client dist. Standard Vite build artifact with recognizable React internals. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-TVkH_WDG.js | AI (source-diff): Same localhost audio transcription client for control-plane bundle. Benign application code. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-TVkH_WDG.js | AI (source-diff): Small local HTTP client library for audio transcription service on localhost:43115. Application-specific code, no exfiltration or malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-Dq8Oi6wM.js | AI (source-diff): Main React application bundle for client. Identical structure to control-plane bundle — normal Vite output, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-BkEXBsPk.js | AI (source-diff): Main React application bundle for control-plane client. Sample shows React JSX runtime and standard module patterns — normal Vite output. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/arc.es-CcKhIPRw.js | AI (source-diff): Identical application UI bundle for control-plane client. Benign minified React/diagram code. | ai | |
| source-diff | obfuscated-file:dist/client/assets/arc.es-Bmw-NdXC.js | AI (source-diff): Application UI code (React flow diagram components, SVG icons) minified by Vite bundler. Sample shows no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/addon-webgl-DCtw1yLn.js | AI (source-diff): Duplicate of client-side xterm WebGL addon for control-plane bundle. Same benign minified library. | ai | |
| source-diff | obfuscated-file:dist/client/assets/addon-webgl-DCtw1yLn.js | AI (source-diff): Minified xterm.js WebGL addon — standard open-source library bundled as part of the embedded terminal UI. No malicious patterns in sample. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/xterm-B-qIQCd3.js | AI (source-diff): Same xterm.js bundle for control-plane client. Benign open-source terminal library. | ai | |
| source-diff | obfuscated-file:dist/client/assets/xterm-B-qIQCd3.js | AI (source-diff): xterm.js terminal emulator — well-known open-source library, minified for distribution. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/arc.es-CehM6B37.js | AI (source-diff): Standard Vite/Rollup minified frontend bundle; samples show React internals and UI component logic, not obfuscated malware. This pattern is stable for a frontend app package. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-D17d1jzn.js | AI (source-diff): Standard Vite/Rollup minified frontend bundle; samples show React internals (Symbol.for react.* symbols, module-preload polyfill). Legitimate build artifact. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-Dz8OkaKF.js | AI (source-diff): Standard Vite/Rollup minified frontend bundle; samples show identical React internals pattern. Legitimate build artifact for this frontend app package. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-B2VbvZaM.js | AI (source-diff): Standard Vite/Rollup minified bundle containing React runtime. Code samples are clearly readable React/JSX patterns, not malicious obfuscation. | ai | |
| phantom-deps | phantom-dep:@openscout/runtime | AI (phantom-deps): Same-org companion package (@openscout/runtime) at matching version, consistent with a runtime dependency loaded separately rather than directly imported in source. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/arc.es-C-s36DjK.js | AI (source-diff): Standard Vite/Rollup minified frontend bundle. Code samples show React UI components, not malicious obfuscation. Content-hash naming is characteristic of build tool output. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-RH3faelc.js | AI (source-diff): File is standard Vite/React minified bundle output; samples show React internals and modulepreload polyfill. Not obfuscation — expected build artifact for this CLI+UI package. | ai | |
| source-diff | source-size-tripled | AI (source-diff): Size increase is explained by addition of React frontend bundles (~1.3MB of client/control-plane UI assets). Consistent with package evolution adding a web UI component. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-BcTyuj21.js | AI (source-diff): File is standard Vite/React minified bundle output; samples show React internals and modulepreload polyfill. Not obfuscation — expected build artifact for this CLI+UI package. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-DaMVpCar.js | AI (source-diff): Standard Vite/React minified bundle output. Code samples show recognizable React internals and modulepreload polyfill — not malicious obfuscation. Stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-EaWhXnAI.js | AI (source-diff): Standard Vite/React minified bundle output. Samples show recognizable React internals and ES module bundler patterns — not malicious obfuscation. Stable pattern for this frontend-shipping CLI package. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-CMU32DiQ.js | AI (source-diff): Standard Vite/React minified bundle output. Samples show recognizable React internals and modulepreload polyfill — not malicious obfuscation. Stable pattern for this frontend-shipping CLI package. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-D70CFXZt.js | AI (source-diff): File is standard Vite-bundled React output, not obfuscated. React internals and module preload polyfill are clearly visible. Expected build artifact for the control-plane client UI. | ai | |
| source-diff | obfuscated-file:dist/control-plane-client/assets/index-B94ekcNk.js | AI (source-diff): Standard Vite/React build bundle for the control-plane client UI. React symbols and module preload polyfill confirm legitimate minified frontend output. | ai | |
| source-diff | obfuscated-file:dist/client/assets/index-B0OEtbrj.js | AI (source-diff): This is a standard Vite/React build bundle. Content-hashed filenames and React internals in the sample confirm legitimate frontend build output, not malicious obfuscation. | ai |
Versions (showing 51 of 51)
| Version | Deps | Published |
|---|---|---|
| 0.2.69 | 3 / 1 | |
| 0.2.68 | 1 / 1 | |
| 0.2.65 | 0 / 1 | |
| 0.2.64 | 1 / 0 | |
| 0.2.63 | 1 / 0 | |
| 0.2.62 | 1 / 0 | |
| 0.2.61 | 1 / 0 | |
| 0.2.60 | 1 / 0 | |
| 0.2.58 | 1 / 0 | |
| 0.2.57 | 1 / 0 | |
| 0.2.56 | 1 / 0 | |
| 0.2.55 | 1 / 0 | |
| 0.2.54 | 1 / 0 | |
| 0.2.53 | 1 / 0 | |
| 0.2.52 | 1 / 0 | |
| 0.2.51 | 1 / 0 | |
| 0.2.50 | 1 / 0 | |
| 0.2.49 | 1 / 0 | |
| 0.2.48 | 1 / 0 | |
| 0.2.47 | 1 / 0 | |
| 0.2.46 | 1 / 0 | |
| 0.2.45 | 1 / 0 | |
| 0.2.44 | 1 / 0 | |
| 0.2.43 | 1 / 0 | |
| 0.2.42 | 1 / 0 | |
| 0.2.41 | 1 / 0 | |
| 0.2.40 | 1 / 0 | |
| 0.2.39 | 1 / 0 | |
| 0.2.37 | 1 / 0 | |
| 0.2.36 | 1 / 0 | |
| 0.2.35 | 1 / 0 | |
| 0.2.34 | 1 / 0 | |
| 0.2.30 | 1 / 0 | |
| 0.2.29 | 1 / 0 | |
| 0.2.28 | 1 / 0 | |
| 0.2.27 | 1 / 0 | |
| 0.2.26 | 1 / 0 | |
| 0.2.25 | 1 / 0 | |
| 0.2.24 | 1 / 0 | |
| 0.2.23 | 1 / 0 | |
| 0.2.22 | 1 / 0 | |
| 0.2.21 | 1 / 0 | |
| 0.2.20 | 1 / 0 | |
| 0.2.19 | 1 / 0 | |
| 0.2.18 | 1 / 0 | |
| 0.2.17 | 1 / 0 | |
| 0.2.16 | 1 / 0 | |
| 0.2.15 | 0 / 1 | |
| 0.2.13 | 0 / 1 | |
| 0.2.12 | 0 / 1 | |
| 0.2.11 | 0 / 1 |
v0.2.69
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.68
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.65
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.64
4 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: arach.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.63
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.62
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.61
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.2.60
10 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.58
10 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.57
10 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.56
10 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.55
10 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.54
10 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.53
10 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.52
10 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.51
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.50
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.49
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.48
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.47
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.46
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.45
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.44
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.43
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.42
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.41
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.40
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.39
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.37
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.36
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.35
4 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: arach.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.34
4 findingsThis version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: arach.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.30
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.29
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.28
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.27
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.26
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.25
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.24
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.23
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.22
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.21
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.20
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.19
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.18
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.17
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.16
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.15
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.13
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.12
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.2.11
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.