@polkadot/types-support
Supporting files for types, mostly for testing
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | encoded-string-file:metadata/v14/substrate-hex.d.ts | AI (source-diff): TypeScript declaration file containing the type signature for the substrate metadata hex constant — expected for this package. | ai | |
| source-diff | encoded-string-file:metadata/v14/polkadot-hex.d.ts | AI (source-diff): TypeScript declaration file containing the type signature for the polkadot metadata hex constant — expected for this package. | ai | |
| source-diff | encoded-string-file:metadata/v14/kusama-hex.d.ts | AI (source-diff): TypeScript declaration file containing the type signature for the kusama metadata hex constant — expected for this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v14/polkadot-hex.js | AI (source-diff): Legitimate SCALE-encoded Polkadot runtime metadata hex blob — core purpose of this package. | ai | |
| source-diff | encoded-string-file:metadata/v14/kusama-hex.js | AI (source-diff): Legitimate SCALE-encoded Kusama runtime metadata hex blob — core purpose of this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v14/kusama-hex.js | AI (source-diff): This package ships SCALE-encoded Substrate chain metadata as hex strings by design. The 0x6d657461 prefix confirms legitimate blockchain metadata, not malicious payload. | ai | |
| provenance | no-provenance | AI (provenance): polkadotjs publisher has 678 approved packages with 0 rejections; lack of Sigstore provenance is acceptable given this strong track record. | ai | |
| source-diff | encoded-string-file:metadata/v14/substrate-hex.js | AI (source-diff): Legitimate SCALE-encoded Substrate runtime metadata hex blob — core purpose of this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v14/substrate-hex.js | AI (source-diff): Legitimate SCALE-encoded Substrate runtime metadata hex blob — core purpose of this package. | ai | |
| source-diff | encoded-string-file:metadata/v14/polkadot-hex.js | AI (source-diff): Legitimate SCALE-encoded Polkadot runtime metadata hex blob — core purpose of this package. | ai | |
| source-diff | obfuscated-file:metadata/v16/substrate-hex.js | AI (source-diff): ESM variant of the SCALE metadata hex blob. Same pattern as all prior metadata versions in this package; not obfuscated code. | ai | |
| source-diff | obfuscated-file:cjs/metadata/v16/substrate-hex.js | AI (source-diff): This file contains a hex-encoded SCALE metadata blob, which is the documented purpose of @polkadot/types-support. The same pattern exists for all prior metadata versions (v9-v15) and is not malicious. | ai | |
| source-diff | obfuscated-file:cjs/metadata/v16/substrate-hex.d.ts | AI (source-diff): TypeScript declaration file containing a literal hex string type for the SCALE metadata blob. Not obfuscated code; consistent with the package's documented purpose. | ai | |
| source-diff | obfuscated-file:metadata/v16/substrate-hex.d.ts | AI (source-diff): ESM TypeScript declaration for the SCALE metadata hex blob. Same pattern as all prior metadata versions; not obfuscated code. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/polkadot-hex.d.ts | AI (source-diff): TypeScript type literal of Polkadot SCALE metadata hex. Expected content for this package; same pattern as already-accepted polkadot-hex.js. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/substrate-hex.js | AI (source-diff): This is a SCALE-encoded Substrate runtime metadata blob — the core purpose of this package. The hex decodes to valid metadata (starts with 'meta'). Stable false positive for this package. | ai | |
| source-diff | encoded-string-file:metadata/v15/substrate-hex.js | AI (source-diff): Same as above — SCALE-encoded Substrate metadata hex, the explicit purpose of this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/kusama-hex.d.ts | AI (source-diff): TypeScript type literal of Kusama SCALE metadata hex. Expected content for this package; same pattern as already-accepted kusama-hex.js. | ai | |
| source-diff | encoded-string-file:metadata/v15/kusama-hex.d.ts | AI (source-diff): TypeScript type literal of Kusama SCALE metadata hex. Expected content for this package. | ai | |
| source-diff | encoded-string-file:metadata/v15/polkadot-hex.d.ts | AI (source-diff): TypeScript type literal of Polkadot SCALE metadata hex. Expected content for this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/substrate-hex.d.ts | AI (source-diff): TypeScript type literal of Substrate SCALE metadata hex. Expected content for this package. | ai | |
| source-diff | encoded-string-file:metadata/v15/substrate-hex.d.ts | AI (source-diff): TypeScript type literal of Substrate SCALE metadata hex. Expected content for this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/asset-hub-kusama-hex.d.ts | AI (source-diff): TypeScript declaration for SCALE-encoded metadata hex — expected content for this package. | ai | |
| source-diff | encoded-string-file:metadata/v15/polkadot-hex.js | AI (source-diff): SCALE-encoded blockchain metadata hex string — expected content for this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/polkadot-hex.js | AI (source-diff): SCALE-encoded blockchain metadata hex string — expected content for this package. | ai | |
| source-diff | encoded-string-file:metadata/v15/kusama-hex.js | AI (source-diff): SCALE-encoded blockchain metadata hex string — expected content for this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/kusama-hex.js | AI (source-diff): SCALE-encoded blockchain metadata hex string — expected content for this package. | ai | |
| source-diff | encoded-string-file:metadata/v15/asset-hub-polkadot-hex.js | AI (source-diff): SCALE-encoded blockchain metadata hex string — expected content for this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/asset-hub-polkadot-hex.js | AI (source-diff): SCALE-encoded blockchain metadata hex string — expected content for this package. | ai | |
| source-diff | encoded-string-file:metadata/v15/asset-hub-kusama-hex.js | AI (source-diff): SCALE-encoded blockchain metadata hex string — expected content for this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/asset-hub-kusama-hex.js | AI (source-diff): This package's core purpose is shipping SCALE-encoded Substrate metadata hex blobs. Long hex strings in metadata/*-hex.js files are expected and benign. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Well-known Polkadot JS API monorepo package with 802 versions and 612 approved releases. README structure is typical for this ecosystem. | ai | |
| source-diff | encoded-string-file:metadata/v15/asset-hub-polkadot-hex.d.ts | AI (source-diff): TypeScript declaration for SCALE-encoded metadata hex — expected content for this package. | ai | |
| source-diff | encoded-string-file:cjs/metadata/v15/asset-hub-polkadot-hex.d.ts | AI (source-diff): TypeScript declaration for SCALE-encoded metadata hex — expected content for this package. | ai | |
| source-diff | encoded-string-file:metadata/v15/asset-hub-kusama-hex.d.ts | AI (source-diff): TypeScript declaration for SCALE-encoded metadata hex — expected content for this package. | ai |
Versions (showing 51 of 57)
| Version | Deps | Published |
|---|---|---|
| 16.5.6 | 2 / 0 | |
| 16.5.4 | 2 / 0 | |
| 16.5.3 | 2 / 0 | |
| 16.5.2 | 2 / 0 | |
| 16.5.1 | 2 / 0 | |
| 16.4.9 | 2 / 0 | |
| 16.4.8 | 2 / 0 | |
| 16.4.7 | 2 / 0 | |
| 16.4.6 | 2 / 0 | |
| 16.4.5 | 2 / 0 | |
| 16.4.4 | 2 / 0 | |
| 16.4.3 | 2 / 0 | |
| 16.4.2 | 2 / 0 | |
| 16.4.1 | 2 / 0 | |
| 16.3.1 | 2 / 0 | |
| 16.2.2 | 2 / 0 | |
| 16.2.1 | 2 / 0 | |
| 16.1.2 | 2 / 0 | |
| 16.1.1 | 2 / 0 | |
| 16.0.1 | 2 / 0 | |
| 15.10.2 | 2 / 0 | |
| 15.10.1 | 2 / 0 | |
| 15.9.3 | 2 / 0 | |
| 15.9.2 | 2 / 0 | |
| 15.9.1 | 2 / 0 | |
| 15.8.1 | 2 / 0 | |
| 15.7.2 | 2 / 0 | |
| 15.7.1 | 2 / 0 | |
| 15.6.1 | 2 / 0 | |
| 15.5.2 | 2 / 0 | |
| 15.5.1 | 2 / 0 | |
| 15.4.1 | 2 / 0 | |
| 15.3.1 | 2 / 0 | |
| 15.2.1 | 2 / 0 | |
| 15.1.1 | 2 / 0 | |
| 15.0.2 | 2 / 0 | |
| 15.0.1 | 2 / 0 | |
| 14.2.2 | 2 / 0 | |
| 14.0.1 | 2 / 0 | |
| 13.2.1 | 2 / 0 | |
| 13.1.1 | 2 / 0 | |
| 13.0.1 | 2 / 0 | |
| 12.4.2 | 2 / 0 | |
| 12.4.1 | 2 / 0 | |
| 12.3.1 | 2 / 0 | |
| 12.2.3 | 2 / 0 | |
| 12.2.2 | 2 / 0 | |
| 12.2.1 | 2 / 0 | |
| 12.1.1 | 2 / 0 | |
| 12.0.2 | 2 / 0 | |
| 12.0.1 | 2 / 0 |
v16.5.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.5.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.5.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.5.1
13 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.9
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.8
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.7
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.6
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.3
3 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.2
3 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.4.1
5 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.3.1
7 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.2.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.2.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.1.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.1.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v16.0.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.10.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.10.1
9 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.9.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.9.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.9.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.8.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.7.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.7.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.6.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.5.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.5.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.4.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.3.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.2.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.1.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.0.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v15.0.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v14.2.2
27 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v14.0.1
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v13.2.1
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v13.1.1
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v13.0.1
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v12.4.2
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v12.4.1
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v12.3.1
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v12.2.3
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v12.2.2
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v12.2.1
10 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v12.1.1
7 findingsModified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Modified file contains 1 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v12.0.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v12.0.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.