← Home

@vendure/graphiql-plugin

npm Repository Homepage

This plugin adds separate GraphiQL playgrounds for the Admin API and Shop API to your Vendure server.

6
Versions
GPL-3.0-or-later
License
No
Install Scripts
Verified
Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

michaelbromleyvendure_teamdlhckhousein_is_programming

Accepted risks

Findings the reviewer chose to accept rather than block on.

SourceRuleReasonAccepted byWhen
source-diff obfuscated-file:dist/graphiql/assets/show-hint-B9E98q2v.js AI (source-diff): Minified CodeMirror show-hint addon; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/search-OO8dZLZU.js AI (source-diff): Minified CodeMirror search addon; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-DFJ8B-Zz.js AI (source-diff): Minified CodeMirror lint addon; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-C_Wm_If0.js AI (source-diff): Minified lint addon; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-BBDZJhqP.js AI (source-diff): Minified GraphQL lint addon; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/javascript-CLExbYkp.js AI (source-diff): Minified CodeMirror JavaScript mode; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/info-CHZjU7Ws.js AI (source-diff): Minified GraphiQL info addon; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/foldgutter-C50LOt_f.js AI (source-diff): Minified CodeMirror foldgutter addon; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/comment-BfWSAMsK.js AI (source-diff): Minified CodeMirror comment addon; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/index-B0EbEgFv.js AI (source-diff): Vite-bundled GraphiQL frontend asset; minification is expected for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/sublime-Duvxp5df.js AI (source-diff): Minified CodeMirror sublime keymap; standard build output for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/info-C3O7BiKH.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/matchbrackets-zOPNoWNW.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/search-DReS4_PJ.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/searchcursor-C9C0ulnh.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/sublime-fqTXWcim.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/show-hint-CMegRpME.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/codemirror-BJo8frku.js AI (source-diff): Standard Vite-bundled minified output for GraphiQL/CodeMirror; expected for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/index-Bvqo8Al9.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/index-CVlvTGMf.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/javascript-B1bT9oaf.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-CWM4Ifz8.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-DUHFXSGS.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-DURplSRL.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/comment-BNVb3a3N.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/foldgutter-C6Terw-F.js AI (source-diff): Standard Vite-bundled minified output; expected for this GraphiQL plugin. ai
source-diff obfuscated-file:dist/graphiql/assets/sublime-C7hpmguU.js AI (source-diff): Minified CodeMirror sublime keymap; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/codemirror-DpyRu-EA.js AI (source-diff): Standard Vite-minified CodeMirror bundle; not malicious obfuscation. ai
source-diff obfuscated-file:dist/graphiql/assets/comment-aVJ7QTbR.js AI (source-diff): Minified CodeMirror comment addon; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/foldgutter-ccbWalEk.js AI (source-diff): Minified CodeMirror foldgutter addon; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/index-BnYSfSAW.js AI (source-diff): Minified graphql-transport-ws bundle; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/index-Cq7z4i0o.js AI (source-diff): Main Vite-bundled GraphiQL entry; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/info-BFbBBrdW.js AI (source-diff): Minified GraphiQL info addon; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/javascript-BOuMdcWh.js AI (source-diff): Minified CodeMirror JS mode; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-C9Xpo_mB.js AI (source-diff): Minified GraphQL lint addon; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-CBxsMesr.js AI (source-diff): Minified lint bundle; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-CZlDIaol.js AI (source-diff): Minified lint bundle; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/matchbrackets-jw92OCMd.js AI (source-diff): Minified CodeMirror matchbrackets addon; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/search-QkkSTJT9.js AI (source-diff): Minified CodeMirror search addon; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/searchcursor-BkXLGAQH.js AI (source-diff): Minified CodeMirror searchcursor addon; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/show-hint-CnJAUBuc.js AI (source-diff): Minified CodeMirror show-hint addon; legitimate build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/index-DqQ_BDXs.js AI (source-diff): Vite-minified frontend bundle for GraphiQL plugin; not malicious obfuscation. ai
phantom-deps phantom-dep:express AI (phantom-deps): express is a runtime dependency declared in package.json; used server-side in the plugin, not directly imported in frontend bundle. ai
source-diff large-new-source-files AI (source-diff): New files are Vite-rebuilt frontend bundle chunks with content-hash names; expected for this package. ai
source-diff obfuscated-file:dist/graphiql/assets/sublime-w9rhzYSt.js AI (source-diff): Minified CodeMirror sublime keymap; standard build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/show-hint-Pr6XFarR.js AI (source-diff): Minified CodeMirror show-hint addon; standard build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/search-SoHLVTU9.js AI (source-diff): Minified CodeMirror search addon; standard build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-ClBChYfN.js AI (source-diff): Minified JSON lint helper; standard build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-BpHTfUHG.js AI (source-diff): Minified GraphQL lint bundle; standard build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/lint-B_S3n2Jo.js AI (source-diff): Minified CodeMirror lint addon; standard build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/javascript-CBugb9F9.js AI (source-diff): Minified CodeMirror JS mode; standard build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/info-CCW3iyhX.js AI (source-diff): Minified GraphiQL info helper; standard build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/foldgutter-COv_Mrnv.js AI (source-diff): Minified CodeMirror foldgutter addon; standard build artifact. ai
source-diff obfuscated-file:dist/graphiql/assets/comment-DolJCE2E.js AI (source-diff): Minified CodeMirror comment addon; standard build artifact. ai

Versions (showing 6 of 6)

Version Deps Published
3.6.4 1 / 13
3.6.3 1 / 13
3.6.2 1 / 13
3.6.1 1 / 13
3.6.0 1 / 13
3.5.6 1 / 13

v3.6.4

12 findings
HIGH New obfuscated file: dist/graphiql/assets/comment-BfWSAMsK.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/foldgutter-C50LOt_f.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/index-B0EbEgFv.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/info-CHZjU7Ws.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/javascript-CLExbYkp.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-BBDZJhqP.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-C_Wm_If0.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-DFJ8B-Zz.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/search-OO8dZLZU.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/show-hint-B9E98q2v.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/sublime-Duvxp5df.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.6.3

12 findings
HIGH New obfuscated file: dist/graphiql/assets/comment-DolJCE2E.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/foldgutter-COv_Mrnv.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/index-DqQ_BDXs.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/info-CCW3iyhX.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/javascript-CBugb9F9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-B_S3n2Jo.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-BpHTfUHG.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-ClBChYfN.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/search-SoHLVTU9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/show-hint-Pr6XFarR.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/sublime-w9rhzYSt.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.6.2

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.6.1

16 findings
HIGH New obfuscated file: dist/graphiql/assets/codemirror-DpyRu-EA.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/comment-aVJ7QTbR.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/foldgutter-ccbWalEk.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/index-BnYSfSAW.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/index-Cq7z4i0o.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/info-BFbBBrdW.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/javascript-BOuMdcWh.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-C9Xpo_mB.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-CBxsMesr.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-CZlDIaol.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/matchbrackets-jw92OCMd.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/search-QkkSTJT9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/searchcursor-BkXLGAQH.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/show-hint-CnJAUBuc.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/sublime-C7hpmguU.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.6.0

16 findings
HIGH New obfuscated file: dist/graphiql/assets/codemirror-DpyRu-EA.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/comment-aVJ7QTbR.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/foldgutter-ccbWalEk.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/index-BnYSfSAW.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/index-Cq7z4i0o.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/info-BFbBBrdW.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/javascript-BOuMdcWh.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-C9Xpo_mB.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-CBxsMesr.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/lint-CZlDIaol.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/matchbrackets-jw92OCMd.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/search-QkkSTJT9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/searchcursor-BkXLGAQH.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/show-hint-CnJAUBuc.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/graphiql/assets/sublime-C7hpmguU.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v3.5.6

1 finding
INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.