@visulima/humanizer No license 7 versions

@visulima/humanizer

npm Repository Homepage

7

Versions

—

License

No

Install Scripts

Verified

Provenance

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures No source commit

Maintainers

prisis

Keywords

visulimahumanizerhumanizehuman-readablehumantimemsbytesfilesizefilesize-humanizertime-humanizerms-humanizerbytes-humanizermillisecondseconddurationhoursminutessecondsdaysyearsmonthsrangetextstring

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:dist/packem_shared/formatBytes-Da87aeh8.js	AI (source-diff): Minified build artifact with transparent byte-unit logic; no malicious patterns present.	ai	2026/05/14
publish-pattern	dormant-publish	AI (publish-pattern): SLSA provenance attestation confirms CI/CD publish; dormancy explained by monorepo release cadence.	ai	2026/05/14
source-diff	obfuscated-file:dist/packem_shared/parseBytes-Da87aeh8.js	AI (source-diff): Minified build artifact from packem bundler; content is plainly byte-unit data and number formatting, no malicious patterns.	ai	2026/05/11
source-diff	large-new-source-files	AI (source-diff): Bundler migration to packem produces many small split chunks; stable pattern for this package.	ai	2026/05/11
source-diff	source-size-dropped	AI (source-diff): Size drop reflects bundler output consolidation, not code removal; consistent with packem migration.	ai	2026/05/11

Versions (showing 7 of 7)

Version	Deps	Published
2.0.5	0 / 0	2025-11-13
2.0.4	0 / 0	2025-11-12
2.0.3	0 / 0	2025-11-07
2.0.2	0 / 0	2025-11-05
2.0.1	0 / 0	2025-10-21
2.0.0	0 / 0	2025-10-15
1.2.2	0 / 0	2025-06-04

v2.0.5

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.0.4

2 findings

HIGH New obfuscated file: dist/packem_shared/parseBytes-Da87aeh8.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.0.3

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.0.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.0.1

2 findings

HIGH New obfuscated file: dist/packem_shared/formatBytes-Da87aeh8.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v2.0.0

2 findings

HIGH New obfuscated file: dist/packem_shared/formatBytes-Da87aeh8.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v1.2.2

1 finding

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.