@wix/auto_sdk_forms_submissions
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-B-N3hDBE.d.mts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc annotations; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-Dap43WP1.d.ts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc annotations; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-B-N3hDBE.d.ts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc annotations; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-Dap43WP1.d.mts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc annotations; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-XEhQnZGl.d.mts | AI (source-diff): Long-line TypeScript declaration files (.d.mts) from Wix SDK codegen; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-XEhQnZGl.d.ts | AI (source-diff): Long-line TypeScript declaration files (.d.ts) from Wix SDK codegen; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-rBC11UWo.d.ts | AI (source-diff): Long-line TypeScript declaration files (.d.ts) from Wix SDK codegen; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-rBC11UWo.d.mts | AI (source-diff): Long-line TypeScript declaration files (.d.mts) from Wix SDK codegen; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-DmSyxGcC.d.mts | AI (source-diff): Generated TypeScript declaration file with long type union lines; not obfuscated code. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-DmSyxGcC.d.ts | AI (source-diff): Generated TypeScript declaration file with long type union lines; not obfuscated code. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-B3hu4KA0.d.ts | AI (source-diff): Generated TypeScript declaration file with long type union lines; not obfuscated code. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-B3hu4KA0.d.mts | AI (source-diff): Generated TypeScript declaration file with long type union lines; not obfuscated code. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-CGw1UGHX.d.mts | AI (source-diff): Long-line TypeScript declaration files from Wix SDK codegen; not obfuscated code. | ai | |
| maintainer-change | maintainer-removed | AI (maintainer-change): Wix CI publisher pattern; individual maintainer removal is expected as publishing moves to CI automation. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-CGw1UGHX.d.ts | AI (source-diff): Long-line TypeScript declaration files from Wix SDK codegen; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-BqgYHpVA.d.ts | AI (source-diff): Long-line TypeScript declaration files from Wix SDK codegen; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-BqgYHpVA.d.mts | AI (source-diff): Long-line TypeScript declaration files from Wix SDK codegen; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-y_kXAKWE.d.mts | AI (source-diff): Generated TypeScript declaration file with long lines from type unions; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-y_kXAKWE.d.ts | AI (source-diff): Generated TypeScript declaration file with long lines from type unions; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-93JPbuxB.d.ts | AI (source-diff): Generated TypeScript declaration file with long lines from type unions; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-93JPbuxB.d.mts | AI (source-diff): Generated TypeScript declaration file with long lines from type unions; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-LlwnX3Hx.d.mts | AI (source-diff): Same pattern: generated TypeScript declaration file with long lines, not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-LlwnX3Hx.d.ts | AI (source-diff): Generated .d.ts declaration file; long lines are from bundled type definitions, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-DWABxpf0.d.ts | AI (source-diff): Generated .d.ts declaration file; long lines are from bundled type definitions, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-DWABxpf0.d.mts | AI (source-diff): Large .d.mts type declaration files with long lines are normal for generated Wix SDK type bundles, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-MYwdZTUH.d.mts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-MYwdZTUH.d.ts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-iL5s7YRB.d.ts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-iL5s7YRB.d.mts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-D6YYlji6.d.ts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-C1P4RpS_.d.mts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-D6YYlji6.d.mts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-C1P4RpS_.d.ts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-BjJ-qwMD.d.ts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for Wix auto-generated SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-DzqrpsKR.d.ts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for Wix auto-generated SDK packages. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-BjJ-qwMD.d.mts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for Wix auto-generated SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-DzqrpsKR.d.mts | AI (source-diff): TypeScript declaration file with long JSDoc lines; not obfuscated code. Stable pattern for Wix auto-generated SDK packages. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-WOt46eWq.d.ts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc annotations; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-CHdLgf5a.d.mts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc annotations; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-WOt46eWq.d.mts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc annotations; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-CHdLgf5a.d.ts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc annotations; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-D6mh5VNi.d.mts | AI (source-diff): Generated TypeScript declaration files with long union type lines; not obfuscation. Stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-DCTRKTwp.d.ts | AI (source-diff): Generated TypeScript declaration files with long union type lines; not obfuscation. Stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-D6mh5VNi.d.ts | AI (source-diff): Generated TypeScript declaration files with long union type lines; not obfuscation. Stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-DCTRKTwp.d.mts | AI (source-diff): Generated TypeScript declaration files with long union type lines; not obfuscation. Stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-uvhhiFaH.d.mts | AI (source-diff): TypeScript declaration files with long JSDoc lines; not obfuscated code. Stable pattern for @wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-CiTwM6RK.d.mts | AI (source-diff): TypeScript declaration files with long JSDoc lines; not obfuscated code. Stable pattern for @wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-uvhhiFaH.d.ts | AI (source-diff): TypeScript declaration files with long JSDoc lines; not obfuscated code. Stable pattern for @wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-CiTwM6RK.d.ts | AI (source-diff): TypeScript declaration files with long JSDoc lines; not obfuscated code. Stable pattern for @wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-CYE5689M.d.ts | AI (source-diff): TypeScript declaration file with long generated type union lines; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-CvrBrUxn.d.ts | AI (source-diff): TypeScript declaration file with long generated type union lines; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-CYE5689M.d.mts | AI (source-diff): TypeScript declaration file with long generated type union lines; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-CvrBrUxn.d.mts | AI (source-diff): TypeScript declaration file with long generated type union lines; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-DF4f6MQ-.d.mts | AI (source-diff): Generated TypeScript declaration file with long union types; not obfuscation. Stable pattern for Wix auto-SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-DF4f6MQ-.d.ts | AI (source-diff): Generated TypeScript declaration file with long union types; not obfuscation. Stable pattern for Wix auto-SDK packages. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-B1vkVcUV.d.ts | AI (source-diff): Generated TypeScript declaration file with long union types; not obfuscation. Stable pattern for Wix auto-SDK packages. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-B1vkVcUV.d.mts | AI (source-diff): Generated TypeScript declaration file with long union types; not obfuscation. Stable pattern for Wix auto-SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-D3uoXTdA.d.ts | AI (source-diff): TypeScript declaration files with long lines from bundled type unions; not actual obfuscation. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-BBHYv5E8.d.mts | AI (source-diff): TypeScript declaration files with long lines from bundled type unions; not actual obfuscation. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-D3uoXTdA.d.mts | AI (source-diff): TypeScript declaration files with long lines from bundled type unions; not actual obfuscation. Stable pattern for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-BBHYv5E8.d.ts | AI (source-diff): TypeScript declaration files with long lines from bundled type unions; not actual obfuscation. Stable pattern for Wix SDK packages. | ai | |
| npm-metadata | no-description | AI (npm-metadata): Stable false positive for Wix auto-generated SDK packages; no description is intentional. | ai | |
| provenance | no-provenance | AI (provenance): Wix SDK packages consistently lack provenance attestation; not a risk signal for this publisher. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Wix auto-generated SDK package; templated name, no description/repo are expected patterns for this publisher's mass-produced SDK packages. | ai | |
| source-diff | obfuscated-file:build/cjs/forms-v4-submission-submissions.universal-BqjBDIgs.d.ts | AI (source-diff): Large .d.ts TypeScript declaration file with readable JSDoc; long lines are type unions, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/es/forms-v4-submission-submissions.universal-BqjBDIgs.d.mts | AI (source-diff): Large .d.mts TypeScript declaration file with readable JSDoc; long lines are type unions, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/forms-v4-submission-submissions.universal-CKHFB4Im.d.ts | AI (source-diff): Large .d.ts TypeScript declaration file with readable JSDoc; long lines are type unions, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/es/forms-v4-submission-submissions.universal-CKHFB4Im.d.mts | AI (source-diff): Large .d.mts TypeScript declaration file with readable JSDoc; long lines are type unions, not obfuscation. | ai |
Versions (showing 20 of 20)
| Version | Deps | Published |
|---|---|---|
| 1.0.128 | 3 / 2 | |
| 1.0.127 | 3 / 2 | |
| 1.0.126 | 3 / 2 | |
| 1.0.125 | 3 / 2 | |
| 1.0.124 | 3 / 2 | |
| 1.0.123 | 3 / 2 | |
| 1.0.122 | 3 / 2 | |
| 1.0.121 | 3 / 2 | |
| 1.0.120 | 3 / 2 | |
| 1.0.119 | 3 / 2 | |
| 1.0.118 | 3 / 2 | |
| 1.0.117 | 3 / 2 | |
| 1.0.116 | 3 / 2 | |
| 1.0.115 | 3 / 2 | |
| 1.0.114 | 3 / 2 | |
| 1.0.113 | 3 / 2 | |
| 1.0.112 | 3 / 2 | |
| 1.0.111 | 3 / 2 | |
| 1.0.27 | 2 / 1 | |
| 1.0.26 | 2 / 1 |
v1.0.128
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.127
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.126
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.125
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.124
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.123
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.122
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.121
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.120
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.119
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.118
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.117
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.116
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.115
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.114
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.113
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.112
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.111
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.27
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.26
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.