@wix/auto_sdk_get-paid_billable-items
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:build/internal/es/billable-items-v1-billable-item-billable-items.universal-D0EZsjMw.d.mts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc comments, not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/cjs/billable-items-v1-billable-item-billable-items.universal-D0EZsjMw.d.ts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc comments, not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/billable-items-v1-billable-item-billable-items.universal-D0EZsjMw.d.ts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc comments, not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/es/billable-items-v1-billable-item-billable-items.universal-D0EZsjMw.d.mts | AI (source-diff): TypeScript declaration file with long lines from dense JSDoc comments, not obfuscated code. | ai | |
| provenance | publisher-changed | AI (provenance): Transition to wix-ci-publisher is a known Wix org-wide CI migration pattern; stable for this package family. | ai | |
| source-diff | obfuscated-file:build/es/billable-items-v1-billable-item-billable-items.universal-CWG6mEYe.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines generated by tsup; not obfuscation. | ai | |
| source-diff | obfuscated-file:build/cjs/billable-items-v1-billable-item-billable-items.universal-CWG6mEYe.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines generated by tsup; not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/billable-items-v1-billable-item-billable-items.universal-CWG6mEYe.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines generated by tsup; not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/es/billable-items-v1-billable-item-billable-items.universal-CWG6mEYe.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines generated by tsup; not obfuscation. | ai | |
| source-diff | obfuscated-file:build/cjs/billable-items-v1-billable-item-billable-items.universal-RzrzC-9-.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines; standard tsup output for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/es/billable-items-v1-billable-item-billable-items.universal-RzrzC-9-.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines; standard tsup output for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/billable-items-v1-billable-item-billable-items.universal-RzrzC-9-.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines; standard tsup output for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/es/billable-items-v1-billable-item-billable-items.universal-RzrzC-9-.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines; standard tsup output for Wix SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/billable-items-v1-billable-item-billable-items.universal-Dyc7OQHG.d.ts | AI (source-diff): Generated .d.ts type declaration with long re-export lines; standard Wix SDK build output. | ai | |
| source-diff | obfuscated-file:build/internal/billable-items-v1-billable-item-billable-items.universal-Dyc7OQHG.d.mts | AI (source-diff): Long lines in generated TypeScript declaration files are normal for Wix SDK auto-generated type bundles. | ai | |
| source-diff | obfuscated-file:build/es/billable-items-v1-billable-item-billable-items.universal-5HxHBsWd.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines; standard Wix SDK bundler output, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/billable-items-v1-billable-item-billable-items.universal-5HxHBsWd.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines; standard Wix SDK bundler output, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/cjs/billable-items-v1-billable-item-billable-items.universal-5HxHBsWd.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines; standard Wix SDK bundler output, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/es/billable-items-v1-billable-item-billable-items.universal-5HxHBsWd.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines; standard Wix SDK bundler output, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/es/billable-items-v1-billable-item-billable-items.universal-CBsiEZYZ.d.mts | AI (source-diff): Long-line TypeScript declaration file from Wix SDK codegen; not obfuscation. | ai | |
| source-diff | obfuscated-file:build/es/billable-items-v1-billable-item-billable-items.universal-CBsiEZYZ.d.mts | AI (source-diff): Long-line TypeScript declaration file from Wix SDK codegen; not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/billable-items-v1-billable-item-billable-items.universal-CBsiEZYZ.d.ts | AI (source-diff): Long-line TypeScript declaration file from Wix SDK codegen; not obfuscation. | ai | |
| source-diff | obfuscated-file:build/cjs/billable-items-v1-billable-item-billable-items.universal-CBsiEZYZ.d.ts | AI (source-diff): Long-line TypeScript declaration file from Wix SDK codegen; not obfuscation. | ai | |
| source-diff | obfuscated-file:build/es/billable-items-v1-billable-item-billable-items.universal-CL50BvcU.d.mts | AI (source-diff): TypeScript declaration file with long lines from bundled types; not obfuscated code, stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/billable-items-v1-billable-item-billable-items.universal-CL50BvcU.d.ts | AI (source-diff): TypeScript declaration file with long lines from bundled types; not obfuscated code, stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/cjs/billable-items-v1-billable-item-billable-items.universal-CL50BvcU.d.ts | AI (source-diff): TypeScript declaration file with long lines from bundled types; not obfuscated code, stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/internal/es/billable-items-v1-billable-item-billable-items.universal-CL50BvcU.d.mts | AI (source-diff): TypeScript declaration file with long lines from bundled types; not obfuscated code, stable pattern for this Wix SDK package. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/billable-items-v1-billable-item-billable-items.universal-Dmmlm4HO.d.ts | AI (source-diff): Internal CJS variant; same false positive pattern. | ai | |
| source-diff | obfuscated-file:build/es/billable-items-v1-billable-item-billable-items.universal-Dmmlm4HO.d.mts | AI (source-diff): Bundled TypeScript declaration file with long re-export lines; normal for Wix auto-generated SDK packages. | ai | |
| source-diff | obfuscated-file:build/internal/es/billable-items-v1-billable-item-billable-items.universal-Dmmlm4HO.d.mts | AI (source-diff): Same pattern as above; bundled .d.mts declaration file, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:build/es/index.d.mts | AI (source-diff): Long-line re-export barrel declaration file generated by tsup; stable pattern for this package family. | ai | |
| source-diff | obfuscated-file:build/internal/es/index.d.mts | AI (source-diff): Same as above; internal variant of the same generated declaration file. | ai | |
| source-diff | obfuscated-file:build/es/index.typings.d.mts | AI (source-diff): Generated typings barrel file; long lines are re-exports, not obfuscation. | ai | |
| source-diff | obfuscated-file:build/internal/es/index.typings.d.mts | AI (source-diff): Same pattern; internal typings barrel. | ai | |
| source-diff | obfuscated-file:build/es/meta.d.mts | AI (source-diff): Generated meta declaration file; long lines are type re-exports. | ai | |
| source-diff | obfuscated-file:build/internal/es/meta.d.mts | AI (source-diff): Same pattern; internal meta declaration. | ai | |
| source-diff | obfuscated-file:build/cjs/billable-items-v1-billable-item-billable-items.universal-Dmmlm4HO.d.ts | AI (source-diff): CJS variant of the same bundled declaration file; false positive for this package. | ai | |
| maintainer-change | maintainer-added | AI (maintainer-change): Wix org-level CI publishing; wix-org-headless is consistent with Wix's publishing infrastructure. | ai | |
| source-diff | obfuscated-file:build/internal/billable-items-v1-billable-item-billable-items.universal-CWG6mEYe.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines from tsup bundler; standard Wix SDK build output. | ai | |
| source-diff | obfuscated-file:build/billable-items-v1-billable-item-billable-items.universal-CWG6mEYe.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines from tsup bundler; standard Wix SDK build output. | ai | |
| source-diff | obfuscated-file:build/internal/index.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines from tsup bundler; standard Wix SDK build output. | ai | |
| source-diff | obfuscated-file:build/index.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines from tsup bundler; standard Wix SDK build output. | ai | |
| source-diff | obfuscated-file:build/billable-items-v1-billable-item-billable-items.universal-CWG6mEYe.d.mts | AI (source-diff): TypeScript declaration file with long re-export lines from tsup bundler; standard Wix SDK build output. | ai | |
| source-diff | obfuscated-file:build/internal/index.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines from tsup bundler; standard Wix SDK build output. | ai | |
| source-diff | obfuscated-file:build/index.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines from tsup bundler; standard Wix SDK build output. | ai | |
| source-diff | obfuscated-file:build/internal/billable-items-v1-billable-item-billable-items.universal-CWG6mEYe.d.ts | AI (source-diff): TypeScript declaration file with long re-export lines from tsup bundler; standard Wix SDK build output. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/billable-items-v1-billable-item-billable-items.universal-BP3V7EYy.d.ts | AI (source-diff): TypeScript declaration file with long lines from bundled type defs; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/cjs/billable-items-v1-billable-item-billable-items.universal-BP3V7EYy.d.ts | AI (source-diff): TypeScript declaration file with long lines from bundled type defs; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/billable-items-v1-billable-item-billable-items.universal-BP3V7EYy.d.mts | AI (source-diff): TypeScript declaration file with long lines from bundled type defs; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/es/billable-items-v1-billable-item-billable-items.universal-BP3V7EYy.d.mts | AI (source-diff): TypeScript declaration file with long lines from bundled type defs; not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/es/billable-items-v1-billable-item-billable-items.universal-DNyC-7wr.d.mts | AI (source-diff): TypeScript declaration file with long type lines; readable JSDoc content, not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/internal/cjs/billable-items-v1-billable-item-billable-items.universal-DNyC-7wr.d.ts | AI (source-diff): TypeScript declaration file with long type lines; readable JSDoc content, not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/cjs/billable-items-v1-billable-item-billable-items.universal-DNyC-7wr.d.ts | AI (source-diff): TypeScript declaration file with long type lines; readable JSDoc content, not obfuscated code. | ai | |
| source-diff | obfuscated-file:build/es/billable-items-v1-billable-item-billable-items.universal-DNyC-7wr.d.mts | AI (source-diff): TypeScript declaration file with long type lines; readable JSDoc content, not obfuscated code. Stable pattern for this auto-generated SDK package. | ai | |
| npm-metadata | no-description | AI (npm-metadata): Auto-generated Wix SDK packages consistently omit descriptions; stable false positive for this package family. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Wix auto-generated SDK packages intentionally lack descriptions, repos, and keywords; mass-production pattern is by design. | ai | |
| provenance | no-provenance | AI (provenance): Wix CI publisher does not attach Sigstore provenance; consistent across all approved Wix SDK packages. | ai |
Versions (showing 57 of 57)
| Version | Deps | Published |
|---|---|---|
| 1.0.64 | 3 / 2 | |
| 1.0.63 | 3 / 2 | |
| 1.0.62 | 3 / 2 | |
| 1.0.61 | 3 / 2 | |
| 1.0.60 | 3 / 2 | |
| 1.0.59 | 2 / 2 | |
| 1.0.58 | 2 / 2 | |
| 1.0.57 | 2 / 2 | |
| 1.0.56 | 2 / 2 | |
| 1.0.55 | 2 / 2 | |
| 1.0.54 | 2 / 2 | |
| 1.0.53 | 2 / 2 | |
| 1.0.52 | 2 / 2 | |
| 1.0.51 | 2 / 2 | |
| 1.0.50 | 2 / 2 | |
| 1.0.49 | 2 / 2 | |
| 1.0.48 | 2 / 2 | |
| 1.0.47 | 2 / 2 | |
| 1.0.46 | 2 / 2 | |
| 1.0.45 | 2 / 2 | |
| 1.0.44 | 2 / 2 | |
| 1.0.43 | 2 / 2 | |
| 1.0.42 | 2 / 2 | |
| 1.0.41 | 2 / 2 | |
| 1.0.40 | 2 / 2 | |
| 1.0.39 | 2 / 2 | |
| 1.0.38 | 2 / 2 | |
| 1.0.37 | 2 / 2 | |
| 1.0.36 | 2 / 2 | |
| 1.0.35 | 2 / 2 | |
| 1.0.34 | 2 / 2 | |
| 1.0.33 | 2 / 2 | |
| 1.0.32 | 2 / 2 | |
| 1.0.31 | 2 / 2 | |
| 1.0.30 | 2 / 2 | |
| 1.0.29 | 2 / 2 | |
| 1.0.28 | 2 / 2 | |
| 1.0.27 | 2 / 2 | |
| 1.0.26 | 2 / 2 | |
| 1.0.25 | 2 / 2 | |
| 1.0.24 | 2 / 2 | |
| 1.0.23 | 2 / 2 | |
| 1.0.22 | 2 / 2 | |
| 1.0.21 | 2 / 2 | |
| 1.0.20 | 2 / 2 | |
| 1.0.19 | 2 / 2 | |
| 1.0.18 | 2 / 1 | |
| 1.0.17 | 2 / 1 | |
| 1.0.16 | 2 / 1 | |
| 1.0.15 | 2 / 1 | |
| 1.0.14 | 2 / 1 | |
| 1.0.13 | 2 / 1 | |
| 1.0.12 | 2 / 1 | |
| 1.0.11 | 2 / 1 | |
| 1.0.10 | 2 / 1 | |
| 1.0.9 | 2 / 1 | |
| 1.0.8 | 2 / 1 |
v1.0.64
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.63
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.62
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.61
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.60
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.59
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.58
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.57
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.56
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.55
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.54
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.53
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.52
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.51
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.50
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.49
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.48
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.47
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.46
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.45
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.44
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.43
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.42
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.41
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.40
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.39
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.38
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.37
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.36
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.35
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.34
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.33
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.32
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.31
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.30
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.29
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.28
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.27
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.26
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.25
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.24
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.23
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.22
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.21
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.20
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.19
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.18
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.17
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.16
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.15
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.14
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.13
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.12
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.11
1 finding[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.10
2 findingsThis version was published by a different npm account than previous versions on 2025-05-06. This could indicate a legitimate maintainer transition or an account compromise.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.9
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.8
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.