botframework-webchat-component
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | net-exec-file:dist/chunk-UNHT2RU3.mjs | AI (source-diff): Standard bundled React/component output; no actual dropper pattern — false positive for this package. | ai | |
| source-diff | net-exec-file:dist/chunk-F7UWMCXK.mjs | AI (source-diff): Standard bundled React/component output; no actual dropper pattern — false positive for this package. | ai | |
| source-diff | net-exec-file:dist/chunk-UQHIWKDV.js | AI (source-diff): Standard bundled React/component output; no actual dropper pattern — false positive for this package. | ai | |
| phantom-deps | phantom-dep:punycode | AI (phantom-deps): punycode is a declared peer/polyfill dep used indirectly via bundled deps; stable false positive for this package. | ai | |
| source-diff | net-exec-file:dist/chunk-2YUBQM5B.js | AI (source-diff): Standard bundled React/component output; no actual dropper pattern — false positive for this package. | ai | |
| source-diff | obfuscated-file:dist/hook-B7KuomGm.d.mts | AI (source-diff): Long-line type declaration file from bundled .d.ts rollup; not obfuscation. | ai | |
| source-diff | net-exec-file:dist/chunk-U6OWCHTQ.js | AI (source-diff): Bundled React component chunk; standard build artifact for this Microsoft package. | ai | |
| source-diff | net-exec-file:dist/chunk-VDF6GQAL.js | AI (source-diff): Bundled React component chunk; standard build artifact for this Microsoft package. | ai | |
| source-diff | net-exec-file:dist/chunk-A4NDFSZM.mjs | AI (source-diff): Bundled ESM chunk; standard build artifact for this Microsoft package. | ai | |
| source-diff | net-exec-file:dist/chunk-GTOP3WPD.mjs | AI (source-diff): Bundled ESM chunk; standard build artifact for this Microsoft package. | ai | |
| source-diff | net-exec-file:dist/chunk-I6DJ35K3.mjs | AI (source-diff): Bundled ESM chunk; standard build artifact for this Microsoft package. | ai | |
| source-diff | net-exec-file:dist/chunk-TMUNLKZW.js | AI (source-diff): Bundled React/core-js polyfill chunk; network+exec pattern is from bundled globalThis detection, not malware. | ai | |
| source-diff | obfuscated-file:dist/botframework-webchat-component.decorator.js | AI (source-diff): Standard minified build output for this Microsoft package; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/botframework-webchat-component.hook.js | AI (source-diff): Standard minified build output for this Microsoft package; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/botframework-webchat-component.decorator.mjs | AI (source-diff): Standard minified build output for this Microsoft package; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/botframework-webchat-component.hook.mjs | AI (source-diff): Standard minified build output for this Microsoft package; not obfuscation. | ai | |
| source-diff | encoded-string-file:dist/botframework-webchat-component.mjs | AI (source-diff): Long strings in bundled ESM output are minified identifiers/imports, not encoded payloads; stable pattern for this package. | ai | |
| phantom-deps | phantom-dep:redux | AI (phantom-deps): Bundled/re-exported in component package; not a real phantom dep for this package. | ai | |
| phantom-deps | phantom-dep:react-chain-of-responsibility | AI (phantom-deps): Bundled/re-exported in component package; stable false positive. | ai | |
| phantom-deps | phantom-dep:react-redux | AI (phantom-deps): Bundled/re-exported in component package; stable false positive. | ai | |
| phantom-deps | phantom-dep:valibot | AI (phantom-deps): Bundled/re-exported in component package; stable false positive. | ai |
Versions (showing 4 of 4)
| Version | Deps | Published |
|---|---|---|
| 4.19.1 | 28 / 21 | |
| 4.19.0 | 28 / 20 | |
| 4.18.2 | 24 / 16 | |
| 4.18.1 | 24 / 16 |
v4.19.1
5 findingsNewly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.19.0
13 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
This version was published by a different npm account (microsoft1es) than the most recent previously approved version (compulim) on 2026-05-25, but microsoft1es is listed as a maintainer on prior approved versions (matched on name). This looks like a manual publish by a known maintainer rather than a publisher change. Recorded as INFO for audit trail.
v4.18.2
2 findingsModified file contains 2 long encoded string(s) (200+ chars). These are commonly used to hide malicious payloads.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.18.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.