All grunt-legacy-util versions
grunt-legacy-util @2.0.2
rejected
This version was rejected.
It did not pass GreenFlagged's security review and is not served by the registry.
The findings and risk dispositions below explain why.
68
Risk Score
MIT
License
No
Install Scripts
7
Dependencies
5
Dev Dependencies
8.8 KB
Package Size
Published
Some old grunt utils provided for backwards compatibility.
Maintainers
cowboykrinkletkellenvladikoffshama
Keywords
gruntlegacy
Dependencies (7)
| Package | Constraint | Registry Status |
|---|---|---|
| async | ~3.2.0 | auto_approved |
| which | ~2.0.2 | auto_approved |
| exit-x | ~0.2.2 | auto_approved |
| hooker | ~0.2.3 | auto_approved |
| lodash | ^4.18.0 | auto_approved |
| getobject | ~1.0.0 | auto_approved |
| underscore.string | ~3.3.5 | auto_approved |
Dev Dependencies (5)
| Package | Constraint | Registry Status |
|---|---|---|
| grunt | ^1.3.0 | auto_approved |
| temporary | 1.1.0 | auto_approved |
| grunt-contrib-watch | ^1.1.0 | auto_approved |
| grunt-contrib-jshint | ^3.0.0 | auto_approved |
| grunt-contrib-nodeunit | ^3.0.0 | auto_approved |
Transitive Dependency Tree
10 transitive deps
max depth 2
├─
async
~3.2.0
→ 3.2.6
├─
exit-x
~0.2.2
→ 0.2.2
├─
getobject
~1.0.0
→ 1.0.2
├─
hooker
~0.2.3
→ 0.2.3
├─
lodash
^4.18.0
→ 4.18.1
├─
underscore.string
~3.3.5
→ 3.3.6
├─
which
~2.0.2
→ 2.0.2
├─
isexe
^2.0.0
→ 2.0.0
├─
sprintf-js
^1.1.1
→ 1.1.3
├─
util-deprecate
^1.0.2
→ 1.0.2
Changes from v2.0.1
Dependency Changes
| Change | Package | Version |
|---|---|---|
| added | exit-x | ~0.2.2 |
| removed | exit | ~0.1.2 |
| changed | lodash | ~4.17.21 → ^4.18.0 |
File Changes
2 added
6 removed
5 modified
size delta: -1.1 KB
SAST Findings (2)
HIGH
Publisher changed: vladikoff → krinkle (on 2026-04-14)
provenance
This version was published by a different npm account than previous versions on 2026-04-14. This could indicate a legitimate maintainer transition or an account compromise.
LOW
No provenance attestation
provenance
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
Review Summary
Risk score: 68. Findings: 1 high (+25), 4 medium (+40), 1 low (+3).
Commit: 499310927cf2 Browse source
Published to npm: