All perfect-scrollbar versions
perfect-scrollbar @1.5.6
rejected
This version was rejected.
It did not pass GreenFlagged's security review and is not served by the registry.
The findings and risk dispositions below explain why.
83
Risk Score
MIT
License
No
Install Scripts
0
Dependencies
6
Dev Dependencies
101.1 KB
Package Size
Published
Minimalistic but perfect custom scrollbar plugin
Maintainers
piotrguscioramakusref10r-jackoiprzybyszrafalseifertmako3577trochonovitzjuujisaishigure92mleciejewskibwskyascensussmolenski-mikolajmdbootstrapfkappaaidzikowskigbujanski
Keywords
frontendscrollscrollbar
Dev Dependencies (6)
| Package | Constraint | Registry Status |
|---|---|---|
| rollup | ^1.27.8 | auto_approved |
| prettier | ^1.19.1 | auto_approved |
| chokidar-cli | ^2.1.0 | pending |
| rollup-plugin-babel | ^4.3.3 | auto_approved |
| rollup-plugin-buble | ^0.19.8 | auto_approved |
| rollup-plugin-babel-minify | ^9.1.1 | pending |
Changes from v1.5.5
No metadata changes detected.
File Changes
0 added
0 removed
18 modified
size delta: +8.3 KB
SAST Findings (3)
HIGH
Publisher changed: bwsky → shigure92 (on 2024-10-29)
provenance
This version was published by a different npm account than previous versions on 2024-10-29. This could indicate a legitimate maintainer transition or an account compromise.
HIGH
Unclaimed maintainer email domain: noraesae.net
email-domain
Maintainer email '[email protected]' uses domain 'noraesae.net' which has no DNS records. An attacker could register this domain to hijack the maintainer identity.
LOW
No provenance attestation
provenance
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
Review Summary
Risk score: 83. Findings: 2 high (+50), 3 medium (+30), 1 low (+3).
Commit: 48fb8ce6db3d Browse source
Published to npm: