simple-table-core
Simple Table: A lightweight, free framework-agnostic data grid and table component with TypeScript support, sorting, filtering, and virtualization. Works with vanilla JS/TypeScript, React, Vue, Angular, Svelte, and Solid.
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/cjs/index-7f1ba462.js | AI (source-diff): Standard rollup minified bundle; TypeScript helpers visible in sample. | ai | |
| source-diff | obfuscated-file:dist/index-80318b04.js | AI (source-diff): Standard rollup minified bundle; TypeScript helpers visible in sample. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-8d3a0d83.js | AI (source-diff): Standard rollup minified React component; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-7dba57a6.js | AI (source-diff): Standard rollup minified React component; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-e0379c0f.js | AI (source-diff): Rollup CJS bundle of main library; sample shows standard TypeScript helpers and React imports only. | ai | |
| source-diff | obfuscated-file:dist/index-fe1a2c58.js | AI (source-diff): Rollup ESM bundle of main library; same pattern as CJS counterpart, no malicious code. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-7bfd609b.js | AI (source-diff): Standard rollup minification of a React DatePicker component; no malicious patterns in sample. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-91f87634.js | AI (source-diff): ESM build of same DatePicker component; minified but benign. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-30799710.js | AI (source-diff): Standard rollup minification of a React DatePicker component; no malicious patterns in code. | ai | |
| source-diff | obfuscated-file:dist/index-a69df6ad.js | AI (source-diff): Rollup-minified ESM main bundle; same pattern as CJS variant, benign. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-0483e756.js | AI (source-diff): Rollup-minified CJS main bundle; standard TypeScript helpers and React imports, no malicious code. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-36cb4ee7.js | AI (source-diff): CJS variant of the same DatePicker bundle; benign minified UI code. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-294dbb13.js | AI (source-diff): Standard rollup minification of a DatePicker React component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-ca926b64.js | AI (source-diff): CJS build of same main bundle; standard minification artifact. | ai | |
| source-diff | obfuscated-file:dist/index-bcb6290f.js | AI (source-diff): Rollup-minified main bundle with TypeScript helpers and React hooks; no suspicious code. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-a432451c.js | AI (source-diff): ESM build of same DatePicker component; normal minified output. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-00096a9d.js | AI (source-diff): Standard rollup-minified React DatePicker component; no suspicious network/exec patterns. | ai | |
| source-diff | obfuscated-file:dist/index-c2f46c58.js | AI (source-diff): Standard rollup-minified ESM bundle with TypeScript helpers; no suspicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-aed12af6.js | AI (source-diff): Standard rollup-minified CJS bundle with TypeScript helpers; no suspicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-a5056e77.js | AI (source-diff): Standard rollup-minified React DatePicker component (ESM variant); no suspicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-bcfb58e0.js | AI (source-diff): Standard Rollup CJS minified bundle with React imports and TypeScript helpers; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-81da75ad.js | AI (source-diff): Standard Rollup minified bundle with React imports and TypeScript helpers; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-eefb2848.js | AI (source-diff): Standard Rollup minified output for a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-75d5370f.js | AI (source-diff): Standard Rollup minified output for a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-85f9b4fe.js | AI (source-diff): Standard rollup-minified CJS bundle; TypeScript helpers and React imports only. | ai | |
| source-diff | obfuscated-file:dist/index-3ee6f1b1.js | AI (source-diff): Standard rollup-minified main bundle; TypeScript helpers and React imports only. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-63405e18.js | AI (source-diff): Standard rollup-minified React component; no malicious patterns in sample. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-53dd311c.js | AI (source-diff): Standard rollup-minified React component; no malicious patterns in sample. | ai | |
| source-diff | obfuscated-file:dist/index-c2457219.js | AI (source-diff): Standard Rollup minified ESM bundle with TypeScript helpers and React hooks; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-73e2d4c3.js | AI (source-diff): Standard Rollup minified ESM output for a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-764885f1.js | AI (source-diff): Standard Rollup minified CJS bundle with TypeScript helpers and React hooks; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-163f1691.js | AI (source-diff): Standard Rollup minified output for a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-20423ac1.js | AI (source-diff): Standard Rollup minified CJS bundle; readable React/TS helpers visible in sample. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-106e00e9.js | AI (source-diff): Standard Rollup minified output for a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-302960f9.js | AI (source-diff): Standard Rollup minified ESM output for a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-4f66177b.js | AI (source-diff): Standard Rollup minified ESM bundle; readable React/TS helpers visible in sample. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-9d5825ee.js | AI (source-diff): Standard rollup minified React component; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-3d0a5721.js | AI (source-diff): Standard rollup minified React component; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-63f4ad95.js | AI (source-diff): Standard rollup CJS minified bundle; readable React/TS compiled output. | ai | |
| source-diff | obfuscated-file:dist/index-57a11501.js | AI (source-diff): Standard rollup minified bundle; readable React/TS compiled output. | ai | |
| source-diff | obfuscated-file:dist/index-ec1160cd.js | AI (source-diff): Standard Rollup ESM minified bundle; readable TypeScript-compiled React code, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-572775b6.js | AI (source-diff): Standard Rollup minified React component output; not obfuscated, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-755c37a5.js | AI (source-diff): Standard Rollup CJS minified React component output; not obfuscated, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-1e3c3e68.js | AI (source-diff): Standard Rollup CJS minified bundle; readable TypeScript-compiled React code, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-d578a077.js | AI (source-diff): Standard Rollup CJS bundle for the main library; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-2bf0d1e9.js | AI (source-diff): Standard Rollup ESM bundle for the main library; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-ed669353.js | AI (source-diff): Standard Rollup ESM minified output for DatePicker; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-4b10bbd8.js | AI (source-diff): Standard Rollup minified output for a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-93e0f4c4.js | AI (source-diff): Standard rollup-minified React component; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-b28f705c.js | AI (source-diff): Standard rollup-minified CJS bundle; TypeScript helpers and React imports visible in sample. | ai | |
| source-diff | obfuscated-file:dist/index-33c4178f.js | AI (source-diff): Standard rollup-minified bundle; TypeScript helpers and React imports visible in sample. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-947629c5.js | AI (source-diff): Standard rollup-minified React component; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:dist/index-8220459f.js | AI (source-diff): ESM bundle chunk; same pattern as CJS counterpart, legitimate rollup output. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-26e3b588.js | AI (source-diff): CJS bundle chunk; samples show standard TypeScript helpers and React imports, not malicious code. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-5c93fbcb.js | AI (source-diff): ESM build of the same DatePicker component; minified by rollup-plugin-terser as expected. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-18ce31ec.js | AI (source-diff): Standard rollup minified React component; samples show legitimate DatePicker UI code, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-61194f75.js | AI (source-diff): Standard Rollup minified output for a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-a9068e41.js | AI (source-diff): CJS Rollup minified build of DatePicker; same benign pattern as ESM counterpart. | ai | |
| source-diff | obfuscated-file:dist/index-303cd563.js | AI (source-diff): Rollup-bundled main ESM entry; contains standard TypeScript helpers and React hooks, no malicious code. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-c75ad7c5.js | AI (source-diff): Rollup-bundled CJS entry; same benign minified pattern as ESM counterpart. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-34b11024.js | AI (source-diff): Rollup-minified CJS main bundle; sample shows standard TypeScript helpers and React imports only. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-f57c6bd2.js | AI (source-diff): CJS variant of the same DatePicker bundle; minified but benign UI code. | ai | |
| source-diff | obfuscated-file:dist/index-fa8112d6.js | AI (source-diff): Rollup-minified ESM main bundle; same pattern as CJS counterpart, no suspicious code. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-6dedf748.js | AI (source-diff): Standard rollup minification of a React DatePicker component; no malicious patterns in sample. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-ff57df85.js | AI (source-diff): Standard Rollup CJS minified output; samples show legitimate React DatePicker component code. | ai | |
| source-diff | obfuscated-file:dist/index-6e521443.js | AI (source-diff): Standard Rollup minified bundle; samples show legitimate React utility/helper code. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-88c874db.js | AI (source-diff): Standard Rollup CJS minified bundle; samples show legitimate React utility/helper code. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-27185b51.js | AI (source-diff): Standard Rollup minified output; samples show legitimate React DatePicker component code. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-1a1c3d56.js | AI (source-diff): Rollup-minified CJS bundle with standard TS helpers and React imports; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-40d32ad1.js | AI (source-diff): Rollup-minified ESM bundle; same TS helpers pattern, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-b7644a04.js | AI (source-diff): Standard Rollup minified output; readable React DatePicker component, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-fdd74313.js | AI (source-diff): CJS equivalent of the same minified DatePicker; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-61d26e91.js | AI (source-diff): Standard Rollup minified bundle with TypeScript helpers and React imports; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-bda88aae.js | AI (source-diff): Standard Rollup minified bundle with TypeScript helpers and React imports; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-4cd71e3e.js | AI (source-diff): Standard Rollup minified output for a DatePicker component; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-90d135e4.js | AI (source-diff): Standard Rollup minified output for a DatePicker component; no malicious patterns in samples. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-7cf6c550.js | AI (source-diff): Standard rollup-minified bundle output; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-629ca593.js | AI (source-diff): Standard rollup-minified React component; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/index-9c30fe58.js | AI (source-diff): Standard rollup-minified bundle output; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-447a7ab5.js | AI (source-diff): Standard rollup-minified React component; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-f301a9e9.js | AI (source-diff): Standard Rollup CJS minified bundle; readable React/TS patterns, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-53f14590.js | AI (source-diff): Standard Rollup minified output; readable React component code, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-b003d0e6.js | AI (source-diff): Standard Rollup minified output; readable React component code, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/index-4950c0c9.js | AI (source-diff): Standard Rollup minified bundle; readable React/TS patterns, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-9d58037e.js | AI (source-diff): ESM build of same DatePicker component; minified by rollup-plugin-terser. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-4e57944d.js | AI (source-diff): Standard rollup-minified React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-c670ccb7.js | AI (source-diff): ESM bundle equivalent; same pattern, legitimate build output. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-6e0a3bca.js | AI (source-diff): CJS bundle with standard TS helpers and React hooks; minified build artifact. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-7aa8b824.js | AI (source-diff): Standard rollup-minified React component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-1ecdeb5c.js | AI (source-diff): Rollup-minified ESM bundle with standard TS helpers; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-0a0b3816.js | AI (source-diff): Rollup-minified CJS bundle with standard TS helpers; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-7d666e19.js | AI (source-diff): CJS equivalent of the same minified DatePicker component; benign. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-7995d91f.js | AI (source-diff): Standard Rollup minified output; CJS variant of the same DatePicker component. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-7da7745f.js | AI (source-diff): Standard Rollup minified CJS bundle; same pattern as ESM counterpart. | ai | |
| source-diff | obfuscated-file:dist/index-2602acfc.js | AI (source-diff): Standard Rollup minified bundle; contains recognizable React/TypeScript helpers. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-7353507b.js | AI (source-diff): Standard Rollup minified output; code is readable React component logic, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-e3d4002e.js | AI (source-diff): Standard rollup minified React component; no malicious patterns in code. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-aaa9b53c.js | AI (source-diff): Standard rollup minified CJS bundle; no malicious patterns in code. | ai | |
| source-diff | obfuscated-file:dist/index-1c9ecfde.js | AI (source-diff): Standard rollup minified main bundle; no malicious patterns in code. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-61718852.js | AI (source-diff): Standard rollup minified React component; no malicious patterns in code. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-b678e814.js | AI (source-diff): Standard rollup-minified React DatePicker component (ESM variant); no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-fa1fc5a1.js | AI (source-diff): Standard rollup-minified React library bundle (ESM variant); no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-d8d5ef6c.js | AI (source-diff): Standard rollup-minified React library bundle with TypeScript helpers; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-89124a06.js | AI (source-diff): Standard rollup-minified React DatePicker component; no malicious patterns in code. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-8163635f.js | AI (source-diff): Standard rollup-minified React component; ESM variant of DatePicker, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-465dd982.js | AI (source-diff): Standard rollup-minified React component; samples show legitimate DatePicker UI code, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-db189241.js | AI (source-diff): Standard rollup-minified ESM bundle; samples show TypeScript helpers and React imports, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-5184b2c3.js | AI (source-diff): Standard rollup-minified CJS bundle; samples show TypeScript helpers and React imports, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-dfb9eb77.js | AI (source-diff): Standard rollup minified React component; no malicious patterns in sample. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-0a687b78.js | AI (source-diff): Standard rollup minified React component; no malicious patterns in sample. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-b9be7b34.js | AI (source-diff): Standard rollup CJS minified bundle; TypeScript helpers and React imports visible in sample. | ai | |
| source-diff | obfuscated-file:dist/index-375d4274.js | AI (source-diff): Standard rollup minified bundle; TypeScript helpers and React imports visible in sample. | ai | |
| source-diff | obfuscated-file:dist/index-9b26781f.js | AI (source-diff): ESM bundle with TypeScript helpers and React imports; standard rollup output. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-1258c9e1.js | AI (source-diff): CJS bundle with TypeScript helpers and React imports; standard rollup output. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-822f2965.js | AI (source-diff): CJS build of same DatePicker component; minified by rollup-plugin-terser. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-46df397c.js | AI (source-diff): Standard rollup minification of a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-39a8e414.js | AI (source-diff): Standard Rollup minified output for a React DatePicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-d66a2fd0.js | AI (source-diff): Rollup CJS bundle for the main table library; contains only React component code. | ai | |
| source-diff | obfuscated-file:dist/index-c60e71e8.js | AI (source-diff): Rollup ESM bundle for the main table library; contains only React component code. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-c4976426.js | AI (source-diff): CJS Rollup minified output for the same DatePicker; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-f2712b1a.js | AI (source-diff): Standard Rollup minified output for a React datepicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-b5410003.js | AI (source-diff): Standard Rollup minified ES module bundle; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-8108a597.js | AI (source-diff): Standard Rollup minified bundle for a React table library; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-26a7197f.js | AI (source-diff): Standard Rollup minified output for a React datepicker component; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-f46021b7.js | AI (source-diff): Standard rollup-minified React component (ESM); no malicious patterns in sample. | ai | |
| provenance | publisher-changed | AI (provenance): Transition to GitHub Actions CI publishing with SLSA provenance; legitimate automation pattern. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-d36513b2.js | AI (source-diff): Standard rollup-minified CJS bundle; sample shows normal TypeScript helpers and React imports. | ai | |
| source-diff | obfuscated-file:dist/index-0667bbe7.js | AI (source-diff): Standard rollup-minified main bundle; sample shows normal TypeScript helpers and React imports. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-9c49274c.js | AI (source-diff): Standard rollup-minified React component; no malicious patterns in sample. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-8853a05d.js | AI (source-diff): Standard rollup minified React DatePicker ESM build; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-a82ee694.js | AI (source-diff): Standard rollup minified CJS main bundle; TypeScript helpers and React imports only. | ai | |
| source-diff | obfuscated-file:dist/index-2a41da3c.js | AI (source-diff): Standard rollup minified main library bundle; TypeScript helpers and React imports only. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-5fd13188.js | AI (source-diff): Standard rollup minified React DatePicker component; no malicious patterns in code. | ai | |
| source-diff | obfuscated-file:dist/cjs/DatePicker-5e778b54.js | AI (source-diff): Standard rollup minified output for a React DatePicker component; no malicious patterns in code. | ai | |
| source-diff | obfuscated-file:dist/cjs/index-cfc64208.js | AI (source-diff): CJS build of main entry; standard minified output with no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-76d75f7a.js | AI (source-diff): Rollup-bundled main ESM entry; contains standard React hooks and TypeScript helpers, no suspicious code. | ai | |
| source-diff | obfuscated-file:dist/DatePicker-b2db920a.js | AI (source-diff): ESM build of the same DatePicker component; minified but benign UI logic. | ai | |
| provenance | missing-githead | AI (provenance): SLSA provenance attestation present; gitHead absence is a minor metadata gap, not a supply-chain risk. | ai |
Versions (showing 50 of 50)
| Version | Deps | Published |
|---|---|---|
| 3.6.3 | 0 / 26 | |
| 3.6.2 | 0 / 26 | |
| 3.5.3 | 0 / 26 | |
| 3.5.2 | 0 / 26 | |
| 3.4.2 | 0 / 26 | |
| 3.0.0 | 0 / 26 | |
| 2.6.3 | 0 / 36 | |
| 2.5.6 | 0 / 36 | |
| 2.5.0 | 0 / 36 | |
| 2.4.7 | 0 / 36 | |
| 2.4.5 | 0 / 36 | |
| 2.4.4 | 0 / 36 | |
| 2.4.3 | 0 / 36 | |
| 2.4.2 | 0 / 36 | |
| 2.3.6 | 0 / 36 | |
| 2.3.1 | 0 / 36 | |
| 2.3.0 | 0 / 36 | |
| 2.2.9 | 0 / 36 | |
| 2.2.7 | 0 / 36 | |
| 2.2.6 | 0 / 36 | |
| 2.2.5 | 0 / 36 | |
| 2.2.3 | 0 / 36 | |
| 2.1.9 | 0 / 36 | |
| 2.1.8 | 0 / 36 | |
| 2.1.7 | 0 / 36 | |
| 2.1.5 | 0 / 36 | |
| 2.0.8 | 0 / 36 | |
| 2.0.7 | 0 / 36 | |
| 2.0.6 | 0 / 36 | |
| 2.0.5 | 0 / 36 | |
| 1.9.5 | 0 / 36 | |
| 1.9.4 | 0 / 36 | |
| 1.9.0 | 0 / 36 | |
| 1.8.7 | 0 / 36 | |
| 1.8.4 | 0 / 36 | |
| 1.8.1 | 0 / 36 | |
| 1.8.0 | 0 / 36 | |
| 1.7.9 | 0 / 36 | |
| 1.7.8 | 0 / 36 | |
| 1.7.5 | 0 / 36 | |
| 1.7.2 | 0 / 36 | |
| 1.7.1 | 0 / 36 | |
| 1.7.0 | 0 / 36 | |
| 1.6.9 | 0 / 36 | |
| 1.6.8 | 0 / 36 | |
| 1.6.7 | 0 / 36 | |
| 1.6.6 | 0 / 36 | |
| 1.6.5 | 0 / 36 | |
| 1.6.4 | 0 / 36 | |
| 1.6.3 | 0 / 36 |
v3.6.3
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v3.6.2
2 findingsPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: petera2c.
v3.5.3
2 findingsPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: petera2c.
v3.5.2
2 findingsPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
[Accepted risk] This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: petera2c.
v3.4.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.5.6
6 findingsThis version was published by a different npm account than previous versions on 2026-03-09. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.5.0
6 findingsThis version was published by a different npm account than previous versions on 2026-02-23. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.4.7
6 findingsThis version was published by a different npm account than previous versions on 2026-02-16. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.4.5
6 findingsThis version was published by a different npm account than previous versions on 2026-02-16. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.4.4
6 findingsThis version was published by a different npm account than previous versions on 2026-02-11. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.4.3
6 findingsThis version was published by a different npm account than previous versions on 2026-02-09. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.4.2
6 findingsThis version was published by a different npm account than previous versions on 2026-02-06. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.3.6
6 findingsThis version was published by a different npm account than previous versions on 2026-02-01. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.3.1
6 findingsThis version was published by a different npm account than previous versions on 2026-01-31. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.3.0
6 findingsThis version was published by a different npm account than previous versions on 2026-01-29. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.9
6 findingsThis version was published by a different npm account than previous versions on 2026-01-28. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.7
6 findingsThis version was published by a different npm account than previous versions on 2026-01-25. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.6
6 findingsThis version was published by a different npm account than previous versions on 2026-01-25. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.5
6 findingsThis version was published by a different npm account than previous versions on 2026-01-25. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.2.3
6 findingsThis version was published by a different npm account than previous versions on 2026-01-24. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.9
6 findingsThis version was published by a different npm account than previous versions on 2026-01-13. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.8
6 findingsThis version was published by a different npm account than previous versions on 2026-01-10. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.7
6 findingsThis version was published by a different npm account than previous versions on 2026-01-08. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.1.5
6 findingsThis version was published by a different npm account than previous versions on 2026-01-06. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.0.8
6 findingsThis version was published by a different npm account than previous versions on 2025-12-26. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.0.7
6 findingsThis version was published by a different npm account than previous versions on 2025-12-26. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.0.6
6 findingsThis version was published by a different npm account than previous versions on 2025-12-22. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v2.0.5
6 findingsThis version was published by a different npm account than previous versions on 2025-12-22. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.9.5
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.9.4
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.9.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.8.7
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.8.4
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.8.1
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.8.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.9
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.8
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.5
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.2
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.1
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.7.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.6.9
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.6.8
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.6.7
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.6.6
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.6.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.6.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.6.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.