tsx
TypeScript Execute (tsx): Node.js enhanced with esbuild to run TypeScript & ESM files
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/register-DGGDIH95.mjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-CCR7NebB.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-BujtrvNV.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-Bx9fr_2c.mjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/index-Bia2-NES.cjs | AI (source-diff): Minified esbuild bundle output; standard for this package. | ai | |
| source-diff | obfuscated-file:dist/index-Cc3P9shY.mjs | AI (source-diff): Minified esbuild bundle output (ESM variant); standard for this package. | ai | |
| source-diff | obfuscated-file:dist/register-DpmFHar1.cjs | AI (source-diff): Standard minified build output for this bundled TypeScript runner; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/register-DvZgvjmQ.mjs | AI (source-diff): Standard minified build output for this bundled TypeScript runner; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/register-DS4vlmcl.mjs | AI (source-diff): Minified esbuild bundle output; standard for tsx's build process. | ai | |
| source-diff | obfuscated-file:dist/register-CBZjvfJi.cjs | AI (source-diff): Minified esbuild bundle output; standard for tsx's build process. | ai | |
| source-diff | obfuscated-file:dist/register-DCnOAxY2.cjs | AI (source-diff): Standard minified bundle output for tsx; stable pattern across versions. | ai | |
| source-diff | obfuscated-file:dist/register-C3TE0KFF.mjs | AI (source-diff): Standard minified bundle output for tsx; stable pattern across versions. | ai | |
| source-diff | obfuscated-file:dist/index-DlKgSVBb.mjs | AI (source-diff): Standard minified bundle output for tsx; stable pattern across versions. | ai | |
| source-diff | obfuscated-file:dist/index-B4SIRlEU.cjs | AI (source-diff): Standard minified bundle output for tsx; stable pattern across versions. | ai | |
| source-diff | obfuscated-file:dist/register-D67L7oEZ.mjs | AI (source-diff): Standard esbuild/rollup minified bundle output; expected for tsx. | ai | |
| source-diff | obfuscated-file:dist/register-Bo2dRDYj.cjs | AI (source-diff): Standard esbuild/rollup minified bundle output; expected for tsx. | ai | |
| source-diff | obfuscated-file:dist/register-C2g7M6YI.cjs | AI (source-diff): Standard esbuild-minified bundle output for this package; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/register-g_8vP_GS.mjs | AI (source-diff): Standard esbuild-minified bundle output for this package; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/index-ChD_tbum.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/index-BkHh9MqW.mjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-r6_z3d2_.mjs | AI (source-diff): Standard esbuild-bundled output for tsx; minified but readable, no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/register-DBk1V6ja.cjs | AI (source-diff): Standard esbuild-bundled output for tsx; minified but readable, no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/index-D78kOPjy.cjs | AI (source-diff): Bundled/minified dist output; standard for this package across versions. | ai | |
| source-diff | obfuscated-file:dist/index-NttFZkao.mjs | AI (source-diff): Bundled/minified dist output; standard for this package across versions. | ai | |
| source-diff | obfuscated-file:dist/register-DtHqcj80.cjs | AI (source-diff): Standard minified build output for this package; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/register-BfpRDwkg.mjs | AI (source-diff): Standard minified build output for this package; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/index-CJbZ7IJL.mjs | AI (source-diff): ESM counterpart of the same minified bundle; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-jh-ATHNL.cjs | AI (source-diff): Minified build output from esbuild bundling; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/index-pXXwBF3_.mjs | AI (source-diff): ESM counterpart of same bundled build output; stable false positive. | ai | |
| source-diff | obfuscated-file:dist/index-DN-8uhc2.cjs | AI (source-diff): Bundled build output for established TS runner; filenames rotate per build, stable false positive. | ai | |
| source-diff | obfuscated-file:dist/register-CsuuwcV9.mjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-DfubRCxM.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/index-C1vsvhPH.cjs | AI (source-diff): Standard bundled/minified build output for tsx; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/register-BPRJR7M6.cjs | AI (source-diff): Standard bundled/minified build output for tsx; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-CEhzVOC2.mjs | AI (source-diff): Standard bundled/minified ESM build output for tsx; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/index-CteD9jHM.mjs | AI (source-diff): Bundled esbuild output (ESM variant); standard for this package. | ai | |
| source-diff | obfuscated-file:dist/index-BIzNEUOn.cjs | AI (source-diff): Bundled esbuild output; standard for this package's build pipeline. | ai | |
| source-diff | obfuscated-file:dist/register-DN7TyS4O.cjs | AI (source-diff): Standard esbuild-minified bundle; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-LkOjbAbu.mjs | AI (source-diff): Standard esbuild-minified bundle; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/index-DTCJysGI.cjs | AI (source-diff): Standard esbuild-bundled output for this package; long lines are minification, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/index-DiuW-CAd.mjs | AI (source-diff): ESM counterpart of the same bundled output; minified, not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/register-C7LcYufD.cjs | AI (source-diff): Minified register module; standard for tsx's build output. | ai | |
| source-diff | obfuscated-file:dist/register-D0vSB4CG.mjs | AI (source-diff): ESM counterpart of register module; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/index-BWOq89IJ.cjs | AI (source-diff): Minified build output from esbuild bundler; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/index-Wyzp0xEz.mjs | AI (source-diff): ESM counterpart of the same minified bundle; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-CokLFfa9.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-C9YcC9Bn.mjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-C1urN2EO.cjs | AI (source-diff): Minified CJS register module; stable build artifact pattern. | ai | |
| source-diff | obfuscated-file:dist/index-DeKCL_WS.mjs | AI (source-diff): Standard minified bundle output for tsx; stable false positive. | ai | |
| source-diff | obfuscated-file:dist/index-BsW12Ot9.cjs | AI (source-diff): Standard minified bundle output for tsx; stable false positive. | ai | |
| source-diff | obfuscated-file:dist/register-D46En2W-.mjs | AI (source-diff): Minified ESM register module; stable build artifact. | ai | |
| source-diff | obfuscated-file:dist/index-CoHsQGpm.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/index-BQiEz0On.mjs | AI (source-diff): ESM counterpart of the same minified bundle; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/register-C5rhrsRW.cjs | AI (source-diff): Minified CJS register module; stable build artifact. | ai | |
| source-diff | obfuscated-file:dist/index-CLWE53E9.cjs | AI (source-diff): Standard esbuild-bundled output for this package; minified but not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/index-BUWCPB1Z.mjs | AI (source-diff): ESM counterpart of the same bundled output; minified but not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/register-CqMfTiWi.mjs | AI (source-diff): Minified build output from esbuild bundling; standard for this package across versions. | ai | |
| source-diff | obfuscated-file:dist/register-CKju0f8h.cjs | AI (source-diff): Minified build output from esbuild bundling; standard for this package across versions. | ai | |
| source-diff | obfuscated-file:dist/register-CHVGxKtC.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-D_B8UL5H.mjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-BOkp8V6j.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-Ddio2Vih.mjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-DS7J8l_a.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-BnTWPeIB.mjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/index-D9F1FXzN.cjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/index-XurvG3JN.mjs | AI (source-diff): Standard esbuild-minified bundle output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/register-B4MtRGQg.cjs | AI (source-diff): Standard esbuild-bundled output for this package; stable false positive. | ai | |
| source-diff | obfuscated-file:dist/register-oEokg99B.cjs | AI (source-diff): Standard esbuild-bundled output for this package; stable false positive. | ai | |
| source-diff | obfuscated-file:dist/register-BmBLtb39.mjs | AI (source-diff): Standard esbuild-bundled output for this package; stable false positive. | ai | |
| source-diff | obfuscated-file:dist/register-HCiphi1e.mjs | AI (source-diff): Standard esbuild-bundled output for this package; stable false positive. | ai | |
| provenance | publisher-changed | AI (provenance): Transition to GitHub Actions CI/CD publishing with SLSA provenance; stable for this package. | ai | |
| publish-pattern | dormant-publish | AI (publish-pattern): Established package with provenance; dormancy is normal release cadence variation. | ai | |
| source-diff | obfuscated-file:dist/register-BQpI82el.mjs | AI (source-diff): Standard esbuild-bundled output for tsx; minified but readable, no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/index-CDeh32pY.mjs | AI (source-diff): Standard esbuild-bundled output for tsx; minified but readable, no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/register-DJgoUG_Q.cjs | AI (source-diff): Standard esbuild-bundled output for tsx; minified but readable, no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/register-BwcD2ly9.cjs | AI (source-diff): Standard esbuild-bundled output for tsx; minified but readable, no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/index-C8LOAU3M.cjs | AI (source-diff): Standard esbuild-bundled output for tsx; minified but readable, no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/register-lJYvHe5s.mjs | AI (source-diff): Standard esbuild-bundled output for tsx; minified but readable, no obfuscation. | ai | |
| source-diff | obfuscated-file:dist/register-CoxCwfHn.cjs | AI (source-diff): Minified bundle output; stable pattern for tsx. | ai | |
| source-diff | obfuscated-file:dist/register-D46fvsV_.cjs | AI (source-diff): Standard minified bundle output; stable pattern for tsx. | ai | |
| source-diff | obfuscated-file:dist/register-BXA4IaYH.cjs | AI (source-diff): Minified CJS register hook; standard build output. | ai | |
| source-diff | obfuscated-file:dist/index-7AaEi15b.mjs | AI (source-diff): ESM counterpart of the same minified bundle. | ai | |
| source-diff | obfuscated-file:dist/index-gckBtVBf.cjs | AI (source-diff): Minified esbuild/rollup bundle; standard for this build-tool package. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Restructured dist output with hash-based filenames; stable pattern for tsx. | ai | |
| source-diff | obfuscated-file:dist/register-CuoYSLaL.mjs | AI (source-diff): ESM counterpart of register CJS bundle; same pattern. | ai | |
| source-diff | obfuscated-file:dist/lexer-DQCqS3nf.mjs | AI (source-diff): ESM counterpart of lexer CJS bundle; same pattern. | ai | |
| source-diff | obfuscated-file:dist/index-DGv_vkxZ.mjs | AI (source-diff): ESM counterpart of index CJS bundle; same pattern. | ai | |
| source-diff | obfuscated-file:dist/register-D2KMMyKp.cjs | AI (source-diff): Bundled CJS register hook; readable minified code. | ai | |
| source-diff | obfuscated-file:dist/lexer-DgIbo0BU.cjs | AI (source-diff): Bundled es-module-lexer WASM loader; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/index-CylV0-__.cjs | AI (source-diff): Bundled esbuild output with readable identifiers; standard for this package. | ai | |
| typosquat | typosquat.levenshtein:qs | AI (typosquat): tsx is a well-known TypeScript runner with its own identity; the Levenshtein match to 'qs' is a false positive — these packages serve entirely different purposes. | ai | |
| provenance | no-provenance | AI (provenance): tsx is a legitimate, established package; lack of provenance attestation is common and not a risk signal here. | ai |
Versions (showing 64 of 64)
| Version | Deps | Published |
|---|---|---|
| 4.22.4 | 1 / 0 | |
| 4.22.3 | 1 / 0 | |
| 4.22.2 | 1 / 0 | |
| 4.22.1 | 1 / 0 | |
| 4.22.0 | 1 / 0 | |
| 4.21.1 | 1 / 0 | |
| 4.21.0 | 2 / 0 | |
| 4.20.6 | 2 / 0 | |
| 4.20.5 | 2 / 0 | |
| 4.20.4 | 2 / 0 | |
| 4.20.3 | 2 / 0 | |
| 4.20.2 | 2 / 0 | |
| 4.20.1 | 2 / 0 | |
| 4.20.0 | 2 / 0 | |
| 4.19.4 | 2 / 0 | |
| 4.19.3 | 2 / 0 | |
| 4.19.2 | 2 / 0 | |
| 4.19.1 | 2 / 0 | |
| 4.19.0 | 2 / 0 | |
| 4.18.0 | 2 / 0 | |
| 4.17.1 | 2 / 0 | |
| 4.17.0 | 2 / 0 | |
| 4.16.5 | 2 / 0 | |
| 4.16.4 | 2 / 0 | |
| 4.16.3 | 2 / 0 | |
| 4.16.2 | 2 / 0 | |
| 4.16.1 | 2 / 0 | |
| 4.16.0 | 2 / 0 | |
| 4.15.9 | 2 / 0 | |
| 4.15.8 | 2 / 0 | |
| 4.15.7 | 2 / 0 | |
| 4.15.6 | 2 / 0 | |
| 4.15.5 | 2 / 0 | |
| 4.15.4 | 2 / 0 | |
| 4.15.3 | 2 / 0 | |
| 4.15.2 | 2 / 0 | |
| 4.15.1 | 2 / 0 | |
| 4.15.0 | 2 / 0 | |
| 4.14.1 | 2 / 0 | |
| 4.14.0 | 2 / 0 | |
| 4.13.3 | 2 / 0 | |
| 4.13.2 | 2 / 0 | |
| 4.13.1 | 2 / 0 | |
| 4.13.0 | 2 / 0 | |
| 4.12.1 | 2 / 0 | |
| 4.12.0 | 2 / 0 | |
| 4.11.2 | 2 / 0 | |
| 4.11.1 | 2 / 0 | |
| 4.11.0 | 2 / 0 | |
| 4.10.5 | 2 / 0 | |
| 4.10.4 | 2 / 0 | |
| 4.10.3 | 2 / 0 | |
| 4.10.2 | 2 / 0 | |
| 4.10.1 | 2 / 0 | |
| 4.10.0 | 2 / 0 | |
| 4.9.5 | 2 / 0 | |
| 4.9.4 | 2 / 0 | |
| 4.9.3 | 2 / 0 | |
| 4.9.2 | 2 / 0 | |
| 4.9.1 | 2 / 0 | |
| 4.9.0 | 2 / 0 | |
| 4.8.2 | 2 / 0 | |
| 4.8.1 | 2 / 0 | |
| 4.8.0 | 2 / 0 |
v4.22.4
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.22.3
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.22.2
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.22.1
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.22.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.21.1
8 findingsThis version was published by a different npm account than previous versions on 2026-05-14. This could indicate a legitimate maintainer transition or an account compromise.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v4.19.3
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.19.2
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.19.1
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.19.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.18.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.17.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.17.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.16.5
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.16.4
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.16.3
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.16.2
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.16.1
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.16.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.9
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.8
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.7
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.6
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.5
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.4
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.3
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.2
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.1
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.15.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.14.1
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.14.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.13.3
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.13.2
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.13.1
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.13.0
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.12.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.12.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.11.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.11.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.10.5
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.10.4
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.10.3
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.10.2
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.10.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.10.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.5
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.4
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.3
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.2
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.9.0
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.8.2
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.8.1
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
[Accepted risk] Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v4.8.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.