@bull-board/ui — Greenflagged

Supply chain provenance

Status for the latest visible version.

SLSA provenance attestation npm registry signatures gitHead linked

Maintainers

felixmosh

Keywords

bullbullmqdashboardmonitoringqueueredis

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:dist/static/js/main.52ccd466.js	AI (source-diff): Webpack-bundled main entry; standard minified output for this UI package.	ai	2026/06/09
source-diff	net-exec-file:dist/static/js/main.52ccd466.js	AI (source-diff): False positive on bundled UI code with fetch calls and webpack dynamic imports.	ai	2026/06/09
source-diff	obfuscated-file:dist/static/js/async/29662.607b2218.js	AI (source-diff): Webpack-bundled React UI chunk; standard minified output for this UI package.	ai	2026/06/09
source-diff	obfuscated-file:dist/static/js/async/42279.76a8888a.js	AI (source-diff): Webpack-bundled React UI chunk; standard minified output for this UI package.	ai	2026/06/09
source-diff	obfuscated-file:dist/static/js/async/61479.866d9060.js	AI (source-diff): Webpack-bundled React UI chunk; standard minified output for this UI package.	ai	2026/06/09
source-diff	obfuscated-file:dist/static/js/async/99902.1d8fda97.js	AI (source-diff): Webpack-bundled React UI chunk; standard minified output for this UI package.	ai	2026/06/09
source-diff	net-exec-file:dist/static/js/main.f00fcf89.js	AI (source-diff): Bundled axios (network) + webpack dynamic imports (eval); normal for a React SPA bundle.	ai	2026/06/09
source-diff	obfuscated-file:dist/static/js/main.f00fcf89.js	AI (source-diff): Main webpack bundle for UI app; minification is standard build output.	ai	2026/06/09
source-diff	obfuscated-file:dist/static/js/6693.08bd576a.js	AI (source-diff): Webpack chunk bundling aria-hidden and date-fns; standard minified output.	ai	2026/06/08
source-diff	obfuscated-file:dist/static/js/lib-axios.575029bf.js	AI (source-diff): Webpack chunk bundling axios library; standard minified output.	ai	2026/06/08
source-diff	obfuscated-file:dist/static/js/main.11111ccd.js	AI (source-diff): Main webpack entry bundle for bull-board UI; standard minified output.	ai	2026/06/08
source-diff	obfuscated-file:dist/static/js/async/79721.ec356cdf.js	AI (source-diff): Webpack chunk bundling prop-types and react-paginate; standard minified output.	ai	2026/06/08
source-diff	net-exec-file:dist/static/js/main.11111ccd.js	AI (source-diff): Webpack bundle includes axios (network) and dynamic imports (exec); normal for SPA.	ai	2026/06/08
provenance	publisher-changed	AI (provenance): Transition to GitHub Actions CI/CD publishing with SLSA provenance; legitimate automation.	ai	2026/06/08
source-diff	obfuscated-file:dist/static/js/async/48554.36521f48.js	AI (source-diff): Standard webpack chunk with CSS module hashes and SVG icons for bull-board UI.	ai	2026/06/08
source-diff	obfuscated-file:dist/static/js/async/51227.14e53878.js	AI (source-diff): Webpack chunk bundling Decimal.js library; standard minified output.	ai	2026/06/08
source-diff	obfuscated-file:dist/static/js/async/59308.18840707.js	AI (source-diff): Webpack chunk for queue metrics React component; standard minified output.	ai	2026/06/08
source-diff	obfuscated-file:dist/static/js/async/11153.03304bed.js	AI (source-diff): Webpack-minified CodeMirror chunk; expected for UI package.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/18707.63c3608e.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/19367.41cb624f.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/18582.6d29734d.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/10518.e5ba10f5.js	AI (source-diff): Webpack-bundled date-fns locale chunks; standard for a UI package shipping pre-built assets.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/1074.f5737cfe.js	AI (source-diff): Webpack-bundled locale chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/11153.2127688b.js	AI (source-diff): Webpack-bundled CodeMirror/UI chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/11272.b03de1a0.js	AI (source-diff): Webpack-bundled locale chunk (Tamil); standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/12106.6b21c0cf.js	AI (source-diff): Webpack-bundled locale chunk (Latvian); standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/12347.0e10ff40.js	AI (source-diff): Webpack-bundled locale chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/12506.4df1bf8a.js	AI (source-diff): Webpack-bundled locale chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/12700.61b82ee1.js	AI (source-diff): Webpack-bundled locale chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/13410.436fbd27.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/14302.e411a392.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/14939.01eb94e4.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/15114.4d20ed6a.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/15283.50a0ae59.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/1531.caf4684b.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/16752.3bde98cb.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/17553.2939fda7.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/17597.ded69ad6.js	AI (source-diff): Webpack-bundled chunk; standard minified output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/10518.b0a21f0d.js	AI (source-diff): Standard webpack-minified bundle of date-fns; expected for a UI package shipping built assets.	ai	2026/05/15
source-diff	net-exec-file:dist/static/js/main.f9b83451.js	AI (source-diff): Browser bundle with axios/fetch and webpack require; expected for a dashboard UI.	ai	2026/05/15
source-diff	net-exec-file:dist/static/js/async/51125.8b45fd61.js	AI (source-diff): Fetch polyfill + webpack dynamic imports in browser bundle; not server-side malware.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/main.f9b83451.js	AI (source-diff): Webpack-minified main entry with CSS module hashes; standard build output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/lib-react.719eb9c0.js	AI (source-diff): Minified React bundle; expected for a UI package.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/90409.1795e0fb.js	AI (source-diff): Webpack-minified chunk containing fetch polyfill; standard build output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/6693.47be15e9.js	AI (source-diff): Webpack-minified chunk (aria-hidden, date-fns locale); standard build output.	ai	2026/05/15
source-diff	obfuscated-file:dist/static/js/async/51125.8b45fd61.js	AI (source-diff): Webpack-minified chunk with LICENSE.txt; standard build output.	ai	2026/05/15
typosquat	typosquat.levenshtein:pg	AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive.	ai	2026/05/01
typosquat	typosquat.levenshtein:yup	AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive.	ai	2026/05/01
typosquat	typosquat.levenshtein:joi	AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive.	ai	2026/05/01
typosquat	typosquat.levenshtein:qs	AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive.	ai	2026/05/01
typosquat	typosquat.levenshtein:uuid	AI (typosquat): Scoped @bull-board/ui package; Levenshtein match against short names is a false positive.	ai	2026/05/01

Versions (showing 24 of 24)

Version	Deps	Published
8.0.0	1 / 38	2026-06-11
7.2.0	1 / 41	2026-06-07
7.1.3	1 / 40	2026-05-14
7.0.0	1 / 40	2026-04-14
6.21.3	1 / 40	2026-04-14
6.21.2	1 / 40	2026-04-13
6.21.1	1 / 39	2026-04-12
6.21.0	1 / 39	2026-04-08
6.20.7	1 / 39	2026-04-07
6.20.6	1 / 39	2026-03-19
6.20.3	1 / 39	2026-02-25
6.20.2	1 / 39	2026-02-24
6.19.0	1 / 39	2026-02-19
6.18.3	1 / 39	2026-02-19
6.18.1	1 / 39	2026-02-14
6.18.0	1 / 39	2026-02-12
6.17.0	1 / 39	2026-02-08
6.16.4	1 / 38	2026-01-22
6.16.2	1 / 38	2025-12-28
6.16.1	1 / 38	2025-12-25
6.16.0	1 / 38	2025-12-25
6.15.0	1 / 38	2025-12-05
6.14.2	1 / 38	2025-11-12
6.14.1	1 / 38	2025-11-09

v8.0.0

26 findings

HIGH New obfuscated file: dist/static/js/async/30.2cc74488ef.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/368.1b407c574b.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New file with network + code execution: dist/static/js/async/368.1b407c574b.js source-diff

Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.

HIGH New obfuscated file: dist/static/js/async/384.3667aac7aa.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/409.42d2e90f3f.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/415.fdd88acf1c.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/445.d7dc063fe5.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/548.43637e8cc9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/60.3b23d3d0ef.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New file with network + code execution: dist/static/js/async/60.3b23d3d0ef.js source-diff

Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.

HIGH New obfuscated file: dist/static/js/async/618.611638327d.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/648.36eecb50bf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/752.b4f07edbe9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/818.d840e4d75b.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/832.039ec9aa99.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/833.302b02c876.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/837.42918bb1b0.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/857.63b4bcb6d9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/865.0623127543.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/926.a8e993d2b0.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/977.baa02a13d4.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/lib-react.2179b2198e.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/lib-router.8c600b759a.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/main.11998ed9fd.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New file with network + code execution: dist/static/js/main.11998ed9fd.js source-diff

Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.2.0

10 findings

HIGH Publisher changed: felixmosh → GitHub Actions (on 2026-06-07) provenance

This version was published by a different npm account than previous versions on 2026-06-07. This could indicate a legitimate maintainer transition or an account compromise.

HIGH New obfuscated file: dist/static/js/async/48554.36521f48.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/51227.14e53878.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/59308.18840707.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/6693.08bd576a.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/79721.ec356cdf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/lib-axios.575029bf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/main.11111ccd.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New file with network + code execution: dist/static/js/main.11111ccd.js source-diff

Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.1.3

7 findings

HIGH Publisher changed: felixmosh → GitHub Actions (on 2026-05-14) provenance

This version was published by a different npm account than previous versions on 2026-05-14. This could indicate a legitimate maintainer transition or an account compromise.

HIGH New obfuscated file: dist/static/js/async/48554.36521f48.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/6693.08bd576a.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/lib-axios.575029bf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/main.f00fcf89.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New file with network + code execution: dist/static/js/main.f00fcf89.js source-diff

Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.

INFO Has SLSA provenance attestation provenance

Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.

v7.0.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v6.21.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v6.21.2

9 findings

HIGH New obfuscated file: dist/static/js/async/10518.b0a21f0d.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/51125.8b45fd61.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New file with network + code execution: dist/static/js/async/51125.8b45fd61.js source-diff

Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.

HIGH New obfuscated file: dist/static/js/6693.47be15e9.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/90409.1795e0fb.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/lib-react.719eb9c0.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/main.f9b83451.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New file with network + code execution: dist/static/js/main.f9b83451.js source-diff

Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v6.21.1

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v6.21.0

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v6.20.7

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.

v6.20.6

23 findings

HIGH New obfuscated file: dist/static/js/async/10518.e5ba10f5.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/1074.f5737cfe.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/11153.2127688b.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/11272.b03de1a0.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/12106.6b21c0cf.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/12347.0e10ff40.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/12506.4df1bf8a.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/12700.61b82ee1.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/13410.436fbd27.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/14302.e411a392.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/14939.01eb94e4.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/15114.4d20ed6a.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/15283.50a0ae59.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/1531.caf4684b.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/16752.3bde98cb.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/17553.2939fda7.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/17597.ded69ad6.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/18582.6d29734d.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/18707.63c3608e.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/19367.41cb624f.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/19455.e183e749.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: dist/static/js/async/19598.bdf792bb.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v6.20.3