@dreamkit/site
DreamKit Webite.
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/_astro/stackblitz.BUg6DQvX.js | AI (source-diff): Minified @stackblitz/sdk bundle; declared dependency, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.C25YVbP3.js | AI (source-diff): Astro/Vite minified build artifact bundling client-zip; benign for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.DDj6Y6A0.js | AI (source-diff): Minified Astro component script (client-zip usage); standard Vite build artifact for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.Bl8H1nvi.js | AI (source-diff): Minified bundle of @stackblitz/sdk; standard Astro/Vite build output for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.BdzLqcEM.js | AI (source-diff): Minified StackBlitz SDK bundle matching declared @stackblitz/sdk dependency; standard Astro build output. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.lP8z3PEQ.js | AI (source-diff): Minified Astro component script (client-zip usage); standard Vite/Astro build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.CV7XcRo4.js | AI (source-diff): Minified StackBlitz SDK bundle matching declared @stackblitz/sdk dependency; not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.D8FNIVhk.js | AI (source-diff): Standard Astro/Vite minified build output; not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.Bo5YKCtG.js | AI (source-diff): Minified Astro/Vite build artifact (client-zip utility); matches declared dependency, no malicious content. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.2-A7BlmK.js | AI (source-diff): Minified @stackblitz/sdk bundle; matches declared dependency, clearly legitimate StackBlitz embed code. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.DT268LDC.js | AI (source-diff): Minified Astro component script in dist output; expected build artifact for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.BfOLGPpj.js | AI (source-diff): Minified @stackblitz/sdk bundle in Astro dist output; expected build artifact for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.DDd6r0JZ.js | AI (source-diff): Minified StackBlitz SDK bundle matching declared @stackblitz/sdk dependency; legitimate build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.AmSfwKk9.js | AI (source-diff): Astro/Vite minified build output for client-zip library; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.nq-M_OiV.js | AI (source-diff): Minified StackBlitz SDK bundle; expected dist artifact for a site package with @stackblitz/sdk dependency. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.DXdvC6CE.js | AI (source-diff): Minified Astro component script using client-zip; expected dist artifact for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.2NapCVm2.js | AI (source-diff): Minified @stackblitz/sdk build artifact; matches declared dependency, no malicious content. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.D3CW94LT.js | AI (source-diff): Minified Astro/Vite build output for client-zip; matches declared dependency, no malicious content. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.BoJqPADn.js | AI (source-diff): Minified Astro component script output from astro build; benign for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.CAqB60rW.js | AI (source-diff): Minified @stackblitz/sdk bundle produced by astro build; benign for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CjOPtesQ.js | AI (source-diff): Minified Astro component script bundle (client-zip + stackblitz); expected build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.CIZ_X38m.js | AI (source-diff): Minified @stackblitz/sdk bundle; expected Astro/Vite build output for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.DG9udJ6C.js | AI (source-diff): Minified Astro component script; standard Vite build artifact for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.1IENA1nD.js | AI (source-diff): Minified bundle of @stackblitz/sdk; standard Astro/Vite build output for this documentation site. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CV-qFyN-.js | AI (source-diff): Minified Astro/Vite build output bundling client-zip; no malicious patterns present. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.BY8BqMbF.js | AI (source-diff): Minified bundle of @stackblitz/sdk; content is clearly identifiable as the StackBlitz embed SDK. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.Cz35-Ora.js | AI (source-diff): Minified bundle of @stackblitz/sdk dependency; content matches SDK API surface, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CTCxcr7B.js | AI (source-diff): Minified Astro/Vite build output for client-zip dependency; standard zip-handling code, no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.CHMqz7jG.js | AI (source-diff): Minified bundle of @stackblitz/sdk — declared dependency, standard Vite/Astro build output. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.BCPSZRX5.js | AI (source-diff): Compiled Astro component script (client-zip usage); standard minified build artifact for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.nLjwCsRD.js | AI (source-diff): Minified Astro component script (client-zip usage); standard Vite build artifact for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.BPHzphwu.js | AI (source-diff): Minified bundle of @stackblitz/sdk dependency; standard Astro/Vite build output for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.BFPX3UvZ.js | AI (source-diff): Minified Astro component script (client-zip utility); standard Vite/Astro build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.H0rrZv67.js | AI (source-diff): Minified bundle of @stackblitz/sdk, a declared dependency; standard Astro build output. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.DxmRtUWt.js | AI (source-diff): Minified build of @stackblitz/sdk, a declared dependency; content matches SDK source. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.DAVkTskB.js | AI (source-diff): Minified Astro/Vite build artifact bundling client-zip; no malicious patterns in sample. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.uiA-QP9V.js | AI (source-diff): Minified bundle of declared @stackblitz/sdk dependency; expected Astro/Vite build output. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.BFJidG32.js | AI (source-diff): Compiled Astro component script; standard Vite minified output for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.DEYMlOGA.js | AI (source-diff): Minified bundle of @stackblitz/sdk dependency; expected Astro/Vite build output. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.DK4trp4Y.js | AI (source-diff): Minified Astro component script (client-zip utility); expected Vite build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.DAHcz5So.js | AI (source-diff): Minified build artifact of @stackblitz/sdk, a declared dependency; content matches SDK API surface. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CIYD39dI.js | AI (source-diff): Minified Astro/Vite build output bundling client-zip (declared dep); no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CJZhPJUX.js | AI (source-diff): Minified Astro component script bundle; expected Vite build output for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.DGQCH-08.js | AI (source-diff): Minified @stackblitz/sdk bundle; expected Astro/Vite build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.Ftzjtd5T.js | AI (source-diff): Minified Astro component script in dist output; standard Vite/Astro build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.BP52EUtQ.js | AI (source-diff): Minified @stackblitz/sdk bundle in Astro dist output; content-hash filename is standard Vite build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.CR9PErYr.js | AI (source-diff): Minified @stackblitz/sdk bundle in Astro dist output; expected build artifact for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CsrBGGvV.js | AI (source-diff): Minified Astro component script in dist output; standard Vite/Astro build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.C54jXC7s.js | AI (source-diff): Minified Astro component script (SolidJS + client-zip); standard Vite build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.BZg3Fbna.js | AI (source-diff): Minified @stackblitz/sdk bundle; expected Astro/Vite build output for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.jlXOaUKY.js | AI (source-diff): Minified @stackblitz/sdk bundle; matches declared dependency and content is clearly the StackBlitz SDK. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CXOB9Qto.js | AI (source-diff): Minified Astro component build artifact; consistent with Astro/Vite build pipeline for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.ogtKFtVv.js | AI (source-diff): Minified @stackblitz/sdk bundle in Astro dist output; stable false positive for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.BnsJLXWO.js | AI (source-diff): Minified client-zip utility in Astro dist output; stable false positive for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CDYcQPs3.js | AI (source-diff): Minified Astro component script (client-zip utilities); declared dependency, normal build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.CvswbY-6.js | AI (source-diff): Minified @stackblitz/sdk bundle; declared dependency, normal Astro/Vite build output. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.BnWz6Pf-.js | AI (source-diff): Minified Astro component script; standard Vite build output, no malicious indicators. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.CtkRkp4d.js | AI (source-diff): Minified @stackblitz/sdk bundle; standard Astro/Vite build artifact matching declared dependency. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.t9HN5MNd.js | AI (source-diff): Minified Astro component script bundling client-zip; expected build artifact for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.XhvUZmj1.js | AI (source-diff): Minified bundle of @stackblitz/sdk dependency; expected Astro/Vite build output for this package. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CavcUrsg.js | AI (source-diff): Astro/Vite compiled component script; standard minified build output for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.DrCMuaDL.js | AI (source-diff): Minified bundle of @stackblitz/sdk dependency; expected build artifact for this site package. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.N5eJ8TTJ.js | AI (source-diff): Minified @stackblitz/sdk bundle; matches declared dependency and StackBlitz embed functionality. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.CW5b1RTf.js | AI (source-diff): Minified client-zip bundle from Astro build; matches declared client-zip dependency. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.UlAapN19.js | AI (source-diff): Minified StackBlitz SDK matching declared @stackblitz/sdk dependency; content is benign. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.bP8mfWwZ.js | AI (source-diff): Minified client-zip library code matching declared dependency; no malicious patterns. | ai | |
| source-diff | obfuscated-file:dist/_astro/Example.astro_astro_type_script_index_0_lang.ByJ5KkyO.js | AI (source-diff): Minified client-zip library; content matches declared client-zip dependency, standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/_astro/client.yL8JVs1M.js | AI (source-diff): Minified SolidJS runtime bundle; standard Astro/Vite build output matching declared solid-js dependency. | ai | |
| source-diff | obfuscated-file:dist/_astro/stackblitz.pNhcUPxS.js | AI (source-diff): Minified StackBlitz SDK; content matches declared @stackblitz/sdk dependency, standard build artifact. | ai | |
| phantom-deps | phantom-dep:client-zip | AI (phantom-deps): Config-referenced dependency in an Astro site; phantom-dep heuristic false positive. | ai | |
| phantom-deps | phantom-dep:@astrojs/check | AI (phantom-deps): Used via CLI in build script, not directly imported — expected for Astro projects. | ai | |
| phantom-deps | phantom-dep:typescript | AI (phantom-deps): TypeScript referenced in config/build tooling, not directly imported — normal pattern. | ai | |
| phantom-deps | phantom-dep:astro | AI (phantom-deps): Astro is referenced in config files as expected for an Astro site package. | ai | |
| typosquat | typosquat.levenshtein:vite | AI (typosquat): @dreamkit/site is a scoped monorepo package, not a typosquat of vite; name similarity is coincidental. | ai | |
| phantom-deps | phantom-dep:@astrojs/starlight | AI (phantom-deps): Config-referenced Astro integration; phantom-dep heuristic false positive. | ai | |
| phantom-deps | phantom-dep:@astrojs/solid-js | AI (phantom-deps): Config-referenced Astro integration; phantom-dep heuristic false positive. | ai | |
| phantom-deps | phantom-dep:@stackblitz/sdk | AI (phantom-deps): Config-referenced dependency; phantom-dep heuristic false positive. | ai | |
| phantom-deps | phantom-dep:better-sqlite3 | AI (phantom-deps): Config-referenced dependency; phantom-dep heuristic false positive for this site package. | ai |
Versions (showing 37 of 37)
| Version | Deps | Published |
|---|---|---|
| 0.0.62 | 10 / 1 | |
| 0.0.61 | 10 / 1 | |
| 0.0.60 | 10 / 1 | |
| 0.0.58 | 10 / 1 | |
| 0.0.57 | 10 / 1 | |
| 0.0.56 | 10 / 1 | |
| 0.0.55 | 10 / 1 | |
| 0.0.54 | 10 / 1 | |
| 0.0.53 | 10 / 1 | |
| 0.0.52 | 10 / 1 | |
| 0.0.51 | 10 / 1 | |
| 0.0.50 | 10 / 1 | |
| 0.0.49 | 10 / 1 | |
| 0.0.48 | 10 / 1 | |
| 0.0.47 | 10 / 1 | |
| 0.0.46 | 10 / 1 | |
| 0.0.45 | 10 / 1 | |
| 0.0.44 | 10 / 1 | |
| 0.0.41 | 10 / 1 | |
| 0.0.39 | 10 / 1 | |
| 0.0.38 | 10 / 1 | |
| 0.0.36 | 10 / 1 | |
| 0.0.35 | 10 / 1 | |
| 0.0.34 | 10 / 1 | |
| 0.0.33 | 10 / 1 | |
| 0.0.32 | 10 / 1 | |
| 0.0.31 | 10 / 1 | |
| 0.0.30 | 10 / 1 | |
| 0.0.29 | 10 / 1 | |
| 0.0.28 | 10 / 1 | |
| 0.0.27 | 10 / 1 | |
| 0.0.26 | 10 / 1 | |
| 0.0.25 | 10 / 1 | |
| 0.0.24 | 10 / 1 | |
| 0.0.23 | 10 / 1 | |
| 0.0.22 | 10 / 1 | |
| 0.0.21 | 10 / 1 |
v0.0.62
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.61
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.60
2 findingsPackage name '@dreamkit/site' is 1 edit(s) away from popular package 'vite'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.58
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.57
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.56
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.55
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.54
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.53
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.52
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.51
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.50
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.49
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.48
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.47
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.46
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.45
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.44
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.41
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.39
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.38
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.36
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.35
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.34
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.33
4 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.32
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.31
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.30
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.29
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.28
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.27
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.26
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.25
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.24
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.23
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v0.0.22
2 findingsPackage name '@dreamkit/site' is 1 edit(s) away from popular package 'vite'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.21
2 findingsPackage name '@dreamkit/site' is 1 edit(s) away from popular package 'vite'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.