@everymatrix/casino-search-nd
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-DWGVT1W-.js | AI (source-diff): Standard minified Stencil/Svelte build output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-D5UzULjZ.js | AI (source-diff): Standard minified Stencil/Svelte build output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-CkqjPCXl.js | AI (source-diff): Standard minified Stencil/Svelte build output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-gxj0m5Ug.js | AI (source-diff): Standard minified Stencil/Svelte build output; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-C08ivhZo.cjs | AI (source-diff): Standard minified Stencil/Svelte build artifact; no malicious payload in samples. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-C4Iw5E6k.js | AI (source-diff): Standard minified Stencil/Svelte build artifact; no malicious payload in samples. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-s7FVjPDD.js | AI (source-diff): Standard minified Stencil/Svelte build artifact; no malicious payload in samples. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-C19FnebP.js | AI (source-diff): Standard minified Stencil/Svelte build artifact; no malicious payload in samples. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-Chg9wJ0R.js | AI (source-diff): Standard minified Stencil/Svelte build artifact; no malicious payload in samples. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-LzHRfjmo.cjs | AI (source-diff): Standard minified Stencil/Svelte build artifact; no malicious payload in samples. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-DMpN2Rsr.cjs | AI (source-diff): Standard minified Svelte/Stencil build output; consistent with this package's established pattern across 400+ versions. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-CKbbtXF6.js | AI (source-diff): Standard minified Svelte component bundle; consistent with package's build pipeline. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-CLuKlqui.js | AI (source-diff): Standard minified build artifact; no malicious patterns detected. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-C9idzt1M.js | AI (source-diff): Standard minified build artifact; no malicious patterns detected. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-JoJQ3ksA.js | AI (source-diff): Standard minified Svelte component bundle; consistent with package's build pipeline. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-CO8grAZY.cjs | AI (source-diff): Standard minified build artifact with i18n strings; no malicious patterns. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-BHc7Wabm.js | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent pattern across all @everymatrix releases. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-Dp6UKEuf.cjs | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent pattern across all @everymatrix releases. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-aXTwTqgM.cjs | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent pattern across all @everymatrix releases. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-BBL39_WX.js | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent pattern across all @everymatrix releases. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-BiVK2l1I.js | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent pattern across all @everymatrix releases. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-BPBPNapa.js | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent pattern across all @everymatrix releases. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-DtQwCzVc.js | AI (source-diff): Standard Vite/Svelte minified bundle output; consistent with this package's build pattern. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-DAwVkaRn.js | AI (source-diff): Standard Vite/Svelte minified bundle output; consistent with this package's build pattern. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-DDTj0iP4.js | AI (source-diff): Standard Vite/Svelte minified bundle output; consistent with this package's build pattern. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-5917qStv.js | AI (source-diff): Standard Vite/Svelte minified bundle output; consistent with this package's build pattern. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-CkzkW1Yf.cjs | AI (source-diff): Standard Vite/Svelte minified bundle output; consistent with this package's build pattern. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-BJCS3YIW.cjs | AI (source-diff): Standard Vite/Svelte minified bundle output; consistent with this package's build pattern across 400+ versions. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-D_Ier-i4.cjs | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent across all versions of this component package. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-C_enZsu7.cjs | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent across all versions of this component package. | ai | |
| bogus-package | bogus-package | AI (bogus-package): Scoped component library with no external deps; metadata flags are structural, not indicative of spam/malware. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-DAMmvp1T.js | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent across all versions of this component package. | ai | |
| source-diff | obfuscated-file:components/CasinoSearchNd-BTJxIM3r.js | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent across all versions of this component package. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-ChyjBXHw.js | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent across all versions of this component package. | ai | |
| source-diff | obfuscated-file:components/CasinoGameThumbnailNd-B70HDs5Q.js | AI (source-diff): Standard minified Svelte/Stencil bundle output; consistent across all versions of this component package. | ai |
Versions (showing 100 of 257)
| Version | Deps | Published |
|---|---|---|
| 1.87.0 | 0 / 0 | |
| 1.86.12 | 0 / 0 | |
| 1.86.11 | 0 / 0 | |
| 1.86.10 | 0 / 0 | |
| 1.86.9 | 0 / 0 | |
| 1.86.7 | 0 / 0 | |
| 1.86.6 | 0 / 0 | |
| 1.86.5 | 0 / 0 | |
| 1.86.4 | 0 / 0 | |
| 1.86.3 | 0 / 0 | |
| 1.86.2 | 0 / 0 | |
| 1.86.1 | 0 / 0 | |
| 1.86.0 | 0 / 0 | |
| 1.85.23 | 0 / 0 | |
| 1.85.22 | 0 / 0 | |
| 1.85.21 | 0 / 0 | |
| 1.85.20 | 0 / 0 | |
| 1.85.19 | 0 / 0 | |
| 1.85.18 | 0 / 0 | |
| 1.85.17 | 0 / 0 | |
| 1.85.16 | 0 / 0 | |
| 1.85.15 | 0 / 0 | |
| 1.85.14 | 0 / 0 | |
| 1.85.13 | 0 / 0 | |
| 1.85.12 | 0 / 0 | |
| 1.85.11 | 0 / 0 | |
| 1.85.10 | 0 / 0 | |
| 1.85.9 | 0 / 0 | |
| 1.85.8 | 0 / 0 | |
| 1.85.7 | 0 / 0 | |
| 1.85.6 | 0 / 0 | |
| 1.85.5 | 0 / 0 | |
| 1.85.4 | 0 / 0 | |
| 1.85.3 | 0 / 0 | |
| 1.85.2 | 0 / 0 | |
| 1.85.1 | 0 / 0 | |
| 1.85.0 | 0 / 0 | |
| 1.84.3 | 0 / 0 | |
| 1.84.2 | 0 / 0 | |
| 1.84.1 | 0 / 0 | |
| 1.84.0 | 0 / 0 | |
| 1.83.12 | 0 / 0 | |
| 1.83.11 | 0 / 0 | |
| 1.83.10 | 0 / 0 | |
| 1.83.9 | 0 / 0 | |
| 1.83.8 | 0 / 0 | |
| 1.83.7 | 0 / 0 | |
| 1.83.6 | 0 / 0 | |
| 1.83.5 | 0 / 0 | |
| 1.83.4 | 0 / 0 | |
| 1.83.3 | 0 / 0 | |
| 1.83.2 | 0 / 0 | |
| 1.83.1 | 0 / 0 | |
| 1.83.0 | 0 / 0 | |
| 1.82.0 | 0 / 0 | |
| 1.81.2 | 0 / 0 | |
| 1.81.1 | 0 / 0 | |
| 1.81.0 | 0 / 0 | |
| 1.80.19 | 0 / 0 | |
| 1.80.18 | 0 / 0 | |
| 1.80.17 | 0 / 0 | |
| 1.80.16 | 0 / 0 | |
| 1.80.15 | 0 / 0 | |
| 1.80.14 | 0 / 0 | |
| 1.80.13 | 0 / 0 | |
| 1.80.12 | 0 / 0 | |
| 1.80.11 | 0 / 0 | |
| 1.80.10 | 0 / 0 | |
| 1.80.9 | 0 / 0 | |
| 1.80.8 | 0 / 0 | |
| 1.80.7 | 0 / 0 | |
| 1.80.6 | 0 / 0 | |
| 1.80.5 | 0 / 0 | |
| 1.80.4 | 0 / 0 | |
| 1.80.3 | 0 / 0 | |
| 1.80.2 | 0 / 0 | |
| 1.80.1 | 0 / 0 | |
| 1.80.0 | 0 / 0 | |
| 1.77.32 | 0 / 0 | |
| 1.77.31 | 0 / 0 | |
| 1.77.30 | 0 / 0 | |
| 1.77.29 | 0 / 0 | |
| 1.77.28 | 0 / 0 | |
| 1.77.27 | 0 / 0 | |
| 1.77.26 | 0 / 0 | |
| 1.77.25 | 0 / 0 | |
| 1.77.24 | 0 / 0 | |
| 1.77.23 | 0 / 0 | |
| 1.77.22 | 0 / 0 | |
| 1.77.21 | 0 / 0 | |
| 1.77.20 | 0 / 0 | |
| 1.77.19 | 0 / 0 | |
| 1.77.18 | 0 / 0 | |
| 1.77.17 | 0 / 0 | |
| 1.77.16 | 0 / 0 | |
| 1.77.15 | 0 / 0 | |
| 1.77.14 | 0 / 0 | |
| 1.77.13 | 0 / 0 | |
| 1.77.12 | 0 / 0 | |
| 1.77.11 | 0 / 0 |
v1.87.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.86.12
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.86.11
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.86.10
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.86.9
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.86.7
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.86.6
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.86.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.86.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.86.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.86.2
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.86.1
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.86.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.23
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.22
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.21
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.20
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.19
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.18
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.17
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.16
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.15
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.14
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.13
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.12
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.11
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.10
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.9
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.8
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.7
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.6
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.5
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.4
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.3
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.85.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.85.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.3
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.2
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.1
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.84.0
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.12
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.11
1 findingPackage was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.83.10
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.83.9
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.83.8
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.83.7
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.83.6
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.83.5
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.83.4
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.