@lovelybunch/api
Coconut API server
Supply chain provenance
Status for the latest visible version.
Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:static/assets/index-DzYTksNb.js | AI (source-diff): Vite-bundled React frontend; minified output is expected for this package's static asset build. | ai | |
| source-diff | net-exec-file:static/assets/index-DzYTksNb.js | AI (source-diff): fetch() calls are modulepreload polyfill in bundled React app; no dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/index-aLGL6jN0.js | AI (source-diff): Vite/React production bundle shipped as static frontend asset; minification is expected for this package. | ai | |
| source-diff | net-exec-file:static/assets/index-aLGL6jN0.js | AI (source-diff): Network calls and dynamic execution are browser-side React app patterns, not dropper behavior. | ai | |
| source-diff | net-exec-file:static/assets/index-CXdqQvuB.js | AI (source-diff): Network calls and dynamic code in a React SPA bundle are expected; no dropper behavior present. | ai | |
| source-diff | obfuscated-file:static/assets/index-CXdqQvuB.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated. Stable pattern for this package. | ai | |
| source-diff | net-exec-file:static/assets/index-COf7Bc1u.js | AI (source-diff): Network calls and dynamic code in a frontend bundle are normal React app patterns (fetch, dynamic imports); not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/index-COf7Bc1u.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated, contains React JSX runtime with MIT license headers. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-n0MeSpgA.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-CChIC6Qa.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-B9nVQn0B.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-C7Xlzj-X.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsPage-D_HMA-40.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentEditPage-BiAoWU1z.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentDetailPage-CZ2tz-Ol.js | AI (source-diff): Standard Vite/React minified bundle output; readable UI logic visible in samples, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-CaeV2cQ4.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsSettingsPage-C5ZsOVSL.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/index-BfJaT17z.js | AI (source-diff): Standard Vite/React minified bundle output; this is the main app bundle. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-O7o2b4JB.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-Bz17VWrK.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-D2aJfzTq.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/droid-C6RWH9f4.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-DdApq_B-.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-BtKkipWC.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/index-ChC_9V5G.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for bundled frontend static assets in this package. | ai | |
| source-diff | net-exec-file:static/assets/index-ChC_9V5G.js | AI (source-diff): Network calls and dynamic code are normal React SPA patterns (fetch, dynamic imports); no dropper behavior evident. | ai | |
| source-diff | obfuscated-file:static/assets/index-QHnHUcsV.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for frontend static assets in this package. | ai | |
| source-diff | net-exec-file:static/assets/index-QHnHUcsV.js | AI (source-diff): fetch() calls in a browser React bundle are normal; not a dropper pattern. | ai | |
| source-diff | obfuscated-file:static/assets/index-CT5b4_5b.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for this package's bundled frontend static assets. | ai | |
| source-diff | net-exec-file:static/assets/index-CT5b4_5b.js | AI (source-diff): Network calls and dynamic code in a React SPA bundle are normal browser-side patterns, not dropper behavior. | ai | |
| source-diff | net-exec-file:static/assets/index-iUk8kCOP.js | AI (source-diff): Network calls and dynamic execution are browser-side React app patterns (fetch, modulepreload), not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/index-iUk8kCOP.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for frontend static assets in this API server package. | ai | |
| source-diff | obfuscated-file:static/assets/coffeescript-S37ZYGWr.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-kp4s3wCJ.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/cobol-CWcv1MsR.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/clojure-BMjYHr_A.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-DgMJTsMd.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-Bwr7uP3z.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/asterisk-B-8jnY81.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/asn1-EdZsLKOL.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-Bg84BQHV.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsContextPage-tJ-LhFYb.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-sJEQn6DK.js | AI (source-diff): Standard Vite-bundled React SPA output; minification is expected for this package. | ai | |
| source-diff | obfuscated-file:static/assets/clike-B9uivgTg.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/d-pRatUO7H.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-DMJSzzgD.js | AI (source-diff): Standard Vite-bundled React SPA output. | ai | |
| source-diff | obfuscated-file:static/assets/cypher-C_CwsFkJ.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/crystal-SjHAIU92.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/css-BnMrqG3P.js | AI (source-diff): Bundled CodeMirror language mode; expected minified output. | ai | |
| source-diff | obfuscated-file:static/assets/index-oiaE146A.js | AI (source-diff): Vite-bundled React frontend; minified build artifact with visible React license headers, not obfuscated malware. | ai | |
| source-diff | net-exec-file:static/assets/index-oiaE146A.js | AI (source-diff): Network calls and dynamic code in a frontend bundle are standard React SPA patterns (fetch, modulepreload), not dropper behavior. | ai | |
| source-diff | net-exec-file:static/assets/index-BBRzjrXH.js | AI (source-diff): Network calls are browser fetch() for modulepreload; no server-side code execution pattern. | ai | |
| source-diff | obfuscated-file:static/assets/index-BBRzjrXH.js | AI (source-diff): Standard Vite/React production bundle; minified but not obfuscated, React license headers visible. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-ofZrdSSl.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-D5C34QbO.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-CCNmmkv_.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-Dh2dy_2x.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-D528tGhc.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-FcRJGw8O.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-Cld_sN5t.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-Dj-Do8q7.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/index-DaqYJNAM.js | AI (source-diff): Standard Vite minified frontend bundle; root entry point for the SPA. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-AWTVFLmK.js | AI (source-diff): Standard Vite minified frontend bundle; samples show normal React/Hono app code. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-DiRR28Rx.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-D-l8q30N.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsSettingsPage-CILCHaO9.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsPage-9Hre8AD1.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/AgentEditPage-1026aJox.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/AgentDetailPage-DtGFrHzZ.js | AI (source-diff): Standard Vite minified frontend bundle. | ai | |
| source-diff | obfuscated-file:static/assets/index-DuLX7Zvh.js | AI (source-diff): Standard Vite/React production bundle shipped as static asset; minification is expected, not malicious. | ai | |
| source-diff | net-exec-file:static/assets/index-DuLX7Zvh.js | AI (source-diff): fetch() in a browser bundle for modulepreload polyfill; not a dropper pattern. | ai | |
| source-diff | obfuscated-file:static/assets/index-CRg4lVi6.js | AI (source-diff): Standard Vite/React production bundle; minified frontend static asset, not obfuscated malware. | ai | |
| source-diff | net-exec-file:static/assets/index-CRg4lVi6.js | AI (source-diff): Network calls and dynamic code in a React SPA bundle are normal browser-side patterns, not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/index-BVJU_3F9.js | AI (source-diff): Standard Vite/React production bundle with visible license headers; minification is expected for this package's bundled frontend. | ai | |
| source-diff | net-exec-file:static/assets/index-BVJU_3F9.js | AI (source-diff): fetch() calls in a browser SPA bundle are routine; no dropper pattern present. | ai | |
| source-diff | obfuscated-file:static/assets/index-NCb27WQQ.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for this frontend-serving API package. | ai | |
| source-diff | net-exec-file:static/assets/index-NCb27WQQ.js | AI (source-diff): Network calls and dynamic code in a bundled SPA asset are normal browser-side React app behavior, not dropper malware. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-BG-ZSGfu.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-e9hNRsi2.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-BiRf5q_q.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-Ck4-s_jh.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-Bs5wL5Yj.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-Cj4dVDWO.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-WY9k_1tR.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-DCKd4LXE.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsSettingsPage-Cw2MTnHU.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsPage-Bage8eYW.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AgentEditPage-DOemUkvg.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/AgentDetailPage-WLAnnZep.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-C_HqpJt2.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-DCpoDF2j.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/index-CQpPrvm_.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-Cn-MciXq.js | AI (source-diff): Standard Vite minified React bundle output; not obfuscated malware. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-qJKqmwv7.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | large-new-source-files | AI (source-diff): 174 new files are Vite-built frontend assets bundled into the API package for the first time. | ai | |
| source-diff | obfuscated-file:static/assets/index-VBSAUXJg.js | AI (source-diff): Main Vite bundle entry; standard minified output for a React SPA. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-B8xDJx3W.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-D22W0fXd.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-vBLrGiwG.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/droid-Caom7ttu.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-3PlgC6UV.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-DGxzOKzh.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-DBBFKngy.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-AXU_vx8p.js | AI (source-diff): Standard Vite minified React bundle; consistent with other page assets. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-C4bkskmN.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-wx1LBCGC.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-DY0vNNSR.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsSettingsPage-Dnkw87_8.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/AgentsPage-nnMzCmw9.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/AgentEditPage-K6I9kvCf.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/AgentDetailPage-Dww8h17d.js | AI (source-diff): Standard Vite minified React bundle; readable UI logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/GitSettingsPage-THm6wDjs.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/index-DFcWlnzl.js | AI (source-diff): Main Vite bundle entry point; standard minified React/library output. | ai | |
| source-diff | obfuscated-file:static/assets/GitPage-BiDtdSK1.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/DashboardPage-B9BZZfw6.js | AI (source-diff): Standard Vite/React minified bundle output with lucide-react license headers. | ai | |
| source-diff | obfuscated-file:static/assets/CodePage-CPCj64rX.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/browser-modal-DCNdI4NT.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/AuthSettingsPage-DtSo78Y_.js | AI (source-diff): Standard Vite/React minified bundle output with lucide-react license headers. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitecturePage-DYxC_aMR.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ArchitectureEditPage-CpowsIx2.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ApiKeysSettingsPage-B1YvVdmg.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | obfuscated-file:static/assets/ActivityPage-k4I7Q53O.js | AI (source-diff): Standard Vite/React minified bundle output; readable component logic visible in sample. | ai | |
| source-diff | obfuscated-file:static/assets/IdentityPage-BC16skg6.js | AI (source-diff): Standard Vite/React minified bundle output. | ai | |
| source-diff | net-exec-file:static/assets/index-WWif9bcD.js | AI (source-diff): Network calls and dynamic code in a React SPA bundle are normal browser-side patterns, not dropper behavior. | ai | |
| source-diff | obfuscated-file:static/assets/index-WWif9bcD.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for frontend static assets in this package. | ai | |
| source-diff | net-exec-file:static/assets/index-BmLW21zG.js | AI (source-diff): Browser fetch + React rendering in a bundled SPA asset; not a dropper pattern. | ai | |
| source-diff | obfuscated-file:static/assets/index-BmLW21zG.js | AI (source-diff): Standard Vite/React production bundle; minification is expected for this package's bundled frontend static assets. | ai | |
| phantom-deps | phantom-dep:arctic | AI (phantom-deps): arctic is a legitimate OAuth library; phantom-dep heuristic fires because it's used indirectly via config/runtime, not a direct import. | ai | |
| phantom-deps | phantom-dep:@lovelybunch/core | AI (phantom-deps): Same org scope; declared as dependency, phantom-dep heuristic is a false positive here. | ai | |
| phantom-deps | phantom-dep:cookie | AI (phantom-deps): cookie is a declared runtime dependency; phantom-dep heuristic false positive for this package. | ai | |
| typosquat | typosquat.levenshtein:ajv | AI (typosquat): Scoped package with clear distinct identity; not impersonating ajv. | ai | |
| typosquat | typosquat.levenshtein:joi | AI (typosquat): Scoped package with clear distinct identity; not impersonating joi. | ai | |
| typosquat | typosquat.levenshtein:pg | AI (typosquat): Scoped package with clear distinct identity; not impersonating pg. | ai | |
| typosquat | typosquat.levenshtein:hapi | AI (typosquat): Scoped package @lovelybunch/api; not impersonating hapi. Levenshtein match on suffix 'api' vs 'hapi' is a false positive. | ai |
Versions (showing 29 of 29)
| Version | Deps | Published |
|---|---|---|
| 1.0.77 | 21 / 11 | |
| 1.0.76 | 20 / 10 | |
| 1.0.75 | 21 / 10 | |
| 1.0.74 | 18 / 9 | |
| 1.0.73 | 17 / 9 | |
| 1.0.72 | 17 / 9 | |
| 1.0.71 | 17 / 9 | |
| 1.0.70 | 16 / 9 | |
| 1.0.69 | 16 / 9 | |
| 1.0.68 | 15 / 7 | |
| 1.0.67 | 15 / 7 | |
| 1.0.66 | 15 / 7 | |
| 1.0.65 | 15 / 7 | |
| 1.0.64 | 15 / 7 | |
| 1.0.63 | 15 / 7 | |
| 1.0.62 | 15 / 7 | |
| 1.0.61 | 15 / 7 | |
| 1.0.60 | 15 / 7 | |
| 1.0.59 | 15 / 7 | |
| 1.0.58 | 15 / 7 | |
| 1.0.57 | 15 / 7 | |
| 1.0.56 | 11 / 4 | |
| 1.0.55 | 11 / 4 | |
| 1.0.54 | 11 / 4 | |
| 1.0.53 | 11 / 4 | |
| 1.0.52 | 11 / 4 | |
| 1.0.51 | 11 / 4 | |
| 1.0.50 | 11 / 4 | |
| 1.0.49 | 11 / 4 |
v1.0.77
2 findingsPackage name '@lovelybunch/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.76
18 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.75
13 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.74
18 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.73
18 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.72
18 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.71
17 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.70
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.69
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.68
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.67
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.66
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.65
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.64
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.63
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.62
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.61
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.60
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.59
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.58
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.57
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.56
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.55
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.
v1.0.54
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.53
2 findingsPackage name '@lovelybunch/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.52
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.51
2 findingsPackage name '@lovelybunch/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.50
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.0.49
2 findingsPackage name '@lovelybunch/api' is 1 edit(s) away from popular package 'hapi'.
Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.