@vitejs/devtools
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/client/standalone/assets/DockStandalone-Ar6oQElg.js | AI (source-diff): Minified standalone client build output; stable pattern for this package. | ai | |
| source-diff | net-exec-file:dist/client/standalone/assets/ViewJsonRender-DINiU0I0.js | AI (source-diff): Minified version of same Zod + Vue render bundle; false positive. | ai | |
| source-diff | net-exec-file:dist/ViewJsonRender-BcGCJd1q.js | AI (source-diff): Bundled Zod + Vue render code; no actual network/exec malware pattern. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewJsonRender-DINiU0I0.js | AI (source-diff): Minified standalone client component with bundled Zod. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinTerminals-D0EdE-Xx.js | AI (source-diff): Minified standalone client component with xterm integration. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinMessages-Bjw0z1t3.js | AI (source-diff): Minified standalone client component. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/index-Cr-tjlre.js | AI (source-diff): Minified Vue runtime bundle for standalone client. | ai | |
| source-diff | obfuscated-file:dist/DockStandalone-BKC6Rj0o.js | AI (source-diff): Bundled build output with rolldown region markers; not obfuscated. | ai | |
| source-diff | net-exec-file:dist/ViewJsonRender-Ddhts3EN.js | AI (source-diff): Non-minified Zod bundle with standard patterns; not malware. | ai | |
| source-diff | obfuscated-file:dist/DockStandalone-Y7CEWFPN.js | AI (source-diff): Bundled Vue component output with inlined CSS; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/DockStandalone-BbHq19vq.js | AI (source-diff): Bundled/minified UI output from rolldown build; stable pattern for this package. | ai | |
| source-diff | net-exec-file:dist/ViewJsonRender-C3lZqeKd.js | AI (source-diff): Same Zod + fetch pattern in non-standalone bundle; not malicious. | ai | |
| source-diff | net-exec-file:dist/client/standalone/assets/ViewJsonRender-BLQ_Ar3N.js | AI (source-diff): Bundled Zod + browser fetch in client UI; not a dropper pattern. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewJsonRender-BLQ_Ar3N.js | AI (source-diff): Minified JSON render view with inlined Zod; stable for this package. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinTerminals-BHN1uGs9.js | AI (source-diff): Minified xterm terminal view bundle; stable for this package. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinMessages-CJavpZa1.js | AI (source-diff): Minified UI component bundle; stable for this package. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/index-_ZhPg6H6.js | AI (source-diff): Bundled Vue runtime in standalone client; stable for this package. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/DockStandalone-HsrQL3OK.js | AI (source-diff): Minified standalone client asset; stable for this package. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/DockStandalone-CjzkVB5E.js | AI (source-diff): Minified standalone client build output; stable pattern for this devtools package. | ai | |
| source-diff | net-exec-file:dist/ViewJsonRender-CI1Uv2LG.js | AI (source-diff): Bundled Zod + fetch in devtools UI; no malicious pattern. | ai | |
| source-diff | net-exec-file:dist/client/standalone/assets/ViewJsonRender-BF9BP7mF.js | AI (source-diff): Bundled Zod + fetch in devtools UI; no malicious pattern. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewJsonRender-BF9BP7mF.js | AI (source-diff): Minified standalone client JSON render view. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinTerminals-Dgt9x29J.js | AI (source-diff): Minified standalone client terminal view. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinMessages-CO7Dj00z.js | AI (source-diff): Minified standalone client view component. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/index-B0n2lreC.js | AI (source-diff): Minified Vue runtime bundle for standalone client. | ai | |
| source-diff | obfuscated-file:dist/DockStandalone-IuqZ7neK.js | AI (source-diff): Bundled rolldown output with region comments; not obfuscated. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinTerminals-Ddb8owMl.js | AI (source-diff): Minified xterm terminal view bundle; expected standalone client asset. | ai | |
| source-diff | obfuscated-file:dist/ToastOverlay-BYqNPsVN.js | AI (source-diff): Bundled Vue component with inlined CSS; standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/plugins-CsDUv5C2.js | AI (source-diff): Rolldown-bundled plugin code with readable imports; not truly obfuscated. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/index-Dx34o0Zb.js | AI (source-diff): Minified standalone client entry bundle; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/DockStandalone-Bxu-C-j2.js | AI (source-diff): Minified standalone client UI bundle; expected for devtools package shipping pre-built assets. | ai | |
| source-diff | obfuscated-file:dist/plugins-DiuKIPkS.js | AI (source-diff): Rolldown-bundled plugin code; minification is expected for this package's dist output. | ai | |
| source-diff | obfuscated-file:dist/DockStandalone-DxFEMDp2.js | AI (source-diff): Rolldown-bundled Vue UI component; minification is expected for this package's dist output. | ai | |
| source-diff | obfuscated-file:dist/DockStandalone-Cvn2I42I.js | AI (source-diff): Bundled Vue devtools dock component; readable structure in sample. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/dist-rIfWLo-D.js | AI (source-diff): Minified standalone client bundle of VueUse/Vue utilities; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/DockStandalone-Bk0rzhsC.js | AI (source-diff): Standalone client CSS+component bundle; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/iconify-BnD9kWhM.js | AI (source-diff): Bundled DOMPurify/iconify library; standard minified output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/index-BWe-SLf4.js | AI (source-diff): Standalone client entry bundle; standard Vite build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/MessageItem-BmTHuEs5.js | AI (source-diff): Bundled Vue DOM runtime + message components; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinMessages-CwvJQLDb.js | AI (source-diff): Bundled Vue message view component; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinTerminals-ByVMhIOK.js | AI (source-diff): Bundled xterm terminal view; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewJsonRender-k469TJ81.js | AI (source-diff): Bundled JSON renderer component; standard build output. | ai | |
| source-diff | net-exec-file:dist/client/standalone/assets/ViewJsonRender-k469TJ81.js | AI (source-diff): Standalone client version of same JSON renderer; expected pattern. | ai | |
| maintainer-change | maintainer-removed | AI (maintainer-change): Shift to GitHub Actions CI publishing with SLSA provenance; org-level change, not takeover. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/DockStandalone-CsM0gpFg.js | AI (source-diff): Minified standalone client asset; stable for this package. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinTerminals-C4MAZXQU.js | AI (source-diff): Minified xterm terminal view bundle; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/index-8i9-Fqg0.js | AI (source-diff): Minified standalone entry point; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewJsonRender-DflzBsyz.js | AI (source-diff): Minified JSON renderer component; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinTerminals-BUmnYgEw.js | AI (source-diff): Minified xterm.js terminal component bundle; expected for devtools. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/MessageItem-Bu-_UV1A.js | AI (source-diff): Minified Vue runtime DOM helpers; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/index-DNHA2RJA.js | AI (source-diff): Minified standalone app entry point; standard Vite build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/iconify-C9Q5_k-E.js | AI (source-diff): Minified DOMPurify/iconify bundle; standard dependency inlining. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinMessages-BohZ-xIw.js | AI (source-diff): Minified Vue component for message display; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/DockStandalone-DqN910ct.js | AI (source-diff): Minified standalone client bundle with CSS; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/DockStandalone-CnoBFAwt.js | AI (source-diff): Bundled Vue component with inlined CSS; standard build output. | ai | |
| source-diff | obfuscated-file:dist/DockIcon-CAHX5bin.js | AI (source-diff): Bundled Vue component output, not obfuscated malware. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/dist-DcZilxq7.js | AI (source-diff): Minified standalone client bundle; standard for devtools UI distribution. | ai | |
| source-diff | net-exec-file:dist/client/standalone/assets/ViewJsonRender-DflzBsyz.js | AI (source-diff): Minified version of same JSON renderer; not malware. | ai | |
| source-diff | net-exec-file:dist/ViewJsonRender-CLbf1IgB.js | AI (source-diff): JSON renderer with fetch for devtools RPC; not malware pattern. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/DockStandalone-DU2CE9TD.js | AI (source-diff): Minified standalone client asset; expected build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinTerminals-B8O9bzxF.js | AI (source-diff): Minified xterm terminal widget; expected build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinMessages-DFq5Hca6.js | AI (source-diff): Minified Vue component; expected build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/MessageItem-PLKYc2HM.js | AI (source-diff): Minified Vue runtime + DOM helpers; expected build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/index-9ujnalRw.js | AI (source-diff): Minified standalone client entry; expected build output. | ai | |
| source-diff | obfuscated-file:dist/DockStandalone-CjvDuitP.js | AI (source-diff): Bundled/minified Vue devtools UI component; stable pattern for this package. | ai | |
| source-diff | obfuscated-file:dist/DockStandalone-B2BD_FTX.js | AI (source-diff): Bundled Vue component with inlined CSS; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/dist-CKHeKHaB.js | AI (source-diff): Minified VueUse/Vue utility bundle; standard for this devtools package. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Build output restructured with new chunk hashes; normal for bundled devtools UI. | ai | |
| source-diff | net-exec-file:dist/ViewJsonRender-Dzu3awS5.js | AI (source-diff): Same JSON render component, non-standalone bundle variant. | ai | |
| source-diff | net-exec-file:dist/client/standalone/assets/ViewJsonRender-BPuYvgyN.js | AI (source-diff): JSON render component with fetch for devtools data; expected pattern. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewJsonRender-BPuYvgyN.js | AI (source-diff): Bundled JSON renderer; inlined from @json-render packages. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinTerminals-wseL3QSe.js | AI (source-diff): Bundled xterm terminal component; listed in inlinedDependencies. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/ViewBuiltinLogs-6FhGMeG0.js | AI (source-diff): Bundled log viewer component; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/LogItem-GYCT6U_0.js | AI (source-diff): Bundled Vue DOM renderer + log components; standard build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/index-DUqjDCZm.js | AI (source-diff): Main standalone entry bundle; standard Vite build output. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/iconify-CklC9gnO.js | AI (source-diff): Bundled DOMPurify + iconify utilities; listed in inlinedDependencies. | ai | |
| source-diff | obfuscated-file:dist/client/standalone/assets/DockStandalone-BGee0sFl.js | AI (source-diff): Minified standalone client bundle; expected for devtools UI. | ai | |
| source-diff | obfuscated-file:dist/DockIcon-PimCgdE3.js | AI (source-diff): Bundled Vue component output, not obfuscated. | ai | |
| dependencies | unvetted-dep:launch-editor | AI (dependencies): launch-editor is a well-known utility used by Vue CLI and similar tools to open files in editors; appropriate for a devtools package from the official Vite org. | ai | |
| dependencies | unvetted-dep:obug | AI (dependencies): obug is a debugging utility; its use is appropriate for a devtools package published by the official Vite/VoidZero organization with SLSA provenance. | ai | |
| provenance | slsa-provenance | AI (provenance): Official Vite org package published via GitHub Actions with SLSA provenance; this is the expected and strongest supply chain signal for this package. | ai | |
| phantom-deps | phantom-dep:ws | AI (phantom-deps): ws is a declared runtime dependency used in bundled output; phantom detection is a false positive for this package's build setup. | ai | |
| phantom-deps | phantom-dep:immer | AI (phantom-deps): immer is a declared runtime dependency; phantom detection is a false positive for this package's bundled build. | ai |
Versions (showing 24 of 24)
| Version | Deps | Published |
|---|---|---|
| 0.3.1 | 15 / 16 | |
| 0.2.0 | 14 / 15 | |
| 0.1.24 | 14 / 15 | |
| 0.1.23 | 14 / 15 | |
| 0.1.22 | 14 / 15 | |
| 0.1.21 | 18 / 15 | |
| 0.1.20 | 18 / 15 | |
| 0.1.19 | 18 / 15 | |
| 0.1.18 | 18 / 15 | |
| 0.1.17 | 18 / 15 | |
| 0.1.16 | 18 / 15 | |
| 0.1.15 | 18 / 15 | |
| 0.1.14 | 18 / 15 | |
| 0.1.13 | 17 / 15 | |
| 0.1.11 | 17 / 15 | |
| 0.1.10 | 17 / 15 | |
| 0.1.9 | 17 / 15 | |
| 0.1.8 | 17 / 14 | |
| 0.1.5 | 16 / 14 | |
| 0.1.4 | 16 / 15 | |
| 0.1.3 | 16 / 14 | |
| 0.1.2 | 16 / 14 | |
| 0.1.1 | 16 / 14 | |
| 0.1.0 | 16 / 14 |
v0.3.1
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.0
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.24
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.23
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.22
13 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.21
13 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.20
13 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.19
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.18
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.17
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.16
13 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.15
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.14
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.13
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.5
3 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.2
6 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.