oxfmt
Formatter for the JavaScript Oxidation Compiler
Supply chain provenance
Status for the latest visible version.
Maintainers
Keywords
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:dist/prettier-Cy-lZk4k.js | AI (source-diff): Bundled prettier core; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/markdown-Eujfu-fQ.js | AI (source-diff): Bundled prettier markdown plugin; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/flow-Cz3mJAtC.js | AI (source-diff): Bundled prettier flow plugin; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/estree-DHQPBKqf.js | AI (source-diff): Bundled prettier estree plugin; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/acorn-C-l7ouWN.js | AI (source-diff): Bundled prettier acorn plugin; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/v4-C-HWEQJm-CvgekpKf.js | AI (source-diff): Bundled dist chunk; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/jiti-Bb1dT6Cw-B_5IaZk7.js | AI (source-diff): Bundled jiti module loader; minified upstream artifact. | ai | |
| source-diff | net-exec-file:dist/jiti-Bb1dT6Cw-B_5IaZk7.js | AI (source-diff): jiti module loader pattern; dynamic require + module resolution is its purpose. | ai | |
| source-diff | obfuscated-file:dist/v3-D-mr2VVh-BXhnMySQ.js | AI (source-diff): Bundled dist chunk; minified upstream artifact. | ai | |
| source-diff | net-exec-file:dist/v3-D-mr2VVh-BXhnMySQ.js | AI (source-diff): Bundled dist chunk with module loader patterns; not malicious. | ai | |
| source-diff | obfuscated-file:dist/typescript-lqJOqGcK.js | AI (source-diff): Bundled prettier typescript plugin; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/estree-BL2Xy2uB.js | AI (source-diff): Bundled minified prettier plugin; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/typescript-DkgFgfZO.js | AI (source-diff): Bundled minified prettier plugin; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/v3-D-mr2VVh-DBBWnwM8.js | AI (source-diff): Bundled minified plugin; stable pattern. | ai | |
| source-diff | net-exec-file:dist/v3-D-mr2VVh-DBBWnwM8.js | AI (source-diff): Bundled plugin with dynamic require; no malicious payload. | ai | |
| source-diff | obfuscated-file:dist/v4-C-HWEQJm-OZwT-Lc8.js | AI (source-diff): Bundled minified plugin; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/prettier-D7Ly-aG0.js | AI (source-diff): Bundled minified prettier core; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/markdown-CDTH7TpJ.js | AI (source-diff): Bundled minified prettier plugin; stable pattern. | ai | |
| source-diff | net-exec-file:dist/jiti-Bb1dT6Cw-BtDs_aWX.js | AI (source-diff): jiti runtime loader with dynamic require; no malicious payload. | ai | |
| source-diff | obfuscated-file:dist/jiti-Bb1dT6Cw-BtDs_aWX.js | AI (source-diff): Bundled jiti runtime loader; expected for this package. | ai | |
| source-diff | obfuscated-file:dist/flow-Bj4lBR-Y.js | AI (source-diff): Bundled minified prettier plugin; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/acorn-Cz3eAoi8.js | AI (source-diff): Bundled minified prettier plugin; stable pattern for this formatter package. | ai | |
| source-diff | obfuscated-file:dist/acorn-sBRpswSh.js | AI (source-diff): Bundled minified prettier plugin (acorn); stable pattern for this formatter package. | ai | |
| source-diff | obfuscated-file:dist/v4-C-HWEQJm-C8EWwksG.js | AI (source-diff): Bundled minified plugin chunk; stable pattern. | ai | |
| source-diff | net-exec-file:dist/v3-D-mr2VVh-CU7hQIit.js | AI (source-diff): Plugin chunk with module loading; inherent to formatter design. | ai | |
| source-diff | obfuscated-file:dist/v3-D-mr2VVh-CU7hQIit.js | AI (source-diff): Bundled minified plugin chunk; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/typescript-C_eN_ThF.js | AI (source-diff): Bundled minified prettier plugin (typescript); stable pattern. | ai | |
| source-diff | obfuscated-file:dist/prettier-Cw36juP9.js | AI (source-diff): Bundled minified prettier core; stable pattern. | ai | |
| source-diff | obfuscated-file:dist/markdown-DVLNmbQg.js | AI (source-diff): Bundled minified prettier plugin (markdown); stable pattern. | ai | |
| source-diff | net-exec-file:dist/jiti-Bb1dT6Cw-C0N20Za1.js | AI (source-diff): jiti is a module loader; net+exec pattern is inherent to its design. | ai | |
| source-diff | obfuscated-file:dist/jiti-Bb1dT6Cw-C0N20Za1.js | AI (source-diff): Bundled jiti module loader; expected webpack output. | ai | |
| source-diff | obfuscated-file:dist/flow-c9AjoQam.js | AI (source-diff): Bundled minified prettier plugin (flow); stable pattern. | ai | |
| source-diff | obfuscated-file:dist/estree-CzfNsl8m.js | AI (source-diff): Bundled minified prettier plugin (estree); stable pattern. | ai | |
| source-diff | net-exec-file:dist/v3-D-mr2VVh-Bw8A9MXh.js | AI (source-diff): Bundled plugin with module loading; not malicious. | ai | |
| source-diff | obfuscated-file:dist/acorn-ay2Aj6GQ.js | AI (source-diff): Bundled prettier plugin (acorn parser); minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/estree-DZBnPYMx.js | AI (source-diff): Bundled prettier estree plugin; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/flow-ChhAFZSt.js | AI (source-diff): Bundled prettier flow plugin; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/markdown-CCrs3bBt.js | AI (source-diff): Bundled prettier markdown plugin; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/prettier-s1WPCGVk.js | AI (source-diff): Bundled prettier core; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/typescript-Cgpjcksz.js | AI (source-diff): Bundled prettier typescript plugin; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/jiti-Bb1dT6Cw-DezGRPD7.js | AI (source-diff): Bundled jiti module loader (webpack output); expected for this package. | ai | |
| source-diff | net-exec-file:dist/jiti-Bb1dT6Cw-DezGRPD7.js | AI (source-diff): jiti module loader naturally uses require + network; not malicious. | ai | |
| source-diff | obfuscated-file:dist/v3-D-mr2VVh-Bw8A9MXh.js | AI (source-diff): Bundled plugin variant; minified upstream artifact. | ai | |
| source-diff | obfuscated-file:dist/v4-C-HWEQJm-B81QD_Ac.js | AI (source-diff): Bundled plugin variant; minified upstream artifact. | ai | |
| source-diff | net-exec-file:dist/v4-C_IPPFom-CzWZrmWL.js | AI (source-diff): Same pattern as v3 adapter — legitimate module resolution, not dropper/loader malware. False positive for this formatter package. | ai | |
| source-diff | obfuscated-file:dist/acorn-DTid_xfu.js | AI (source-diff): Bundled minified copy of prettier's acorn plugin ([email protected]). Region comment confirms provenance. Standard build artifact for a formatter tool. | ai | |
| source-diff | obfuscated-file:dist/estree-vodXR09f.js | AI (source-diff): Bundled minified copy of prettier's estree plugin ([email protected]). Region comment confirms provenance. Standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/flow-D6joRvfg.js | AI (source-diff): Bundled minified copy of prettier's flow plugin ([email protected]). Region comment confirms provenance. Standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/markdown-CDEe6Nm4.js | AI (source-diff): Bundled minified copy of prettier's markdown plugin ([email protected]). Region comment confirms provenance. Standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/prettier-iX8V55ba.js | AI (source-diff): Bundled minified copy of prettier itself ([email protected]). Region comment confirms provenance. Expected for a formatter tool bundling prettier. | ai | |
| source-diff | obfuscated-file:dist/typescript-BFhFx1UJ.js | AI (source-diff): Bundled minified copy of prettier's TypeScript plugin ([email protected]). Region comment confirms provenance. Standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/v3-RIpeMkdf-CHWXIFE7.js | AI (source-diff): Bundled minified copy of prettier-plugin-tailwindcss v3 adapter. Region comment confirms provenance. Standard build artifact. | ai | |
| source-diff | net-exec-file:dist/v3-RIpeMkdf-CHWXIFE7.js | AI (source-diff): Module._resolveFilename usage is legitimate module resolution in prettier-plugin-tailwindcss. No actual network fetch + eval pattern; false positive for this formatter package. | ai | |
| source-diff | obfuscated-file:dist/v4-C_IPPFom-CzWZrmWL.js | AI (source-diff): Bundled minified copy of prettier-plugin-tailwindcss v4 adapter. Standard build artifact for this formatter tool. | ai | |
| source-diff | obfuscated-file:dist/acorn-Dg33ba6P.js | AI (source-diff): Minified bundle of prettier's acorn plugin; #region comments identify origin. Standard rolldown bundle output for a formatter tool. | ai | |
| source-diff | obfuscated-file:dist/dist-BwrMNepk.js | AI (source-diff): Minified bundle of prettier-plugin-tailwindcss and prettier plugins. Standard ESM bundle output; SLSA provenance confirms CI build. | ai | |
| source-diff | obfuscated-file:dist/typescript-XwnBEa56.js | AI (source-diff): Minified bundle of prettier's typescript plugin; #region comments identify origin. Standard rolldown bundle output. | ai | |
| source-diff | obfuscated-file:dist/prettier-BwD_fsw0.js | AI (source-diff): Minified bundle of prettier core; rolldown:runtime header and prettier imports confirm legitimate bundled formatter. | ai | |
| source-diff | obfuscated-file:dist/markdown-DTqaZ9x0.js | AI (source-diff): Minified bundle of prettier's markdown plugin; #region comments identify origin. Standard rolldown bundle output. | ai | |
| source-diff | obfuscated-file:dist/flow-CgDiNJJ7.js | AI (source-diff): Minified bundle of prettier's flow plugin; #region comments identify origin. Standard rolldown bundle output. | ai | |
| source-diff | obfuscated-file:dist/estree-Dbhq_ls-.js | AI (source-diff): Minified bundle of prettier's estree plugin; #region comments identify origin. Standard rolldown bundle output. | ai | |
| source-diff | net-exec-file:dist/dist-BwrMNepk.js | AI (source-diff): createRequire used for CJS interop in ESM bundle; no actual network fetch + exec pattern. Standard prettier plugin bundling. | ai | |
| source-diff | obfuscated-file:dist/typescript-Bq7RNeoo.js | AI (source-diff): Bundled copy of [email protected]/plugins/typescript.mjs — standard minified bundler output for a formatter tool, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/prettier-D94gFlK4.js | AI (source-diff): Bundled copy of [email protected] core — standard minified bundler output for a formatter tool, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/markdown-ir78_RbM.js | AI (source-diff): Bundled copy of [email protected]/plugins/markdown.mjs — standard minified bundler output for a formatter tool, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/flow-BBddPECx.js | AI (source-diff): Bundled copy of [email protected]/plugins/flow.mjs — standard minified bundler output for a formatter tool, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/estree-Bq_ViZ6c.js | AI (source-diff): Bundled copy of [email protected]/plugins/estree.mjs — standard minified bundler output for a formatter tool, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/acorn-Bhqm8ew7.js | AI (source-diff): Bundled copy of [email protected]/plugins/acorn.mjs — standard minified bundler output for a formatter tool, not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/v3-D-mr2VVh-Bj3_v5Qp.js | AI (source-diff): Bundled minified copy of prettier-plugin-tailwindcss v3 support code; standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/prettier-CK6Vmyxp.js | AI (source-diff): Bundled minified copy of prettier itself; standard build artifact from the oxc-project formatter tool. | ai | |
| source-diff | net-exec-file:dist/jiti-Bb1dT6Cw-D7Kk0pkW.js | AI (source-diff): jiti is a TypeScript/ESM runtime loader; dynamic require is its core functionality. File is a bundled dependency from prettier-plugin-tailwindcss, not dropper malware. | ai | |
| source-diff | obfuscated-file:dist/jiti-Bb1dT6Cw-D7Kk0pkW.js | AI (source-diff): Bundled minified copy of the 'jiti' TypeScript/ESM loader from prettier-plugin-tailwindcss; standard build artifact, not malicious obfuscation. | ai | |
| source-diff | obfuscated-file:dist/v4-C-HWEQJm-D29N-mp3.js | AI (source-diff): Bundled minified copy of prettier-plugin-tailwindcss v4 support code; standard build artifact. | ai | |
| source-diff | net-exec-file:dist/v3-D-mr2VVh-Bj3_v5Qp.js | AI (source-diff): Bundled prettier-plugin-tailwindcss v3 code using jiti for module resolution; dynamic require is expected behavior for this plugin. | ai | |
| source-diff | obfuscated-file:dist/dist--xku3Vyh.js | AI (source-diff): Main bundle aggregating prettier plugins; source headers confirm legitimate bundled dependencies. Standard rolldown output for oxfmt CLI. | ai | |
| source-diff | obfuscated-file:dist/flow-upegUFFJ.js | AI (source-diff): Minified bundle of [email protected] flow plugin; source attribution in file headers confirms legitimate origin. | ai | |
| source-diff | obfuscated-file:dist/markdown-XDdiHWR8.js | AI (source-diff): Minified bundle of [email protected] markdown plugin; source attribution in file headers confirms legitimate origin. | ai | |
| source-diff | obfuscated-file:dist/estree-BHX6cYnM.js | AI (source-diff): Minified bundle of [email protected] estree plugin; source attribution in file headers confirms legitimate origin. | ai | |
| source-diff | obfuscated-file:dist/acorn-1eXwhSm3.js | AI (source-diff): Minified bundle of [email protected] acorn plugin; source attribution in file headers confirms legitimate origin. Standard rolldown output for oxfmt CLI. | ai | |
| source-diff | net-exec-file:dist/dist--xku3Vyh.js | AI (source-diff): Network/exec pattern is createRequire and dynamic module resolution from bundled prettier source — standard formatter plugin loading, not malware. | ai | |
| source-diff | obfuscated-file:dist/typescript-CYBlFpU0.js | AI (source-diff): Minified bundle of [email protected] typescript plugin; source attribution in file headers confirms legitimate origin. | ai | |
| source-diff | obfuscated-file:dist/prettier-BvPMcj5n.js | AI (source-diff): Minified bundle of [email protected] core; source attribution in file headers confirms legitimate origin. | ai | |
| source-diff | obfuscated-file:dist/flow-wgnoyyH6.js | AI (source-diff): Bundled minified copy of [email protected] flow plugin; standard rolldown output for a formatter tool. Not malicious. | ai | |
| source-diff | obfuscated-file:dist/typescript-DcSkdikT.js | AI (source-diff): Bundled minified copy of [email protected] typescript plugin; standard rolldown output for a formatter tool. Not malicious. | ai | |
| source-diff | obfuscated-file:dist/prettier-BAX-9y1Y.js | AI (source-diff): Bundled minified copy of [email protected] core; standard rolldown output for a formatter tool. Not malicious. | ai | |
| source-diff | obfuscated-file:dist/markdown-gTBUizsY.js | AI (source-diff): Bundled minified copy of [email protected] markdown plugin; standard rolldown output for a formatter tool. Not malicious. | ai | |
| source-diff | obfuscated-file:dist/estree--Z9-_PI0.js | AI (source-diff): Bundled minified copy of [email protected] estree plugin; standard rolldown output for a formatter tool. Not malicious. | ai | |
| source-diff | obfuscated-file:dist/acorn-Dyod6zSw.js | AI (source-diff): Bundled minified copy of [email protected] acorn plugin; standard rolldown output for a formatter tool. Not malicious. | ai | |
| source-diff | obfuscated-file:dist/typescript-D6xJygmA.js | AI (source-diff): Minified bundle of prettier's TypeScript plugin ([email protected]). Standard build output, not obfuscated malware. SLSA provenance confirms legitimate CI build. | ai | |
| source-diff | obfuscated-file:dist/prettier-B2Z8f9vI.js | AI (source-diff): Minified bundle of [email protected] core (rolldown build). Standard build output with clear #region comments. SLSA provenance confirms legitimate CI build. | ai | |
| source-diff | obfuscated-file:dist/markdown-3iPDXd0m.js | AI (source-diff): Minified bundle of prettier's markdown plugin ([email protected]). Standard build output, not obfuscated malware. SLSA provenance confirms legitimate CI build. | ai | |
| source-diff | obfuscated-file:dist/flow-B--ySPN_.js | AI (source-diff): Minified bundle of prettier's flow plugin ([email protected]). Standard build output, not obfuscated malware. SLSA provenance confirms legitimate CI build. | ai | |
| source-diff | obfuscated-file:dist/estree-DbXw6VOE.js | AI (source-diff): Minified bundle of prettier's estree plugin ([email protected]). Standard build output, not obfuscated malware. SLSA provenance confirms legitimate CI build. | ai | |
| source-diff | obfuscated-file:dist/acorn-Cdy8_MIV.js | AI (source-diff): Minified bundle of prettier's acorn plugin ([email protected]). Standard build output, not obfuscated malware. SLSA provenance confirms legitimate CI build. | ai | |
| source-diff | net-exec-file:dist/jiti-Bb1dT6Cw-CnTrJOrf.js | AI (source-diff): jiti is a TypeScript/ESM module loader; network+exec pattern is its core functionality (module resolution), not malware. SLSA provenance confirms CI/CD origin. | ai | |
| source-diff | obfuscated-file:dist/jiti-Bb1dT6Cw-CnTrJOrf.js | AI (source-diff): Bundled copy of the 'jiti' npm package (mlly/jiti runtime). Minified output from legitimate bundler; source origin clearly annotated in file comments. | ai | |
| source-diff | obfuscated-file:dist/v4-C-HWEQJm-CbHL6UrB.js | AI (source-diff): Bundled copy of prettier-plugin-tailwindcss v4 adapter. Minified output from legitimate bundler; source origin annotated in file comments. | ai | |
| source-diff | net-exec-file:dist/v3-D-mr2VVh-CisVsFM0.js | AI (source-diff): prettier-plugin-tailwindcss uses jiti for module resolution; network+exec pattern is expected behavior, not malware. SLSA provenance confirms CI/CD origin. | ai | |
| source-diff | obfuscated-file:dist/v3-D-mr2VVh-CisVsFM0.js | AI (source-diff): Bundled copy of prettier-plugin-tailwindcss v3 adapter. Minified output from legitimate bundler; source origin annotated in file comments. | ai | |
| source-diff | obfuscated-file:dist/typescript-G7g7T3yt.js | AI (source-diff): Bundled copy of prettier's TypeScript plugin. Minified output from legitimate bundler; source origin annotated in file comments. | ai | |
| source-diff | obfuscated-file:dist/prettier-Dwwk1Fyx.js | AI (source-diff): Bundled copy of [email protected]. Minified output is expected for this well-known formatter library bundled into oxfmt's dist. | ai | |
| source-diff | obfuscated-file:dist/prettier-DpEoE-3g.js | AI (source-diff): This file is a bundled/minified copy of [email protected], a well-known open-source formatter. Long lines are standard build output for oxfmt, a formatter tool that wraps prettier. Not obfuscation. | ai | |
| source-diff | obfuscated-file:dist/estree-CvnLDdmw.js | AI (source-diff): Minified bundle of [email protected] estree plugin; header comment confirms origin. Standard build artifact. | ai | |
| source-diff | large-new-source-files | AI (source-diff): Large number of new files reflects addition of prettier plugin support (Tailwind, Flow, TS, etc.). Expected for this formatter's feature expansion. | ai | |
| source-diff | obfuscated-file:dist/v4-C-HWEQJm-olIGVWd7.js | AI (source-diff): Minified bundle of Tailwind CSS v4 plugin for prettier-plugin-tailwindcss. Standard build artifact. | ai | |
| source-diff | net-exec-file:dist/v3-D-mr2VVh-DA8uo048.js | AI (source-diff): Tailwind CSS v3 bundled plugin; network+exec pattern expected for CSS processing. SLSA provenance confirms legitimate build. | ai | |
| source-diff | obfuscated-file:dist/v3-D-mr2VVh-DA8uo048.js | AI (source-diff): Minified bundle of Tailwind CSS v3 plugin for prettier-plugin-tailwindcss. Standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/typescript-Cg8onQ4r.js | AI (source-diff): Minified bundle of [email protected] typescript plugin; header comment confirms origin. Standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/prettier-Bmp66eXw.js | AI (source-diff): Minified bundle of [email protected] core; header comment confirms origin. Standard build artifact for a prettier-based formatter. | ai | |
| source-diff | obfuscated-file:dist/markdown-BkJWkmO_.js | AI (source-diff): Minified bundle of [email protected] markdown plugin; header comment confirms origin. Standard build artifact. | ai | |
| source-diff | net-exec-file:dist/jiti-Bb1dT6Cw-DpVi6yB1.js | AI (source-diff): jiti runtime bundled from prettier-plugin-tailwindcss; network+exec pattern is expected for a module loader. SLSA provenance confirms legitimate build. | ai | |
| source-diff | obfuscated-file:dist/jiti-Bb1dT6Cw-DpVi6yB1.js | AI (source-diff): Minified bundle of jiti from prettier-plugin-tailwindcss; header comment confirms origin. jiti is a well-known TS/ESM runtime loader. | ai | |
| source-diff | obfuscated-file:dist/flow-BthqNux8.js | AI (source-diff): Minified bundle of [email protected] flow plugin; header comment confirms origin. Standard build artifact. | ai | |
| source-diff | obfuscated-file:dist/acorn-K_XpABqm.js | AI (source-diff): Minified bundle of [email protected] acorn plugin; header comment confirms origin. Standard build artifact for this formatter package. | ai |
Versions (showing 54 of 54)
| Version | Deps | Published |
|---|---|---|
| 0.52.0 | 1 / 0 | |
| 0.51.0 | 1 / 0 | |
| 0.50.0 | 1 / 0 | |
| 0.49.0 | 1 / 0 | |
| 0.48.0 | 1 / 0 | |
| 0.47.0 | 1 / 0 | |
| 0.46.0 | 1 / 0 | |
| 0.45.0 | 1 / 0 | |
| 0.44.0 | 1 / 0 | |
| 0.43.0 | 1 / 0 | |
| 0.42.0 | 1 / 0 | |
| 0.41.0 | 1 / 0 | |
| 0.40.0 | 1 / 0 | |
| 0.39.0 | 1 / 0 | |
| 0.38.0 | 1 / 0 | |
| 0.37.0 | 1 / 0 | |
| 0.36.0 | 1 / 0 | |
| 0.35.0 | 1 / 0 | |
| 0.34.0 | 1 / 0 | |
| 0.33.0 | 1 / 0 | |
| 0.32.0 | 1 / 0 | |
| 0.31.0 | 1 / 0 | |
| 0.30.0 | 1 / 0 | |
| 0.28.0 | 1 / 0 | |
| 0.27.0 | 1 / 0 | |
| 0.26.0 | 1 / 0 | |
| 0.25.0 | 1 / 0 | |
| 0.24.0 | 1 / 0 | |
| 0.23.0 | 1 / 0 | |
| 0.22.0 | 1 / 0 | |
| 0.21.0 | 1 / 0 | |
| 0.20.0 | 1 / 0 | |
| 0.19.0 | 1 / 0 | |
| 0.18.0 | 1 / 0 | |
| 0.17.0 | 0 / 0 | |
| 0.16.0 | 0 / 0 | |
| 0.15.0 | 0 / 0 | |
| 0.14.0 | 0 / 0 | |
| 0.13.0 | 0 / 0 | |
| 0.12.0 | 0 / 0 | |
| 0.11.0 | 2 / 0 | |
| 0.10.0 | 2 / 0 | |
| 0.9.0 | 0 / 0 | |
| 0.8.0 | 0 / 0 | |
| 0.7.0 | 0 / 0 | |
| 0.6.0 | 0 / 0 | |
| 0.5.0 | 0 / 0 | |
| 0.4.0 | 0 / 0 | |
| 0.3.0 | 0 / 0 | |
| 0.2.0 | 0 / 0 | |
| 0.1.0 | 0 / 0 | |
| 0.0.2 | 0 / 0 | |
| 0.0.1 | 0 / 0 | |
| 0.0.0 | 0 / 0 |
v0.52.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.51.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.50.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.49.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.48.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.46.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.45.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.44.0
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.43.0
8 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.42.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.41.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.40.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.39.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.38.0
5 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.37.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.36.0
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.35.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.34.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.33.0
12 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.32.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.31.0
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.30.0
11 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.28.0
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.27.0
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.26.0
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.25.0
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.24.0
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.23.0
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.22.0
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.21.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.20.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.19.0
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.18.0
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.17.0
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.16.0
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.15.0
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.14.0
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.13.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.12.0
7 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.11.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.10.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.9.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.8.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.7.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.6.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.5.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.4.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.3.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.2.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.1.0
2 findingsThis version was published by a different npm account than previous versions on 2025-09-12. This could indicate a legitimate maintainer transition or an account compromise.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.0.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v0.0.1
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v0.0.0
1 findingPackage was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.