playwright-core
A high-level API to automate web browsers
Supply chain provenance
Status for the latest visible version.
Maintainers
Accepted risks
Findings the reviewer chose to accept rather than block on.
| Source | Rule | Reason | Accepted by | When |
|---|---|---|---|---|
| source-diff | obfuscated-file:lib/vite/traceViewer/index.BCnMPevh.js | AI (source-diff): Vite-bundled trace viewer entry; standard minified build output. | ai | |
| source-diff | net-exec-file:lib/vite/traceViewer/assets/defaultSettingsView-D31xz8zv.js | AI (source-diff): Bundled React app with fetch for modulepreload; not malicious network+exec. | ai | |
| source-diff | obfuscated-file:lib/vite/traceViewer/assets/defaultSettingsView-D31xz8zv.js | AI (source-diff): Vite-bundled React UI; standard minified build output for this package. | ai | |
| source-diff | obfuscated-file:lib/vite/traceViewer/assets/codeMirrorModule-Ds_H_9Yq.js | AI (source-diff): Vite-bundled CodeMirror; standard minified build output for this package. | ai | |
| source-diff | obfuscated-file:lib/vite/recorder/assets/codeMirrorModule-BHYmBp6h.js | AI (source-diff): Vite-bundled CodeMirror; standard minified build output for this package. | ai | |
| source-diff | obfuscated-file:lib/vite/traceViewer/uiMode.C2Efnu2P.js | AI (source-diff): Vite-bundled UI mode entry; standard minified build output. | ai | |
| source-diff | obfuscated-file:lib/vite/dashboard/assets/index-DpEq2p62.js | AI (source-diff): Vite-bundled React UI; standard minified build output for this package. | ai | |
| source-diff | obfuscated-file:lib/vite/recorder/assets/index-DA10QRaq.js | AI (source-diff): Vite-bundled React UI; standard minified build output for this package. | ai | |
| npm-metadata | suspicious-initial-version | AI (npm-metadata): 0.0.0 is the legitimate namespace-reservation stub for the canonical Playwright package, published 6+ years ago with 50.7M weekly downloads across 5458 versions. | ai | |
| provenance | no-provenance | AI (provenance): playwright-core is an established Microsoft package predating Sigstore provenance adoption on npm; absence of attestation is expected for this version. | ai | |
| semgrep | semgrep:shady-links-raw-ip | AI (semgrep): Constructs a localhost URL (127.0.0.1) for an internal HTTP server — standard practice for Playwright's local browser automation server. | ai | |
| install-scripts | install-script:install | AI (install-scripts): playwright-core's install script downloads browser binaries — this is the package's documented and expected install flow, stable across all versions. | ai | |
| semgrep | semgrep:http-module-request | AI (semgrep): HTTP requests in browserFetcher.js are used to download browser binaries from CDN — core functionality of this browser automation package, not exfiltration. | ai | |
| source-diff | obfuscated-file:lib/vite/traceViewer/index.Dtstcb7U.js | AI (source-diff): Vite-bundled frontend asset for Playwright Trace Viewer UI. Hash-suffixed filenames are standard Vite content-hash output. Code is minified React/UI code, not malicious obfuscation. | ai | |
| bogus-package | bogus-package | AI (bogus-package): playwright-core is a large Microsoft framework; no keywords and no declared deps are structural choices, not spam indicators. README is at playwright.dev. | ai | |
| npm-metadata | bundled-binaries | AI (npm-metadata): PrintDeps.exe is a documented Playwright utility for inspecting Windows DLL dependencies during browser binary management. Legitimate and stable across versions. | ai | |
| semgrep | semgrep:hex-decode | AI (semgrep): Hex decode in utilsBundleImpl is part of bundled dotenv/debug string parsing logic, not malicious payload handling. False positive for this package. | ai | |
| semgrep | semgrep:child-process-spawn | AI (semgrep): Spawning child processes is core to Playwright's browser automation functionality. Confirmed legitimate use in debug mode launcher. | ai | |
| source-diff | obfuscated-file:lib/vite/traceViewer/assets/codeMirrorModule-DS0FLvoc.js | AI (source-diff): Vite-bundled frontend asset for Playwright's Trace Viewer UI. Minified CodeMirror editor code — expected for this package. | ai | |
| semgrep | semgrep:api-obfuscation-reflect | AI (semgrep): Reflect.get() in bundled zod library — standard JS metaprogramming, not evasion. | ai | |
| semgrep | semgrep:env-bulk-read | AI (semgrep): Environment enumeration in a bundled utility — standard config/logging behavior in this framework. | ai | |
| semgrep | semgrep:dynamic-require | AI (semgrep): Dynamic require used to load package.json from browser reference directories — benign metadata reading. | ai | |
| semgrep | semgrep:base64-decode | AI (semgrep): Base64 decoding used for WebSocket message handling between browser page and Playwright server — expected protocol behavior. | ai | |
| semgrep | semgrep:new-function-constructor | AI (semgrep): Used in javascript.js for JS expression validation before evaluation — legitimate use in a browser automation tool. | ai | |
| semgrep | semgrep:env-spread | AI (semgrep): Spreading process.env when spawning browser child processes is standard and expected for a browser automation framework. | ai | |
| semgrep | semgrep:child-process-import | AI (semgrep): Playwright-core must launch browser processes via child_process — this is core functionality, not malicious. | ai | |
| source-diff | obfuscated-file:lib/vite/traceViewer/uiMode.Vipi55dB.js | AI (source-diff): Vite-bundled UI mode asset for Playwright's Trace Viewer. Minification is expected for browser-targeted build output. | ai | |
| source-diff | obfuscated-file:lib/vite/traceViewer/index.C5466mMT.js | AI (source-diff): Vite-bundled Trace Viewer entry point. Minified output is expected for browser-targeted assets in this package. | ai | |
| source-diff | net-exec-file:lib/vite/traceViewer/assets/defaultSettingsView-GTWI-W_B.js | AI (source-diff): Network calls are Vite modulepreload polyfill (fetch) and React rendering — standard frontend bundle behavior, not dropper malware. | ai | |
| source-diff | obfuscated-file:lib/vite/traceViewer/assets/defaultSettingsView-GTWI-W_B.js | AI (source-diff): Vite-bundled React frontend asset for Playwright's Trace Viewer UI. Minification is expected for browser-targeted build output. | ai |
Versions (showing 51 of 414)
| Version | Deps | Published |
|---|---|---|
| 1.60.0 | 0 / 0 | |
| 1.59.1 | 0 / 0 | |
| 1.59.0 | 0 / 0 | |
| 1.58.2 | 0 / 0 | |
| 1.58.1 | 0 / 0 | |
| 1.58.0 | 0 / 0 | |
| 1.57.0 | 0 / 0 | |
| 1.56.1 | 0 / 0 | |
| 1.56.0 | 0 / 0 | |
| 1.55.1 | 0 / 0 | |
| 1.55.0 | 0 / 0 | |
| 1.54.2 | 0 / 0 | |
| 1.54.1 | 0 / 0 | |
| 1.54.0 | 0 / 0 | |
| 1.53.2 | 0 / 0 | |
| 1.53.1 | 0 / 0 | |
| 1.53.0 | 0 / 0 | |
| 1.52.0 | 0 / 0 | |
| 1.51.1 | 0 / 0 | |
| 1.51.0 | 0 / 0 | |
| 1.50.1 | 0 / 0 | |
| 1.50.0 | 0 / 0 | |
| 1.49.1 | 0 / 0 | |
| 1.49.0 | 0 / 0 | |
| 1.48.2 | 0 / 0 | |
| 1.48.1 | 0 / 0 | |
| 1.48.0 | 0 / 0 | |
| 1.47.2 | 0 / 0 | |
| 1.47.1 | 0 / 0 | |
| 1.47.0 | 0 / 0 | |
| 1.46.1 | 0 / 0 | |
| 1.46.0 | 0 / 0 | |
| 1.45.3 | 0 / 0 | |
| 1.45.2 | 0 / 0 | |
| 1.45.1 | 0 / 0 | |
| 1.45.0 | 0 / 0 | |
| 1.44.1 | 0 / 0 | |
| 1.44.0 | 0 / 0 | |
| 1.43.1 | 0 / 0 | |
| 1.43.0 | 0 / 0 | |
| 1.42.1 | 0 / 0 | |
| 1.42.0 | 0 / 0 | |
| 1.41.2 | 0 / 0 | |
| 1.41.1 | 0 / 0 | |
| 1.41.0 | 0 / 0 | |
| 1.40.1 | 0 / 0 | |
| 1.40.0 | 0 / 0 | |
| 1.39.0 | 0 / 0 | |
| 1.38.1 | 0 / 0 | |
| 1.38.0 | 0 / 0 | |
| 1.37.1 | 0 / 0 |
v1.60.0
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.59.1
9 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added file contains both network calls and dynamic code execution. This is a hallmark of dropper/loader malware.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/microsoft/playwright/blob/d466ac5358cae058cdc75d2ae3ab3ad220042730/lib/outofprocess.js#L52 50 | stdio: "pipe", 51 | detached: true, > 52 | env: { 53 | ...process.env, 54 | ...env
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/microsoft/playwright/blob/d466ac5358cae058cdc75d2ae3ab3ad220042730/lib/server/registry/dependencies.js#L302 300 | const { stdout, code } = await (0, import_spawnAsync.spawnAsync)(executable, [filePath], { 301 | cwd: dirname, > 302 | env: { 303 | ...process.env, 304 | LD_LIBRARY_PATH: process.env.LD_LIBRARY_PATH ? `${process.env.LD_LIBRARY_PATH}:${dirname}` : dirname
Spreading entire process.env into an object — may capture all secrets Source: https://github.com/microsoft/playwright/blob/d466ac5358cae058cdc75d2ae3ab3ad220042730/lib/server/registry/dependencies.js#L319 317 | const { stdout, code } = await (0, import_spawnAsync.spawnAsync)("ldd", [filePath], { 318 | cwd: dirname, > 319 | env: { 320 | ...process.env, 321 | LD_LIBRARY_PATH
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.59.0
2 findingsNewly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.58.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.58.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.58.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.57.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.56.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.56.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.55.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.55.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.54.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.54.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.54.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.53.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.53.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.53.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.52.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.51.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.51.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.50.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.50.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.49.1
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.49.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.48.2
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.48.1
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.48.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.47.2
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.47.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.47.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.46.1
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.46.0
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.45.3
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.45.2
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.45.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.45.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.44.1
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.44.0
2 findingsPackage contains compiled binaries that could be backdoors: • bin/PrintDeps.exe
Published via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.43.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.43.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.42.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.42.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.41.2
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.41.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.41.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.40.1
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.40.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.39.0
1 findingPublished via CI/CD with Sigstore attestation (predicate: https://slsa.dev/provenance/v1). This is the strongest supply chain integrity signal.
v1.38.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.38.0
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.
v1.37.1
1 finding[Accepted risk] Package was published without Sigstore provenance. Only ~12% of npm packages have provenance, so this is common but not ideal.