unicode-5.2.0 — Greenflagged

JavaScript-compatible Unicode data. Arrays of code points, arrays of symbols, and regular expressions for Unicode v5.2.0’s categories, scripts, blocks, bidi, and other properties.

Supply chain provenance

Status for the latest visible version.

No SLSA provenance npm registry signatures No source commit

Without SLSA provenance there is no cryptographic link between this tarball and the public source — the axios compromise (March 2026) relied on exactly this gap.

Maintainers

mathias

Keywords

unicodeunicode-datacode pointssymbolscharactersbidicase-foldingregexregexpdata

Accepted risks

Findings the reviewer chose to accept rather than block on.

Source	Rule	Reason	Accepted by	When
source-diff	obfuscated-file:bidi/ON/code-points.js	AI (source-diff): Single-line array of Unicode code points for Other Neutral bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/NSM/code-points.js	AI (source-diff): Single-line array of Unicode code points for Non-Spacing Mark bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/L/symbols.js	AI (source-diff): Single-line array of Unicode symbols for L bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/L/regex.js	AI (source-diff): Single-line regex of Unicode character ranges for L bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/L/code-points.js	AI (source-diff): Single-line array of Unicode code point integers for Left-to-Right bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/AL/symbols.js	AI (source-diff): Single-line array of Unicode escape sequences for Arabic Letter characters — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/AL/code-points.js	AI (source-diff): Single-line array of Unicode code point integers for Arabic Letter bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/index.js	AI (source-diff): Large single-line array of Unicode bidi category strings — pure data file consistent with this Unicode data package's purpose, not obfuscated code.	ai	2026/04/24
source-diff	obfuscated-file:bidi/R/symbols.js	AI (source-diff): Single-line array of Unicode symbols for R bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/R/code-points.js	AI (source-diff): Single-line array of Unicode code points for Right-to-Left bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/ON/symbols.js	AI (source-diff): Single-line array of Unicode symbols for ON bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:bidi/NSM/symbols.js	AI (source-diff): Single-line array of Unicode escape sequences for NSM bidi category — expected data file for this package.	ai	2026/04/24
source-diff	obfuscated-file:case-folding/C/symbols.js	AI (source-diff): Same as above — dense Unicode symbol-to-symbol mapping objects are expected output for this data package, not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:case-folding/C/code-points.js	AI (source-diff): This is a Unicode data package; long-line files are machine-generated lookup tables (code-point mappings), not obfuscated code. Stable false positive for this package.	ai	2026/04/24
source-diff	obfuscated-file:blocks/Arabic_Presentation_Forms_A/symbols.js	AI (source-diff): Long lines are sequential Unicode escape sequences — the expected data format for this Unicode data package. Not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:blocks/Arabic_Presentation_Forms_A/code-points.js	AI (source-diff): Long lines are sequential Unicode code point arrays — the expected data format for this Unicode data package. Not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/Right_To_Left/code-points.js	AI (source-diff): Unicode code point arrays are legitimately long single-line exports. No malicious content.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/Arabic_Letter/symbols.js	AI (source-diff): Unicode symbol arrays are legitimately long single-line exports. No malicious content.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/Other_Neutral/symbols.js	AI (source-diff): Unicode symbol arrays are legitimately long single-line exports. No malicious content.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/index.js	AI (source-diff): Unicode data tables are inherently dense single-line exports of code points/symbols/regexes. Not obfuscation — this is the expected format for this data package.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/Arabic_Letter/code-points.js	AI (source-diff): Unicode code point arrays are legitimately long single-line exports. No malicious content.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/Left_To_Right/symbols.js	AI (source-diff): Unicode symbol arrays are legitimately long single-line exports. No malicious content.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/Other_Neutral/code-points.js	AI (source-diff): Unicode code point arrays are legitimately long single-line exports. No malicious content.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/Left_To_Right/regex.js	AI (source-diff): Unicode regex patterns are legitimately long single-line exports. No malicious content.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/Left_To_Right/code-points.js	AI (source-diff): Unicode code point arrays are legitimately long single-line exports. No malicious content.	ai	2026/04/24
source-diff	obfuscated-file:bidi-classes/Right_To_Left/symbols.js	AI (source-diff): Unicode symbol arrays are legitimately long single-line exports. No malicious content.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/H2/symbols.js	AI (source-diff): Single-line array of Korean Hangul Unicode symbols. Long line is due to data volume, not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/Alphabetic/code-points.js	AI (source-diff): Gzip-compressed Unicode code point data array. Standard compression pattern for large Unicode data files in this package family.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/Alphabetic/regex.js	AI (source-diff): Single-line Unicode regex covering character ranges — expected output for a Unicode data package.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/Alphabetic/symbols.js	AI (source-diff): Gzip-compressed Unicode symbol array. Standard compression pattern for large Unicode data files in this package family.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/Combining_Mark/code-points.js	AI (source-diff): Gzip-compressed Unicode code point data. Legitimate data file for this Unicode data package.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/Combining_Mark/symbols.js	AI (source-diff): Gzip-compressed Unicode symbol data. Legitimate data file for this Unicode data package.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/Complex_Context/code-points.js	AI (source-diff): Single-line array of Unicode code point integers. Long line is due to data volume, not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/Complex_Context/symbols.js	AI (source-diff): Single-line array of Unicode escape sequences. Long line is due to data volume, not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/H3/code-points.js	AI (source-diff): Unicode code point data array. Long line is due to data volume, not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/H3/regex.js	AI (source-diff): Single-line Unicode regex. Expected output for a Unicode data package.	ai	2026/04/24
source-diff	obfuscated-file:Line_Break/H3/symbols.js	AI (source-diff): Unicode symbol data array. Long line is due to data volume, not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:blocks/CJK_Compatibility_Ideographs/code-points.js	AI (source-diff): Long-line format is dense Unicode code point data arrays, not obfuscated malicious code. Expected format for this data package.	ai	2026/04/24
source-diff	obfuscated-file:blocks/Byzantine_Musical_Symbols/symbols.js	AI (source-diff): Long-line format is dense Unicode symbol arrays, not obfuscated malicious code. Expected format for this data package.	ai	2026/04/24
source-diff	obfuscated-file:blocks/Arabic_Presentation_Forms-A/symbols.js	AI (source-diff): Long-line format is dense Unicode symbol arrays (escape sequences), not obfuscated malicious code. Expected format for this data package.	ai	2026/04/24
source-diff	obfuscated-file:blocks/Arabic_Presentation_Forms-A/code-points.js	AI (source-diff): Long-line format is dense Unicode code point data arrays, not obfuscated malicious code. This is the expected format for unicode-5.2.0 data files.	ai	2026/04/24
source-diff	obfuscated-file:blocks/CJK_Compatibility_Ideographs_Supplement/code-points.js	AI (source-diff): Long-line format is dense Unicode code point data arrays, not obfuscated malicious code. Expected format for this data package.	ai	2026/04/24
source-diff	obfuscated-file:blocks/CJK_Compatibility_Ideographs/symbols.js	AI (source-diff): Long-line format is dense Unicode symbol arrays, not obfuscated malicious code. Expected format for this data package.	ai	2026/04/24
source-diff	obfuscated-file:categories/Lowercase_Letter/regex.js	AI (source-diff): Unicode regex patterns are inherently long single-line expressions; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Lowercase_Letter/code-points.js	AI (source-diff): Unicode data arrays of code points produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Letter/symbols.js	AI (source-diff): Unicode symbol arrays produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Letter/regex.js	AI (source-diff): Unicode regex patterns are inherently long single-line expressions; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Letter/code-points.js	AI (source-diff): Unicode data arrays of code points produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Decimal_Number/symbols.js	AI (source-diff): Unicode symbol arrays produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Cased_Letter/symbols.js	AI (source-diff): Unicode symbol arrays produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Cased_Letter/code-points.js	AI (source-diff): Unicode data arrays of code points produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Nonspacing_Mark/symbols.js	AI (source-diff): Unicode symbol arrays produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Nonspacing_Mark/code-points.js	AI (source-diff): Unicode data arrays of code points produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	large-new-source-files	AI (source-diff): This Unicode data package legitimately adds many category/bidi data files per version; large file counts are expected.	ai	2026/04/24
source-diff	obfuscated-file:categories/Math_Symbol/code-points.js	AI (source-diff): Unicode data arrays of code points produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Mark/symbols.js	AI (source-diff): Unicode symbol arrays produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Mark/code-points.js	AI (source-diff): Unicode data arrays of code points produce long single lines by nature; not obfuscation.	ai	2026/04/24
source-diff	obfuscated-file:categories/Lowercase_Letter/symbols.js	AI (source-diff): Unicode symbol arrays produce long single lines by nature; not obfuscation.	ai	2026/04/24
publish-pattern	dormant-publish	AI (publish-pattern): unicode-5.2.0 is a static Unicode version data package; infrequent/dormant publish cadence is expected and not indicative of takeover for this type of frozen-spec package.	ai	2026/04/23

Versions (showing 17 of 17)

Version	Deps	Published
0.7.5	0 / 0	2018-02-18
0.7.4	0 / 0	2017-04-14
0.7.3	0 / 0	2017-04-13
0.7.2	0 / 0	2017-04-11
0.6.0	0 / 0	2016-05-28
0.5.0	0 / 0	2016-05-26
0.4.0	0 / 0	2016-05-26
0.3.1	0 / 0	2016-05-26
0.3.0	0 / 0	2016-05-25
0.2.0	0 / 0	2016-05-22
0.1.6	0 / 0	2016-05-20
0.1.5	0 / 0	2014-05-28
0.1.4	0 / 0	2014-05-28
0.1.3	0 / 0	2014-04-24
0.1.2	0 / 0	2013-12-24
0.1.1	0 / 0	2013-10-17
0.1.0	0 / 0	2013-10-01

v0.7.5

2 findings

HIGH Missing gitHead — previous versions had it provenance

This version has no gitHead field linking it to a source commit, but previous versions did. This suggests the publish environment changed. Published by: mathias.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.7.4

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.7.3

1 finding

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.7.2

12 findings

HIGH New obfuscated file: Line_Break/Alphabetic/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/Alphabetic/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/Alphabetic/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/Combining_Mark/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/Combining_Mark/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/Complex_Context/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/Complex_Context/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/H2/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/H3/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/H3/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Line_Break/H3/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.6.0

32 findings

HIGH New obfuscated file: Binary_Property/Alphabetic/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Alphabetic/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Alphabetic/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Any/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Any/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Assigned/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Assigned/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Assigned/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Bidi_Mirrored/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Bidi_Mirrored/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Case_Ignorable/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Case_Ignorable/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Cased/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Cased/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Casefolded/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Casefolded/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Casefolded/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Casemapped/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Casemapped/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Lowercased/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Lowercased/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Lowercased/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_NFKC_Casefolded/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_NFKC_Casefolded/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_NFKC_Casefolded/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Titlecased/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Titlecased/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Titlecased/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Uppercased/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Uppercased/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: Binary_Property/Changes_When_Uppercased/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.5.0

3 findings

HIGH New obfuscated file: blocks/Arabic_Presentation_Forms_A/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: blocks/Arabic_Presentation_Forms_A/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.4.0

15 findings

HIGH New obfuscated file: categories/Nonspacing_Mark/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Nonspacing_Mark/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Cased_Letter/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Cased_Letter/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Decimal_Number/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Letter/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Letter/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Letter/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Lowercase_Letter/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Lowercase_Letter/regex.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Lowercase_Letter/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Mark/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Mark/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: categories/Math_Symbol/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.3.1

7 findings

HIGH New obfuscated file: blocks/Arabic_Presentation_Forms-A/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: blocks/Arabic_Presentation_Forms-A/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: blocks/Byzantine_Musical_Symbols/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: blocks/CJK_Compatibility_Ideographs/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: blocks/CJK_Compatibility_Ideographs/symbols.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

HIGH New obfuscated file: blocks/CJK_Compatibility_Ideographs_Supplement/code-points.js source-diff

Newly added source file contains lines over 3000 chars, suggesting minified or obfuscated code. New obfuscated files are a strong attack indicator.

LOW No provenance attestation provenance

Package was published without Sigstore provenance. Consider requesting the maintainer enable provenance via CI/CD.

v0.3.0