npm · registry.npmjs.org

@akanjs/devkit

Js Split Join Obfuscation: Array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis.

Why PkgRadar flagged 2.1.0

Severity	Signal	Evidence
high	Js Split Join Obfuscation	Array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis. · package/devkitUtils.test.ts

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2.3.4-rc.1`	Low risk	0	2026-06-17
`2.3.4-rc.0`	Low risk	0	2026-06-17
`2.3.3`	Low risk	0	2026-06-17
`2.3.3-rc.1`	Low risk	0	2026-06-17
`2.3.3-rc.0`	Low risk	0	2026-06-17
`2.3.2`	Low risk	0	2026-06-17
`2.3.2-rc.8`	Low risk	0	2026-06-17
`2.3.2-rc.7`	Low risk	0	2026-06-17
`2.3.2-rc.6`	Low risk	0	2026-06-16
`2.3.2-rc.5`	Low risk	0	2026-06-15
`2.3.2-rc.4`	Low risk	0	2026-06-15
`2.3.2-rc.3`	Low risk	0	2026-06-15
`2.3.2-rc.2`	Low risk	0	2026-06-15
`2.3.2-rc.1`	Low risk	0	2026-06-14
`2.3.2-rc.0`	Low risk	0	2026-06-14
`2.3.1`	Low risk	0	2026-06-14
`2.3.1-rc.5`	Low risk	0	2026-06-13
`2.3.1-rc.4`	Low risk	0	2026-06-13
`2.3.1-rc.3`	Low risk	0	2026-06-13
`2.3.1-rc.2`	Low risk	0	2026-06-12
`2.3.1-rc.1`	Low risk	0	2026-06-12
`2.3.1-rc.0`	Low risk	0	2026-06-12
`2.3.0`	Low risk	0	2026-06-10
`2.2.13-rc.1`	Low risk	0	2026-06-10
`2.2.13-rc.0`	Low risk	0	2026-06-09
`2.2.12`	Low risk	0	2026-06-09
`2.2.11`	Low risk	0	2026-06-08
`2.2.10`	Low risk	0	2026-06-08
`2.2.10-rc.1`	Low risk	0	2026-06-07
`2.2.10-rc.0`	Low risk	0	2026-06-07
`2.2.9`	Low risk	0	2026-06-07
`2.2.8`	Low risk	0	2026-06-07
`2.2.7`	Low risk	0	2026-06-07
`2.2.7-rc.4`	Low risk	0	2026-06-07
`2.2.7-rc.3`	Low risk	0	2026-06-07
`2.2.7-rc.2`	Low risk	0	2026-06-07
`2.2.7-rc.1`	Low risk	0	2026-06-07
`2.2.7-rc.0`	Low risk	0	2026-06-07
`2.2.6`	Low risk	0	2026-06-06
`2.2.5`	Low risk	0	2026-06-06
`2.2.4-rc.5`	Low risk	0	2026-06-06
`2.2.4-rc.4`	Low risk	0	2026-06-06
`2.2.4-rc.3`	Low risk	0	2026-06-06
`2.2.4-rc.2`	Low risk	0	2026-06-06
`2.2.4-rc.1`	Low risk	0	2026-06-06
`2.2.4-rc.0`	Low risk	0	2026-06-06
`2.2.3`	Low risk	0	2026-06-06
`2.2.3-rc.1`	Low risk	0	2026-06-06
`2.2.3-rc.0`	Low risk	0	2026-06-05
`2.2.2-rc.0`	Low risk	0	2026-06-04
`2.2.2`	Low risk	0	2026-06-04
`2.2.1`	Low risk	0	2026-06-04
`2.2.1-rc.3`	Low risk	0	2026-06-04
`2.2.1-rc.2`	Low risk	0	2026-06-04
`2.2.1-rc.0`	Low risk	0	2026-06-04
`2.2.1-rc.1`	Low risk	0	2026-06-04
`2.2.0-rc.5`	Low risk	0	2026-06-03
`2.2.0`	Low risk	0	2026-06-03
`2.1.2-rc.0`	Low risk	0	2026-06-03
`2.1.2-rc.1`	Low risk	0	2026-06-03
`1.0.21`	Low risk	0	2026-06-02
`2.1.1`	Low risk	0	2026-06-02
`2.1.1-rc.2`	Low risk	0	2026-06-02
`2.1.1-rc.0`	Low risk	0	2026-06-01
`2.1.1-rc.1`	Low risk	0	2026-06-01
`2.1.0`	Review	20	2026-05-30
`2.1.0-rc.12`	Review	20	2026-05-30
`2.1.0-rc.11`	Review	20	2026-05-30
`2.1.0-rc.10`	Review	20	2026-05-30
`2.1.0-rc.9`	Review	20	2026-05-30
`2.1.0-rc.8`	Review	20	2026-05-30
`2.1.0-rc.7`	Review	20	2026-05-30
`2.1.0-rc.6`	Review	20	2026-05-30
`2.1.0-rc.5`	Review	20	2026-05-30
`2.1.0-rc.4`	Review	20	2026-05-30
`2.1.0-rc.3`	Review	20	2026-05-30
`2.1.0-rc.2`	Review	20	2026-05-30
`2.1.0-rc.1`	Review	20	2026-05-30
`2.1.0-rc.0`	Review	20	2026-05-30
`1.0.19`	Low risk	0	2026-05-28
`1.0.20`	Low risk	0	2026-05-28

Block this in CI

PkgRadar gates @akanjs/devkit (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @akanjs/[email protected]

Start free — 25 scans / mo View full evidence