PkgRadar

npm · registry.npmjs.org

@bananapus/core-v6

Manifest Codeless Dependency Stub: package ships no JS/TS source but declares 5 dependency(ies) (0 with loose/empty version specs) — dependency-confusion / install-chain loader shape

Why PkgRadar flagged 0.0.88

SeveritySignalEvidence
mediumManifest Codeless Dependency Stubpackage ships no JS/TS source but declares 5 dependency(ies) (0 with loose/empty version specs) — dependency-confusion / install-chain loader shape · package.json
mediumRemote Dependency Specdependencies.@uniswap/permit2="github:Uniswap/permit2#cc56ad0f3439c502c246fc5cfcc3db92bb8b7219" · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
0.0.88Review132026-06-10
0.0.87Review272026-06-08
0.0.86Review132026-06-05
0.0.85Review132026-06-05
0.0.84Review132026-06-05
0.0.83Review132026-06-04
0.0.82Review272026-06-04
0.0.81Review132026-06-02
0.0.80Review132026-06-02
0.0.79Review132026-06-01
0.0.78Review132026-06-01
0.0.77Review132026-05-31
0.0.76Review62026-05-30
0.0.75Review62026-05-29
0.0.74Review122026-05-28
0.0.73Review62026-05-28
0.0.72Review62026-05-27
0.0.71Review122026-05-27
0.0.70Review122026-05-26
0.0.69Review62026-05-26
0.0.68Review62026-05-25
0.0.67Review62026-05-25
0.0.66Review62026-05-25
0.0.65Review62026-05-25
0.0.64Review122026-05-25
0.0.63Review122026-05-25
0.0.62Review122026-05-25
0.0.61Review122026-05-25

Block this in CI

PkgRadar gates @bananapus/core-v6 (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @bananapus/[email protected]
Start free — 25 scans / moView full evidence