PkgRadar

npm · registry.npmjs.org

@finema/core

Obfuscation Density: high encoded/escaped-token density

Why PkgRadar flagged 3.16.10

SeveritySignalEvidence
mediumObfuscation Densityhigh encoded/escaped-token density · package/dist/runtime/components/Form/fileState/useUploadImageState.js
mediumObfuscation Densityhigh encoded/escaped-token density · package/dist/runtime/i18n/valibot.js

Scanned versions

VersionVerdictScoreScanned (UTC)
1.1.3Low risk02026-06-10
1.1.4Low risk02026-06-10
1.1.5Low risk02026-06-10
3.20.1Low risk02026-06-10
3.20.0Low risk02026-06-09
3.19.0Low risk02026-06-09
3.18.0Low risk02026-06-09
3.17.2Low risk02026-06-08
3.17.1Low risk02026-06-08
3.17.0Low risk02026-06-08
3.16.10Review122026-05-27
3.16.11Review122026-05-27
3.16.9Review122026-05-26
3.16.8Review122026-05-26

Block this in CI

PkgRadar gates @finema/core (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @finema/[email protected]
Start free — 25 scans / moView full evidence