npm · registry.npmjs.org
@hasna/signatures
Install Lifecycle Suppresses Failure: postinstall="mkdir -p $HOME/.hasna/signatures/{documents,signed,signatures,cache} 2>/dev/null || true"
Why PkgRadar flagged 0.1.5
| Severity | Signal | Evidence |
|---|---|---|
| high | Install Lifecycle Suppresses Failure | postinstall="mkdir -p $HOME/.hasna/signatures/{documents,signed,signatures,cache} 2>/dev/null || true" · package.json |
| medium | New Account With Lifecycle Hook | package first published 79 day(s) ago, 7 total version(s), has lifecycle hook · package.json |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.1.5 | High risk | 25 | 2026-06-10 |
0.1.6 | High risk | 25 | 2026-06-10 |
0.1.7 | High risk | 25 | 2026-06-10 |
Block this in CI
pkgradar gate --ecosystem npm @hasna/[email protected]