npm · registry.npmjs.org

@loicngr/kobo

Large Javascript Payload: 2537640 bytes

Why PkgRadar flagged 1.7.19

Severity	Signal	Evidence
medium	Large Javascript Payload	2537640 bytes · package/src/client/dist/spa/assets/editor.api-B85Aec2m.js
medium	Large Javascript Payload	5937330 bytes · package/src/client/dist/spa/assets/ts.worker-Cj3zTgVE.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`1.8.0`	Low risk	0	2026-06-12
`1.7.34`	Low risk	0	2026-06-12
`1.7.32`	Low risk	0	2026-06-12
`1.7.31`	Low risk	0	2026-06-10
`1.7.30`	Low risk	0	2026-06-08
`1.7.29`	Low risk	0	2026-06-05
`1.7.28`	Low risk	0	2026-06-04
`1.7.27`	Low risk	0	2026-06-04
`1.7.26`	Low risk	0	2026-06-03
`1.7.25`	Low risk	0	2026-06-02
`1.7.24`	Low risk	0	2026-05-30
`1.7.23`	Low risk	0	2026-05-30
`1.7.22`	Low risk	0	2026-05-29
`1.7.21`	Low risk	0	2026-05-29
`1.7.19`	Review	7	2026-05-25
`1.7.20`	Review	7	2026-05-25

Block this in CI

PkgRadar gates @loicngr/kobo (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @loicngr/[email protected]