npm · registry.npmjs.org
@lvce-editor/static-server
Credential file access: matched ".npmrc"
Why PkgRadar flagged 0.81.10
| Severity | Signal | Evidence |
|---|---|---|
| high | Credential file access | matched ".npmrc" · package/static/ec38d11/extensions/builtin.vscode-icons/icon-theme.json |
| medium | Obfuscation Density | high encoded/escaped-token density · package/static/ec38d11/js/babel-parser.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/static/ec38d11/packages/chat-math-worker/dist/chatMathWorkerMain.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/static/ec38d11/packages/error-worker/dist/errorWorkerMain.js |
| medium | Remote Payload | matched "cUrl " · package/static/ec38d11/packages/extension-host-worker/dist/extensionHostWorkerMain.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/static/ec38d11/packages/renderer-process/dist/rendererProcessMain.js |
| medium | Remote Payload | matched "cURL\n " · package/static/ec38d11/packages/renderer-worker/dist/rendererWorkerMain.js |
| medium | Remote Payload | matched "github.com/${repository}/releases/download" · package/static/ec38d11/packages/update-worker/dist/updateWorkerMain.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.83.1 | Low risk | 0 | 2026-06-03 |
0.83.0 | Low risk | 0 | 2026-06-02 |
0.82.7 | Low risk | 0 | 2026-05-31 |
0.82.6 | Low risk | 0 | 2026-05-29 |
0.82.5 | Low risk | 0 | 2026-05-29 |
0.82.4 | Low risk | 0 | 2026-05-29 |
0.82.2 | Low risk | 0 | 2026-05-29 |
0.82.3 | Low risk | 0 | 2026-05-29 |
0.82.1 | Low risk | 0 | 2026-05-28 |
0.81.15 | Low risk | 0 | 2026-05-28 |
0.82.0 | Low risk | 0 | 2026-05-28 |
0.81.14 | Low risk | 0 | 2026-05-27 |
0.81.13 | Low risk | 0 | 2026-05-26 |
0.81.12 | Low risk | 0 | 2026-05-25 |
0.81.10 | Review | 66 | 2026-05-24 |
0.81.11 | Review | 66 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm @lvce-editor/[email protected]