PkgRadar

npm · registry.npmjs.org

@neutron.co.id/operasional-operation

Manifest Codeless Dependency Stub: package ships no JS/TS source but declares 16 dependency(ies) (0 with loose/empty version specs) — dependency-confusion / install-chain loader shape

Why PkgRadar flagged 1.12.31

SeveritySignalEvidence
mediumManifest Codeless Dependency Stubpackage ships no JS/TS source but declares 16 dependency(ies) (0 with loose/empty version specs) — dependency-confusion / install-chain loader shape · package.json

Scanned versions

VersionVerdictScoreScanned (UTC)
1.12.32Low risk02026-06-08
1.12.31Review72026-06-08
1.12.29Low risk02026-06-06
1.12.30Low risk02026-06-06
1.12.28Low risk02026-05-29
1.12.25Low risk02026-05-29
1.12.27Low risk02026-05-29

Block this in CI

PkgRadar gates @neutron.co.id/operasional-operation (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @neutron.co.id/[email protected]
Start free — 25 scans / moView full evidence
@neutron.co.id/operasional-operation — npm security scan | PkgRadar