npm · registry.npmjs.org
@pnp/cli-microsoft365
Obfuscation Density: high encoded/escaped-token density
Why PkgRadar flagged 11.9.0-beta.0365d84
| Severity | Signal | Evidence |
|---|---|---|
| medium | Obfuscation Density | high encoded/escaped-token density · package/npm-shrinkwrap.json |
| medium | Credential file access | matched ".azure" · package/dist/m365/spfx/commands/project/project-azuredevops-pipeline-add.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
11.9.0-beta.f8dc984 | Low risk | 0 | 2026-06-08 |
11.9.0-beta.93bd508 | Low risk | 0 | 2026-06-07 |
11.9.0-beta.16abf04 | Low risk | 0 | 2026-06-07 |
11.9.0-beta.16af377 | Low risk | 0 | 2026-06-07 |
11.9.0-beta.69c1186 | Low risk | 0 | 2026-06-03 |
11.9.0-beta.7b34e40 | Low risk | 0 | 2026-05-28 |
11.9.0-beta.0365d84 | Review | 14 | 2026-05-27 |
11.9.0-beta.8c1ee05 | Review | 10 | 2026-05-27 |
11.8.0 | Review | 50 | 2026-05-24 |
11.9.0-beta.606e85e | Review | 50 | 2026-05-24 |
Block this in CI
pkgradar gate --ecosystem npm @pnp/[email protected]