npm · registry.npmjs.org

@superblocksteam/vite-plugin-file-sync

Credential file access: matched ".npmrc"

Why PkgRadar flagged 2.0.130-next.0

Severity	Signal	Evidence
medium	Credential file access	matched ".npmrc" · package/dist/ai-service/app-interface/npm-registry.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`2.0.130-next.0`	Review	7	2026-06-12
`2.0.129`	Review	7	2026-06-11
`2.0.128`	Review	7	2026-06-11
`2.0.129-next.0`	Review	7	2026-06-11
`2.0.128-next.2`	Review	7	2026-06-10
`2.0.128-next.1`	Review	7	2026-06-10
`2.0.128-next.0`	Review	7	2026-06-10
`2.0.3-next.46`	Low risk	0	2026-06-10
`2.0.127`	Review	7	2026-06-08
`2.0.126`	Review	7	2026-06-08
`2.0.127-next.0`	Review	7	2026-06-08
`2.0.126-next.0`	Review	7	2026-06-07
`2.0.125`	Review	7	2026-06-05
`2.0.125-next.0`	Review	7	2026-06-05
`2.0.124`	Review	7	2026-06-04
`2.0.124-next.1`	Review	7	2026-06-04
`2.0.124-next.2`	Review	7	2026-06-04
`2.0.124-next.0`	Review	7	2026-06-02
`2.0.123-next.0`	Review	38	2026-05-29
`2.0.123`	Review	38	2026-05-29
`2.0.122-next.0`	Review	38	2026-05-28
`2.0.122`	Review	38	2026-05-28
`2.0.121-next.0`	Review	14	2026-05-27
`2.0.121`	Review	14	2026-05-27
`2.0.120-next.1`	Review	14	2026-05-26
`2.0.120-next.0`	Review	14	2026-05-26
`2.0.119`	Review	7	2026-05-25
`2.0.119-next.0`	Review	14	2026-05-25
`2.0.119-next.1`	Review	7	2026-05-25

Block this in CI

PkgRadar gates @superblocksteam/vite-plugin-file-sync (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @superblocksteam/[email protected]