PkgRadar

npm · registry.npmjs.org

@umijs/bundler-webpack

Obfuscation Density: high encoded/escaped-token density

Why PkgRadar flagged 4.6.57

SeveritySignalEvidence
mediumObfuscation Densityhigh encoded/escaped-token density · package/compiled/file-loader/index.js
mediumObfuscation Densityhigh encoded/escaped-token density · package/compiled/webpackbar/index.js
mediumLarge Javascript Payload2814081 bytes · package/compiled/sass-loader/index.js
mediumLarge Javascript Payload6101794 bytes · package/compiled/webpack/index.js

Scanned versions

VersionVerdictScoreScanned (UTC)
4.6.61Low risk02026-06-06
4.6.59Low risk02026-06-03
4.6.58Low risk02026-06-03
4.6.57Review132026-05-27
4.6.55Review702026-05-25
4.6.56Review702026-05-25

Block this in CI

PkgRadar gates @umijs/bundler-webpack (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @umijs/[email protected]
Start free — 25 scans / moView full evidence
@umijs/bundler-webpack — npm security scan | PkgRadar