npm · registry.npmjs.org

@zeniai/web-app-ui

Js Decode Then Exec: base64 / atob / fromCharCode decode paired with eval / new Function in the same file — canonical obfuscated-loader pattern.

Why PkgRadar flagged 5.1.64-dev

Severity	Signal	Evidence
high	Js Decode Then Exec	base64 / atob / fromCharCode decode paired with eval / new Function in the same file — canonical obfuscated-loader pattern. · package/dist/assets/pdf-CojJ326Z.js
high	Js Split Join Obfuscation	Array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis. · package/dist/assets/lottie-Byecfo2L.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`5.1.82-betaDI1`	Low risk	0	2026-06-13
`5.1.84-prod`	Low risk	0	2026-06-12
`5.1.84-next`	Low risk	0	2026-06-12
`5.1.84-qa`	Low risk	0	2026-06-12
`5.1.84-dev`	Low risk	0	2026-06-12
`5.1.83-prod`	Low risk	0	2026-06-10
`5.1.83-next`	Low risk	0	2026-06-10
`5.1.83-qa`	Low risk	0	2026-06-10
`5.1.83-dev`	Low risk	0	2026-06-10
`5.1.82-qa`	Low risk	0	2026-06-10
`4.13.29-dev`	Low risk	0	2026-06-10
`5.0.64-next`	Low risk	0	2026-06-10
`5.1.82-dev`	Low risk	0	2026-06-10
`4.14.24-delhi-betaRR0`	Low risk	0	2026-06-10
`4.14.24-delhi-betaAK2`	Low risk	0	2026-06-10
`5.1.81-prod`	Low risk	0	2026-06-09
`5.1.81-next`	Low risk	0	2026-06-09
`5.1.81-dev`	Low risk	0	2026-06-09
`5.1.80-dev`	Low risk	0	2026-06-09
`5.1.80-qa`	Low risk	0	2026-06-09
`5.1.79-qa`	Low risk	0	2026-06-09
`5.1.79-dev`	Low risk	0	2026-06-09
`5.1.78-qa`	Low risk	0	2026-06-08
`5.1.78-dev`	Low risk	0	2026-06-08
`5.1.77-qa`	Low risk	0	2026-06-08
`5.1.77-dev`	Low risk	0	2026-06-08
`5.1.76-prod`	Low risk	0	2026-06-08
`5.1.76-next`	Low risk	0	2026-06-08
`5.1.76-qa`	Low risk	0	2026-06-08
`5.1.76-dev`	Low risk	0	2026-06-08
`5.1.75-dev`	Low risk	0	2026-06-08
`5.1.75-qa`	Low risk	0	2026-06-08
`5.1.74-dev`	Low risk	0	2026-06-06
`5.1.73-prod`	Low risk	0	2026-06-05
`5.1.73-dev`	Low risk	0	2026-06-05
`5.1.73-qa`	Low risk	0	2026-06-05
`5.1.72-prod`	Low risk	0	2026-06-05
`5.1.72-qa`	Low risk	0	2026-06-05
`5.1.71-dev`	Low risk	0	2026-06-05
`5.1.70-dev`	Low risk	0	2026-06-05
`5.1.69-dev`	Low risk	0	2026-06-03
`5.1.69-qa`	Low risk	0	2026-06-03
`5.1.68-prod`	Low risk	0	2026-06-03
`5.1.68-next`	Low risk	0	2026-06-03
`5.1.68-qa`	Low risk	0	2026-06-03
`5.1.68-dev`	Low risk	0	2026-06-03
`5.1.67-prod`	Low risk	0	2026-06-01
`5.1.67-next`	Low risk	0	2026-06-01
`5.1.67-qa`	Low risk	0	2026-06-01
`5.1.67-dev`	Low risk	0	2026-06-01
`5.1.66-dev`	Low risk	0	2026-05-30
`5.1.66-qa`	Low risk	0	2026-05-30
`5.1.65-next`	Low risk	0	2026-05-29
`5.1.65-prod`	Low risk	0	2026-05-29
`5.1.64-dev`	Review	25	2026-05-29
`5.1.64-qa`	Review	25	2026-05-29
`5.1.62-dev`	Review	25	2026-05-29
`5.1.62-qa`	Review	25	2026-05-29
`5.1.61-dev`	Review	25	2026-05-28
`5.1.61-qa`	Review	25	2026-05-28
`5.1.55-pune-betaAS1`	Review	6	2026-05-27
`5.1.40-sunnyvale-betaNB1`	Review	6	2026-05-27
`5.1.44-qa`	Review	6	2026-05-26
`5.1.45-dev`	Review	6	2026-05-26
`5.1.43-next`	Review	6	2026-05-26
`5.1.43-prod`	Review	6	2026-05-26
`5.1.37-qa`	Review	10	2026-05-26
`5.1.37-dev`	Review	10	2026-05-26
`5.1.36-dev-betaAR1`	Review	10	2026-05-25
`5.1.36-mohali-betaAR1`	Review	20	2026-05-25
`5.1.36-qa`	Review	20	2026-05-25
`5.1.35-dev-betaAN3`	Review	20	2026-05-25
`5.1.36-dev`	Review	20	2026-05-25

Block this in CI

PkgRadar gates @zeniai/web-app-ui (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm @zeniai/[email protected]

Start free — 25 scans / mo View full evidence