npm · registry.npmjs.org

basedpyright

Large Javascript Payload: 3919491 bytes

Why PkgRadar flagged 1.39.6-c8f6bcdf043e65605f3e1774f2abe6253882b8f2

Severity	Signal	Evidence
medium	Large Javascript Payload	3919491 bytes · package/dist/pyright-langserver.js
medium	Large Javascript Payload	4210210 bytes · package/dist/pyright.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`1.39.8-fab7323c03bfa17db61cf63457beee9e484fde80`	Low risk	0	2026-06-14
`1.39.7-784a555c9b760e99e211f14846a93183ee0cff6a`	Low risk	0	2026-06-14
`1.39.8`	Low risk	0	2026-06-14
`1.39.7-fa989db2efc0e214e283498a81ec4918f1e1bc23`	Low risk	0	2026-06-13
`1.39.7-406e0821e851b47d5583e26839b0182e4e3b7c61`	Low risk	0	2026-06-13
`1.39.7-8863ff126721cc1c28f1cd82c57ac7e7e3cf1dd1`	Low risk	0	2026-06-09
`1.39.7-c9a757d246d3301e992796278216a2120b8163b0`	Low risk	0	2026-06-07
`1.39.7`	Low risk	0	2026-06-07
`1.39.6-9cf5aad404b167a2d8bce3ecdd6a5eb4b398d0f4`	Low risk	0	2026-06-05
`1.39.6-4797d36813036d64ed0131f515d157c83384a20a`	Low risk	0	2026-06-03
`1.39.6-478f6bbb44780a25833a8679a6ff8407b8c7e72d`	Low risk	0	2026-06-02
`1.39.6-89eb24fcc15ead69b639c5ae77ffc4761a6376c3`	Low risk	0	2026-06-01
`1.39.6-25df30e2c92affa6d3332feb32c70d865a3bad0c`	Low risk	0	2026-05-29
`1.39.6-5a24c7faaa7f7d68b1550702d9aa738b7aa78ea9`	Low risk	0	2026-05-29
`1.39.6-c8f6bcdf043e65605f3e1774f2abe6253882b8f2`	Review	10	2026-05-28
`1.39.6-73e641fdfe5bede15fc9b9a15db4e9d039a8edb5`	Review	10	2026-05-27
`1.39.6-52c60739fc220f19fb62b0d521a85a45855292a2`	Review	10	2026-05-27
`1.39.6-ad82d91ce241116737e65e660c5420dd0366f405`	Review	20	2026-05-24
`1.39.5-636dc8c9df17c0c83694340012f915ab2e8e182e`	Review	20	2026-05-24
`1.39.6`	Review	20	2026-05-24
`1.39.5-f133f3d6b9a4ef3cf2d53a929a053875e1effbe4`	Review	20	2026-05-24
`1.39.5-29e303a1b0b5f401f21c28fe3ea7da4b9db09e35`	Review	20	2026-05-24

Block this in CI

PkgRadar gates basedpyright (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]