npm · registry.npmjs.org

chromatic

DNS / OAST exfiltration: matched "dns.lookup"

Why PkgRadar flagged 17.2.0--canary.1355.26536148123.0

Severity	Signal	Evidence
high	DNS / OAST exfiltration	matched "dns.lookup" · package/dist/main-BgvKVjYk.cjs
medium	Obfuscation Density	high encoded/escaped-token density · package/dist/init-O6sGg0Ye.cjs
medium	Large Javascript Payload	2541127 bytes · package/dist/node-src-BSNNFH7-.cjs
medium	Large Javascript Payload	2450621 bytes · package/dist/turbosnap-BhwwSReQ.cjs

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`17.5.0--canary.1390.27647989719.0`	Low risk	0	2026-06-16
`17.5.0--canary.1391.27647561872.0`	Low risk	0	2026-06-16
`17.4.2--canary.1396.27636324640.0`	Low risk	0	2026-06-16
`17.4.2--canary.1396.27618907020.0`	Low risk	0	2026-06-16
`17.4.2--canary.1396.27618878539.0`	Low risk	0	2026-06-16
`17.4.2--canary.1396.27618906955.0`	Low risk	0	2026-06-16
`17.5.0--canary.1390.27618112498.0`	Low risk	0	2026-06-16
`17.4.2--canary.1395.27567214609.0`	Low risk	0	2026-06-15
`17.4.2--canary.1395.27565425030.0`	Low risk	0	2026-06-15
`17.4.2--canary.1395.27564124121.0`	Low risk	0	2026-06-15
`17.5.0--canary.1390.27563994345.0`	Low risk	0	2026-06-15
`17.4.2--canary.1395.27563557720.0`	Low risk	0	2026-06-15
`17.4.2--canary.1395.27563583567.0`	Low risk	0	2026-06-15
`17.4.2--canary.1395.27563555695.0`	Low risk	0	2026-06-15
`17.4.2--canary.1395.27563582471.0`	Low risk	0	2026-06-15
`17.5.0--canary.1391.27561992039.0`	Low risk	0	2026-06-15
`17.4.2--canary.1395.27559306013.0`	Low risk	0	2026-06-15
`17.4.2--canary.1395.27558273487.0`	Low risk	0	2026-06-15
`17.5.0--canary.1390.27548118373.0`	Low risk	0	2026-06-15
`17.4.2--canary.1392.27548118227.0`	Low risk	0	2026-06-15
`17.4.2--canary.1392.27548118284.0`	Low risk	0	2026-06-15
`17.5.0--canary.1394.27443721666.0`	Low risk	0	2026-06-12
`17.5.0--canary.1394.27443278067.0`	Low risk	0	2026-06-12
`17.5.0--canary.1394.27443278239.0`	Low risk	0	2026-06-12
`17.5.0--canary.1394.27443278039.0`	Low risk	0	2026-06-12
`17.4.2--canary.1393.27435307795.0`	Low risk	0	2026-06-12
`17.4.2--canary.1393.27435308153.0`	Low risk	0	2026-06-12
`17.4.2--canary.1392.27434919805.0`	Low risk	0	2026-06-12
`17.4.2--canary.1389.27434918549.0`	Low risk	0	2026-06-12
`17.4.2--canary.1393.27434919046.0`	Low risk	0	2026-06-12
`17.4.2--canary.1392.27434919740.0`	Low risk	0	2026-06-12
`17.4.2--canary.1393.27434056282.0`	Low risk	0	2026-06-12
`17.4.2--canary.1393.27423031350.0`	Low risk	0	2026-06-12
`17.4.2--canary.1392.27418109128.0`	Low risk	0	2026-06-12
`17.4.2--canary.1392.27418016999.0`	Low risk	0	2026-06-12
`17.4.2--canary.1392.27367989210.0`	Low risk	0	2026-06-11
`17.4.2--canary.1392.27360106835.0`	Low risk	0	2026-06-11
`17.4.2--canary.1385.27358949313.0`	Low risk	0	2026-06-11
`17.4.1`	Low risk	0	2026-06-11
`17.5.0--canary.1391.27305254386.0`	Low risk	0	2026-06-11
`17.4.1--canary.1392.27357893613.0`	Low risk	0	2026-06-11
`17.4.1--canary.1392.27357928440.0`	Low risk	0	2026-06-11
`17.5.0--canary.1391.27303719697.0`	Low risk	0	2026-06-10
`17.5.0--canary.1391.27296142833.0`	Low risk	0	2026-06-10
`17.5.0--canary.1391.27296143358.0`	Low risk	0	2026-06-10
`17.4.1--canary.1389.27295086586.0`	Low risk	0	2026-06-10
`17.4.1--canary.1389.27293481026.0`	Low risk	0	2026-06-10
`17.4.1--canary.1389.27287570618.0`	Low risk	0	2026-06-10
`17.4.1--canary.1389.27287570841.0`	Low risk	0	2026-06-10
`17.4.1--canary.1389.27280651501.0`	Low risk	0	2026-06-10
`17.4.1--canary.1389.27279589284.0`	Low risk	0	2026-06-10
`17.4.1--canary.1388.27279488773.0`	Low risk	0	2026-06-10
`17.4.1--canary.1389.27279558481.0`	Low risk	0	2026-06-10
`17.5.0--canary.1390.27278495931.0`	Low risk	0	2026-06-10
`17.4.1--canary.1389.27223390925.0`	Low risk	0	2026-06-09
`17.4.1--canary.1388.27221952020.0`	Low risk	0	2026-06-09
`17.4.1--canary.1388.27222287987.0`	Low risk	0	2026-06-09
`17.4.1--canary.1388.27221067527.0`	Low risk	0	2026-06-09
`17.4.1--canary.1387.27219813902.0`	Low risk	0	2026-06-09
`17.5.0--canary.1355.27219815689.0`	Low risk	0	2026-06-09
`17.4.0`	Low risk	0	2026-06-09
`17.3.1--canary.1388.27215066280.0`	Low risk	0	2026-06-09
`17.3.1--canary.1388.27215066817.0`	Low risk	0	2026-06-09
`17.3.1--canary.1388.27214787291.0`	Low risk	0	2026-06-09
`17.3.1--canary.1386.27208927045.0`	Low risk	0	2026-06-09
`17.3.1--canary.1388.27213138354.0`	Low risk	0	2026-06-09
`17.3.1--canary.1386.27208664488.0`	Low risk	0	2026-06-09
`17.3.1--canary.1384.27208623758.0`	Low risk	0	2026-06-09
`17.3.1--canary.1386.27208523439.0`	Low risk	0	2026-06-09
`17.3.1--canary.1386.27208523526.0`	Low risk	0	2026-06-09
`17.3.1--canary.1386.27207147512.0`	Low risk	0	2026-06-09
`17.3.1--canary.1384.27207146494.0`	Low risk	0	2026-06-09
`17.3.1--canary.1384.27207147320.0`	Low risk	0	2026-06-09
`17.3.1--canary.1386.27157219536.0`	Low risk	0	2026-06-08
`17.4.0--canary.1355.27156867058.0`	Low risk	0	2026-06-08
`17.3.1--canary.1386.27156789077.0`	Low risk	0	2026-06-08
`17.3.1--canary.1386.27156789180.0`	Low risk	0	2026-06-08
`17.3.1--canary.1386.27155812703.0`	Low risk	0	2026-06-08
`17.3.1--canary.1379.27153568836.1`	Low risk	0	2026-06-08
`17.3.1--canary.1384.27153569135.0`	Low risk	0	2026-06-08
`17.3.1--canary.1379.27153568836.0`	Low risk	0	2026-06-08
`17.3.1--canary.1386.27153568529.0`	Low risk	0	2026-06-08
`17.3.1--canary.1387.27152391382.0`	Low risk	0	2026-06-08
`17.3.1--canary.1387.27152392037.0`	Low risk	0	2026-06-08
`17.3.1--canary.1387.27152309165.0`	Low risk	0	2026-06-08
`17.3.1--canary.1387.27152144324.0`	Low risk	0	2026-06-08
`17.3.1--canary.1385.27151279719.0`	Low risk	0	2026-06-08
`17.3.1--canary.1385.27151279854.0`	Low risk	0	2026-06-08
`17.4.0--canary.1355.27149150268.0`	Low risk	0	2026-06-08
`17.3.1--canary.1386.27148035909.0`	Low risk	0	2026-06-08
`17.3.1--canary.1379.27148025361.0`	Low risk	0	2026-06-08
`17.3.1--canary.1384.27148025383.0`	Low risk	0	2026-06-08
`17.4.0--canary.1355.27147400859.0`	Low risk	0	2026-06-08
`17.3.1--canary.1385.27040599853.0`	Low risk	0	2026-06-05
`17.3.1--canary.1384.27032162407.0`	Low risk	0	2026-06-05
`17.3.1--canary.1384.27032210877.0`	Low risk	0	2026-06-05
`17.3.1--canary.1370.27027422564.0`	Low risk	0	2026-06-05
`17.3.1--canary.1363.27027430128.0`	Low risk	0	2026-06-05
`17.2.1--canary.1378.27016392028.0`	Low risk	0	2026-06-05
`17.2.1--canary.1378.27016488349.0`	Low risk	0	2026-06-05
`17.2.1--canary.1379.27015346107.0`	Low risk	0	2026-06-05
`17.2.1--canary.1378.27015346381.0`	Low risk	0	2026-06-05
`17.2.1--canary.1382.26982209014.0`	Low risk	0	2026-06-04
`17.2.1--canary.1382.26982337362.0`	Low risk	0	2026-06-04
`17.2.1--canary.1378.26969490124.0`	Low risk	0	2026-06-04
`17.2.1--canary.1379.26969534473.0`	Low risk	0	2026-06-04
`17.3.0--canary.1371.26962841994.0`	Low risk	0	2026-06-04
`17.3.0--canary.1371.26962919902.0`	Low risk	0	2026-06-04
`17.2.1--canary.1375.26916484540.0`	Low risk	0	2026-06-03
`17.2.1--canary.1375.26916509418.0`	Low risk	0	2026-06-03
`17.2.1--canary.1358.26903778861.0`	Low risk	0	2026-06-03
`17.2.1--canary.1358.26904370964.0`	Low risk	0	2026-06-03
`17.2.1--canary.1358.26886868862.0`	Low risk	0	2026-06-03
`17.3.0--canary.1371.26848227170.0`	Low risk	0	2026-06-02
`17.3.0--canary.1371.26848227459.0`	Low risk	0	2026-06-02
`17.2.1--canary.1358.26839158251.0`	Low risk	0	2026-06-02
`17.2.1--canary.1371.26839294469.0`	Low risk	0	2026-06-02
`17.2.1--canary.1370.26830061500.0`	Low risk	0	2026-06-02
`17.2.1--canary.1371.26832459338.0`	Low risk	0	2026-06-02
`17.2.1--canary.1363.26780504081.0`	Low risk	0	2026-06-01
`17.2.1--canary.1363.26780933490.0`	Low risk	0	2026-06-01
`17.1.1--canary.1358.26773070103.0`	Low risk	0	2026-06-01
`17.2.0--canary.1357.26585195755.0`	Low risk	0	2026-05-28
`17.2.0--canary.1357.26585959187.0`	Low risk	0	2026-05-28
`17.2.0--canary.1355.26536148123.0`	Review	18	2026-05-28
`17.2.0--canary.1355.26536150898.0`	Review	18	2026-05-28
`17.0.2--canary.1347.26464721359.0`	Review	18	2026-05-26
`17.0.2--canary.1340.26464723943.0`	Review	18	2026-05-26

Block this in CI

PkgRadar gates chromatic (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]

Start free — 25 scans / mo View full evidence