npm · registry.npmjs.org
chrome-devtools-frontend
Known Indicator Filename: package/front_end/third_party/lighthouse/report/bundle.js
Why PkgRadar flagged 1.0.1636056
| Severity | Signal | Evidence |
|---|---|---|
| high | Known Indicator Filename | package/front_end/third_party/lighthouse/report/bundle.js · package/front_end/third_party/lighthouse/report/bundle.js |
| high | Js Decode Then Exec | base64 / atob / fromCharCode decode paired with eval / new Function in the same file — canonical obfuscated-loader pattern. · package/front_end/third_party/puppeteer/package/lib/es5-iife/puppeteer-core-browser.js |
| high | Js Split Join Obfuscation | Array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis. · package/front_end/third_party/axe-core/axe.js |
| high | Js Split Join Obfuscation | Array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis. · package/front_end/third_party/axe-core/axe.min.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/front_end/third_party/json5/lib/index.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/front_end/third_party/codemirror/package/mode/markdown/markdown.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/front_end/third_party/marked/package/lib/marked.js |
| medium | Obfuscation Density | high encoded/escaped-token density · package/front_end/third_party/codemirror/package/src/util/misc.js |
| medium | Large Javascript Payload | 6350113 bytes · package/front_end/third_party/lighthouse/lighthouse-dt-bundle.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
1.0.1645245 | Low risk | 0 | 2026-06-13 |
1.0.1643855 | Low risk | 0 | 2026-06-11 |
1.0.1643099 | Low risk | 0 | 2026-06-10 |
1.0.1642899 | Low risk | 0 | 2026-06-09 |
1.0.1642845 | Low risk | 0 | 2026-06-08 |
1.0.1642246 | Low risk | 0 | 2026-06-07 |
1.0.1641723 | Low risk | 0 | 2026-06-06 |
1.0.1640841 | Low risk | 0 | 2026-06-05 |
1.0.1640418 | Low risk | 0 | 2026-06-04 |
1.0.1638082 | Low risk | 0 | 2026-05-30 |
1.0.1636056 | Review | 59 | 2026-05-28 |
1.0.1635876 | Review | 36 | 2026-05-27 |
1.0.1632065 | Review | 36 | 2026-05-26 |
1.0.1635648 | Review | 36 | 2026-05-26 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]