npm · registry.npmjs.org

dealpos

Obfuscation Density: high encoded/escaped-token density

Why PkgRadar flagged 26.20.3

Severity	Signal	Evidence
medium	Obfuscation Density	high encoded/escaped-token density · package/browser/chunk-NVRMZQQR.js
medium	Obfuscation Density	high encoded/escaped-token density · package/browser/chunk-Q7OVBNEW.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`26.23.3`	Low risk	0	2026-06-17
`26.22.9`	Low risk	0	2026-06-17
`26.23.2`	Low risk	0	2026-06-17
`26.23.1`	Low risk	0	2026-06-12
`26.22.5`	Low risk	0	2026-06-12
`26.22.4`	Low risk	0	2026-06-11
`26.23.0`	Low risk	0	2026-06-10
`9.9.8`	Low risk	0	2026-06-10
`26.22.3`	Low risk	0	2026-06-10
`26.22.2`	Low risk	0	2026-06-09
`26.21.9`	Low risk	0	2026-06-08
`26.22.1`	Low risk	0	2026-06-08
`26.22.0`	Low risk	0	2026-06-06
`26.21.6`	Low risk	0	2026-06-05
`26.21.5`	Low risk	0	2026-06-05
`26.21.4`	Low risk	0	2026-06-04
`26.21.98`	Low risk	0	2026-06-04
`26.21.99`	Low risk	0	2026-06-04
`26.21.3`	Low risk	0	2026-06-03
`26.21.1`	Low risk	0	2026-06-02
`26.21.2`	Low risk	0	2026-06-02
`26.20.9`	Low risk	0	2026-05-31
`26.20.3`	Review	7	2026-05-28
`26.20.4`	Review	7	2026-05-28
`26.19.9`	Review	7	2026-05-28
`26.20.2`	Review	8	2026-05-27
`26.20.1`	Review	14	2026-05-25
`26.21.0`	Review	14	2026-05-25

Block this in CI

PkgRadar gates dealpos (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]