npm · registry.npmjs.org

flame-plus

Large Javascript Payload: 2339310 bytes

Why PkgRadar flagged 1.5.30

Severity	Signal	Evidence
medium	Large Javascript Payload	2339310 bytes · package/flameDist/flame-plus.es.js

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`1.5.47`	Low risk	0	2026-06-02
`1.5.43`	Low risk	0	2026-06-02
`1.5.42`	Low risk	0	2026-06-01
`1.5.41`	Low risk	0	2026-06-01
`1.5.40`	Low risk	0	2026-05-31
`1.5.39`	Low risk	0	2026-05-31
`1.5.38`	Low risk	0	2026-05-31
`1.5.36`	Low risk	0	2026-05-31
`1.5.34`	Low risk	0	2026-05-31
`1.5.35`	Low risk	0	2026-05-31
`1.5.33`	Low risk	0	2026-05-30
`1.5.32`	Low risk	0	2026-05-30
`1.5.31`	Low risk	0	2026-05-30
`1.5.30`	Review	5	2026-05-28
`1.5.28`	Review	5	2026-05-27
`1.5.29`	Review	5	2026-05-27
`1.5.27`	Review	22	2026-05-24
`1.5.26`	Review	22	2026-05-24

Block this in CI

PkgRadar gates flame-plus (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]