npm · registry.npmjs.org

gen-api-types

Install-time lifecycle script: preinstall="echo preinstall 。。。"

Why PkgRadar flagged 1.0.5

Severity	Signal	Evidence
high	New Lifecycle Script Vs Previous	preinstall added in 1.0.5 vs 1.0.4: "echo preinstall 。。。" · package.json
high	New Lifecycle Script Vs Previous	postinstall added in 1.0.5 vs 1.0.4: "echo postinstall 。。。" · package.json

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`1.0.12`	Review	7	2026-06-16
`1.0.11`	Review	10	2026-06-16
`1.0.10`	Review	10	2026-06-16
`1.0.9`	Review	10	2026-06-16
`1.0.3`	Low risk	0	2026-06-16
`1.0.4`	Low risk	0	2026-06-16
`1.0.5`	High risk	90	2026-06-16
`1.0.8`	Review	10	2026-06-16

Campaign attribution

Block this in CI

PkgRadar gates gen-api-types (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]