PkgRadar

npm · registry.npmjs.org

heic-to

Large Javascript Payload: 2995170 bytes

Why PkgRadar flagged 1.5.1

SeveritySignalEvidence
mediumLarge Javascript Payload2995170 bytes · package/dist/csp/heic-to.js
mediumLarge Javascript Payload2996232 bytes · package/dist/heic-to.js
mediumLarge Javascript Payload2999444 bytes · package/dist/iife/heic-to.js
mediumLarge Javascript Payload2996152 bytes · package/dist/next/heic-to.js
mediumLarge Javascript Payload2995170 bytes · package/dist/csp/heic-to.min.js
mediumLarge Javascript Payload2996232 bytes · package/dist/heic-to.min.js
mediumLarge Javascript Payload3160345 bytes · package/src/lib/libheif-without-unsafe-eval.js
mediumLarge Javascript Payload3161807 bytes · package/src/lib/libheif.js

Scanned versions

VersionVerdictScoreScanned (UTC)
1.5.1Review242026-05-26
1.5.2Review242026-05-26

Block this in CI

PkgRadar gates heic-to (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem npm [email protected]
Start free — 25 scans / moView full evidence