npm · registry.npmjs.org
jfs-components
Js Split Join Obfuscation: Array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis.
Why PkgRadar flagged 0.1.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Js Split Join Obfuscation | Array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis. · package/lib/commonjs/components/LottiePlayer/loadNativeLottieView.js |
| high | Js Split Join Obfuscation | Array-of-single-tokens joined to form a string — used to obscure module names like require(["n","o","de",":","cr","yp","to"].join("")), defeating static require() analysis. · package/lib/module/components/LottiePlayer/loadNativeLottieView.js |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.1.8 | Review | 5 | 2026-06-12 |
0.1.2 | Review | 5 | 2026-06-10 |
0.1.0 | High risk | 55 | 2026-06-10 |
0.0.99 | High risk | 55 | 2026-06-10 |
0.0.95 | High risk | 55 | 2026-06-10 |
0.0.86 | High risk | 55 | 2026-06-10 |
0.0.85 | High risk | 55 | 2026-06-10 |
0.0.84 | High risk | 55 | 2026-06-10 |
0.0.79 | High risk | 55 | 2026-06-10 |
0.0.78 | High risk | 55 | 2026-06-10 |
0.0.74 | Review | 25 | 2026-05-25 |
0.0.77 | Review | 25 | 2026-05-25 |
Block this in CI
pkgradar gate --ecosystem npm [email protected]